Abusing Other Windows Components

Scheduled Task

  • Which use does the task executed

  • Trigger what specified task

  • What actions are executed when one or more of these triggers are met

Check all scheduled task

#PS
Get-ScheduledTask

#CMD
schtasks /query /fo LIST /v

To check permission for the file, if have Full Permission (F) we can abuse

icacls C:\Users\steve\Pictures\BackendCacheCleanup.exe

Using Exploits

Check Windows Version for kernel exploits

systeminfo

Check also for privilege that can be abused like [[SeImpersonatePrivilege]]

whoami /priv
PreviousLeveraging Windows ServicesNextRDP

Last updated

Was this helpful?