> For the complete documentation index, see [llms.txt](https://tamagosecurity.gitbook.io/notes/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://tamagosecurity.gitbook.io/notes/windows/windows-privilege-escalation/leveraging-services.md).

# Leveraging Services

## Service Binary Hijacking

### REMAKE

```powershell
Get-CimInstance -ClassName win32_service | Select Name,State,PathName | Where-Object {$_.State -like 'Running'}
```

#### icacls

| Mask | Permissions             |   |
| ---- | ----------------------- | - |
| F    | Full access             |   |
| M    | Modify access           |   |
| RX   | Read and execute access |   |
| R    | Read-only access        |   |
| W    | Write-only access       |   |

```powershell
icacls "C:\xampp\apache\bin\httpd.exe"
```

```powershell
Get-CimInstance -ClassName win32_service | Select Name, StartMode | Where-Object {$_.Name -like 'mysql'}
```

## DLL Hijacking

## Unquoted Service Path
