Weak Service Permissions

Hi and welcome to this new video! In this video we continue the "Windows Privilege Escalation" series. Specifically, this video focuses on how we can attack windows services by exploiting weak service permissions. If the service configuration is weakly configured, or we can over-write the binary path of the service, then we can use the service as a means to obtain code execution within the target machine as the user account who is currently executing the service. For system services this will be the administrator account, leading to a privilege escalation. I hope you find it helpful, and I would appreciate if you leave your feedback down in the comments, and share this series with like-minded people. Thank you very much! ------------------------- TIMESTAMP 00:00 Introduction 01:05 Weak Permission on Service Configuration 12:13 The dangers of Local System 12:55 Weak Permission on Service Binary 18:30 Service Enumeration with winPEAS 21:27 Conclusion ------------------------- REFERENCES - Material: https://github.com/LeonardoE95/yt-en/tree/main/src/2014-11-04-windows-privesc-weak-service-permissions - Windows Privilege Escalation Awesome Scripts: https://github.com/peass-ng/PEASS-ng/tree/master/winPEAS - Weak Service Permissions: https://www.ired.team/offensive-security/privilege-escalation/weak-service-permissions - Windows local privilege escalation: https://xorond.com/posts/2021/04/windows-local-privilege-escalation/ - Service Misconfiguration: https://www.narycyber.com/posts/privilege-escalation/windows/service-misconfigurations/ - Weak Service Permissions: https://juggernaut-sec.com/weak-service-permissions-windows-privilege-escalation/ - Insecure Service Permissions: https://akimbocore.com/article/privilege-escalation-insecure-service-permissions/ ------------------------- CONTACTS - Blog: https://blog.leonardotamiano.xyz/ - Github: https://github.com/LeonardoE95?tab=repositories - Support: https://www.paypal.com/donate/?hosted_button_id=T49GUPRXALYTQ