Windows Services


I don’t understand what else am I really supposed to do here.
I completed all the steps of the guided exercise, multiple reboots for my service and I’m guessing that part is done. Can @JosephWhite or somebody who has cracked help me with what am I missing and how to execute the challenge?
Any and every input is appreciated. Thanks Much.

Also @JosephWhite i have spent quite a while doing the challenge (like 3 hours now lol :sob:) I have executed the guided exercise as its supposed to be. But I fail to understand what’s the second method and how o execute it. please care to elaborate a little on that too, Appreciate you (:

So the lab at a high level is to first register a new service (WindowsService1.exe) to C:\Program Files\my service. You then use a script to confirm the “C:\Program Files\my service\WindowsService1” uses an unquoted service path. This path has two attack vectors:

C:\Program.exe
C:\Program Files\my.exe

Why are these attack vectors? Because of the way Windows looks for files. There is a bug/feature in Windows that it will stop wherever there is a space and check for an executable. This is all explained in the Core Concepts so don’t skip that.

I have run through the lab steps many times, I know the steps work as written. Just take your time. If you are really no kidding stuck and just defeated then we can do some screen sharing and I will help you through it.

3 Likes

nah I am actually genuinely stuck here lol, and I really do appreciate the quick response. I’ll head back to the very start and try all over again.
Thanks Joseph :slight_smile:

I did it man, I cracked the flag open!!!
I was so so frustrated and felt so helpless, you are an absolute G, Mr. Joseph!
Thanks a ton, appreciate your guidance

1 Like

I have not been able to find it, how did you do it?

1 Like