Startup Applications

Overview

Similar to , the concept of exploiting startup applications is that we configure a malicious executable as a startup application and hopefully get a Admin shell back when the computer reboots and a Administrator logs in.

Escalation via Startup Applications

View permissions on startup folder using

 icacls.exe "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup"

PreviousExecutable Files NextDLL Hijacking

Last updated 1 year ago

Was this helpful?