Abusing Other Windows Components

Scheduled Task

Check all scheduled task

#PS
Get-ScheduledTask

#CMD
schtasks /query /fo LIST /v

To check permission for the file, if have Full Permission (F) we can abuse

icacls C:\Users\steve\Pictures\BackendCacheCleanup.exe

Check Windows Version for kernel exploits

systeminfo

Check also for privilege that can be abused like [[SeImpersonatePrivilege]]

whoami /priv

Last updated 1 year ago