There are many different ways that local privilege escalation can be done on a Windows system. This video goes over priv esc in the case where a service is running that has a space in it's executable path, and the path is not enclosed in quotes. If a low privileged user can write to a location along this path, they could potentially exploit this unquoted service path as shown in the video. This technique can be very helpful to those studying for the OSCP exam.

Join my Discord server: discord.gg/9CvTtHqWCX
Follow me on Twitter:   / 0xconda  

If you found this video helpful and would like to support future creations, please considering visiting the following links:
Patreon:   / conda  
Buy Me a Coffee: https://www.buymeacoffee.com/conda
Amazon affiliate link (anything purchased through this link will provide me with a small commission): https://amzn.to/3hsHzD2

Windows Privilege Escalation Mind Map: https://github.com/C0nd4/OSCPPrivEsc

PowerUp: https://github.com/PowerShellMafia/Po...

00: Vulnerability Explanation
04:54 Identifying the Vulnerability
07:22 Exploiting the Vulnerability