Unquoted Service Path
Last updated
Last updated
This will run our scripts and after that, we will analyze our results and we get a process with Restartable permission in our results with a service named AdvancedSystemCareService9.
2. Take close attention to the CanRestart option that is set to true. What is the name of the service which shows up as an unquoted service path vulnerability?
Ans : AdvancedSystemCareService9
Now as we found our service we will now generate a payload for exploiting our target using msfvenom on our machine and then uploading it to our target.
Now letโs move back to our meterpreter shell and do the following process:
Letโs start a Netcat listener in another tab of our terminal
Letโs move back to the shell and start our service again and here comes the juice ๐ง
Congratulations!! we have our Administrator shell in our Netcat listener