From 7964823e3f398c41a7ad1c0e8c4c28c0806a9c0d Mon Sep 17 00:00:00 2001
From: HarmJ0y <will@harmj0y.net>
Date: Wed, 14 Dec 2016 11:53:29 -0500
Subject: Added documentation for PowerUp

---
 docs/Privesc/Get-UnquotedService.md | 45 +++++++++++++++++++++++++++++++++++++
 1 file changed, 45 insertions(+)
 create mode 100755 docs/Privesc/Get-UnquotedService.md

(limited to 'docs/Privesc/Get-UnquotedService.md')

diff --git a/docs/Privesc/Get-UnquotedService.md b/docs/Privesc/Get-UnquotedService.md
new file mode 100755
index 0000000..4b61355
--- /dev/null
+++ b/docs/Privesc/Get-UnquotedService.md
@@ -0,0 +1,45 @@
+# Get-UnquotedService
+
+## SYNOPSIS
+Get-UnquotedService Returns the name and binary path for services with unquoted paths
+that also have a space in the name.
+
+Author: Will Schroeder (@harmj0y)  
+License: BSD 3-Clause  
+Required Dependencies: Get-ModifiablePath, Test-ServiceDaclPermission
+
+## SYNTAX
+
+```
+Get-UnquotedService
+```
+
+## DESCRIPTION
+Uses Get-WmiObject to query all win32_service objects and extract out
+the binary pathname for each.
+Then checks if any binary paths have a space
+and aren't quoted.
+
+## EXAMPLES
+
+### -------------------------- EXAMPLE 1 --------------------------
+```
+Get-UnquotedService
+```
+
+Get a set of potentially exploitable services.
+
+## PARAMETERS
+
+## INPUTS
+
+## OUTPUTS
+
+### PowerUp.UnquotedService
+
+## NOTES
+
+## RELATED LINKS
+
+[https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/local/trusted_service_path.rb](https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/local/trusted_service_path.rb)
+
-- 
cgit v1.2.3