Pentest - Windows Privilege Escalation

From Service to `SYSTEM`

Service Account Privileges

Services can be run such that they don’t maintain the privs of NT AUTHORITY\LOCAL SERVICE account, eg with the -k LocalServiceAndNoImpersonation option.

The task scheduler can be used to restore default privs: FullPowers itm4n. After executing FullPowers:

Pentest - Windows Privilege Escalation

From Service to SYSTEM

Service Account Privileges

From Service to `SYSTEM`