Closed d0gkiller87 closed 3 years ago
Windows 1809 Build 17763.1577, PowerShell 1.0
| OK | None | SCHEDULED TASKS > Binary Permissions | | OK | None | SCHEDULED TASKS > Unquoted Path | | OK | None | SCHEDULED TASKS > Binary Permissions | | OK | None | SCHEDULED TASKS > Unquoted Path |
The configuration above allows the program/script (runs with a high privilege) to be changed by anyone. However PrivescCheck failed to detect it.
My mistake. The task was not accessible by the low privilege account at all. Thus PrivescCheck cannot get the information at all is reasonable.
Test Environment:
Windows 1809 Build 17763.1577, PowerShell 1.0
Steps to Reproduce:
Description:
The configuration above allows the program/script (runs with a high privilege) to be changed by anyone. However PrivescCheck failed to detect it.