Overview

Looks for locations or vulnerabilities for running from standard user to elevated user. It currently looks for modifiable services and service binaries.

Dependencies

• credentials

Operating Systems

• Windows

Example

Survey-PrivilegeEscalation

Output:

ServiceName : AWSConfiguration
Path        : "C:\Program Files\VMware\VMware Tools\vmtoolsd.exe"
State       : Stopped
StartMode   : Auto
User        : LocalSystem
Access      : SERVICE_ALL_ACCESS