.Gex. Posted July 23, 2019 Posted July 23, 2019 Hi, Is anyone familiar with a technique that uses SDDL to change the permission of a service you wouldn't normally have access to stop? Similar to here https://cqureacademy.com/blog/windows-internals/sddl If I create a dummy service I can change the permissions but on processes like Defender and Kaspersky I get access denied even if I use psexec to escalate to nt authority... not sure if I'm doing something wrong or if it's just not possible? Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.