Skip to content

0x4D-5A/Invoke-SeRestoreAbuse

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
Invoke-SeRestoreAbuse.ps1
Invoke-SeRestoreAbuse.ps1
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
demo.png
demo.png
 
 

Repository files navigation

Invoke-SeRestoreAbuse

SeRestorePrivilege privilege escalation via Seclogon service hijacking.

Modifies the Seclogon service's ImagePath using SeRestorePrivilege and REG_OPTION_BACKUP_RESTORE to execute arbitrary commands as SYSTEM.

Usage

demo

Legal disclaimer

MIT License - Use only on authorized systems.

Credits

Bryan Alexander Original research
xct SeRestoreAbuse

About

SeRestorePrivilege priv esc

Topics

privilege-escalation oscp serestoreprivilege

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Languages