Here is the command which helps to open an exe in session 0.
1. sc create RabbitHole binpath= %SYSTEMROOT%\system32\notepad.exe type= interact type= own
2. sc start RabbitHole
3. sc delete RabbitHole
Execute the first command through command prompt (administrator mode), by specifying the location of the file and execute the second command to start the service. Once the service is started the specified file will be executed in the session 0.
Note: Delete the service before trying to open a new exe, or else it will open the file that has been executed previously again.
1. sc create RabbitHole binpath= %SYSTEMROOT%\system32\notepad.exe type= interact type= own
2. sc start RabbitHole
3. sc delete RabbitHole
Execute the first command through command prompt (administrator mode), by specifying the location of the file and execute the second command to start the service. Once the service is started the specified file will be executed in the session 0.
Note: Delete the service before trying to open a new exe, or else it will open the file that has been executed previously again.
No comments:
Post a Comment