In this section, we will code a malicious service file to replace the legitimate one. Now, in order to replace the service file, our new malicious service file should be able to communicate with Windows service control manager. For instance, when you manually Start, Stop, Pause, or Resume the service, the Windows service control manager will send a signal or order to the EXE service file and in return, the service file should usually obey the service control manager's order. If, for any reason, the service file or the EXE file did not understand that signal, then the service control manager will fail to start the service and you will get an error saying The service did not respond ...
Privilege escalation – backdooring legitimate windows service
Get Python for Offensive PenTest now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.