xct's notes
Search…
Analyze Desktop App
  1. 1.
    Run PrivEsc scripts to find low hanging fruits
  2. 4.
    Check Behaviour
  3. 5.
    ProcessMonitor
    • C:\ProgramData
    • C:\Windows\Temp
    • C:\Users\xct\AppData
  4. 6.
    ProcessExplorer
  5. 8.
    Monitor \ProgramData\
  6. 9.
    Analyze Code in DnSPY/IDA

Checklist

  • Installed services (both the service permissions and the service executable/path permission)
  • Named pipes (and their ACLs)
  • Log file permissions in folders like C:\ProgramData
  • Network sockets
  • DCOM servers and hosted interfaces
Last modified 1yr ago
Copy link
Contents
Checklist