Privilege Escalation To Local System Account

FallenZer0
Topic Author
Offline
Premium Member

20 years 5 days ago #6039 by FallenZer0

Privilege Escalation To Local System Account was created by FallenZer0

Hello All,

As you all know Task Scheduler Service runs under the Local System Account.

Imagine this. . . . A Normal User with Minimal Rights does this.

In the Command Prompt types

at time xx:yy /interactive taskmgr.exe where xx:yy is the time the user Schedules to Run the above. Now the taskmgr.exe Starts with *Local System Account* at xx:yy . What can the user do now? In the File Menu, click New Task[Run] and do whatever (s)he wants to do under *System Account*.

I did not experiment with this yet. I thought I would check with you guys here and see what do you think.

Thoughts Appreciated.

-There Is A Foolish Corner In The Brain Of The Wisest Man- Aristotle

sahirh
Offline
Platinum Member

20 years 5 days ago #6042 by sahirh

Replied by sahirh on topic Re: Privilege Escalation To Local System Account

Hehe

No mate it wont work that way.. you will get an access denied..

If you try through scheduled tasks, you will have to specify the username and password of the account you want the process to run as.

Sahir Hidayatullah.
Firewall.cx Staff - Associate Editor & Security Advisor
tftfotw.blogspot.com