Windows Privilege Escalation - Unquoted Service Path

There are many different ways that local privilege escalation can be done on a Windows system. This video goes over priv esc in the case where a service is running that has a space in it's executable path, and the path is not enclosed in quotes. If a low privileged user can write to a location along this path, they could potentially exploit this unquoted service path as shown in the video. This technique can be very helpful to those studying for the OSCP exam. Join my Discord server: discord.gg/9CvTtHqWCX Follow me on Twitter:   / 0xconda   If you found this video helpful and would like to support future creations, please considering visiting the following links: Patreon:   / conda   Buy Me a Coffee: https://www.buymeacoffee.com/conda Amazon affiliate link (anything purchased through this link will provide me with a small commission): https://amzn.to/3hsHzD2 Windows Privilege Escalation Mind Map: https://github.com/C0nd4/OSCP-Priv-Esc PowerUp: https://github.com/PowerShellMafia/Po... 00: Vulnerability Explanation 04:54 Identifying the Vulnerability 07:22 Exploiting the Vulnerability