From 7964823e3f398c41a7ad1c0e8c4c28c0806a9c0d Mon Sep 17 00:00:00 2001 From: HarmJ0y Date: Wed, 14 Dec 2016 11:53:29 -0500 Subject: Added documentation for PowerUp --- docs/Privesc/Restore-ServiceBinary.md | 87 +++++++++++++++++++++++++++++++++++ 1 file changed, 87 insertions(+) create mode 100755 docs/Privesc/Restore-ServiceBinary.md (limited to 'docs/Privesc/Restore-ServiceBinary.md') diff --git a/docs/Privesc/Restore-ServiceBinary.md b/docs/Privesc/Restore-ServiceBinary.md new file mode 100755 index 0000000..a88fc29 --- /dev/null +++ b/docs/Privesc/Restore-ServiceBinary.md @@ -0,0 +1,87 @@ +# Restore-ServiceBinary + +## SYNOPSIS +Restores a service binary backed up by Install-ServiceBinary. + +Author: Will Schroeder (@harmj0y) +License: BSD 3-Clause +Required Dependencies: Get-ServiceDetail, Get-ModifiablePath + +## SYNTAX + +``` +Restore-ServiceBinary [-Name] [[-BackupPath] ] +``` + +## DESCRIPTION +Takes a service Name or a ServiceProcess.ServiceController on the pipeline and +checks for the existence of an "OriginalServiceBinary.exe.bak" in the service +binary location. +If it exists, the backup binary is restored to the original +binary path. + +## EXAMPLES + +### -------------------------- EXAMPLE 1 -------------------------- +``` +Restore-ServiceBinary -Name VulnSVC +``` + +Restore the original binary for the service 'VulnSVC'. + +### -------------------------- EXAMPLE 2 -------------------------- +``` +Get-Service VulnSVC | Restore-ServiceBinary +``` + +Restore the original binary for the service 'VulnSVC'. + +### -------------------------- EXAMPLE 3 -------------------------- +``` +Restore-ServiceBinary -Name VulnSVC -BackupPath 'C:\temp\backup.exe' +``` + +Restore the original binary for the service 'VulnSVC' from a custom location. + +## PARAMETERS + +### -Name +The service name to restore a binary for. + +```yaml +Type: String +Parameter Sets: (All) +Aliases: ServiceName + +Required: True +Position: 1 +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -BackupPath +Optional manual path to the backup binary. + +```yaml +Type: String +Parameter Sets: (All) +Aliases: + +Required: False +Position: 2 +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +## INPUTS + +## OUTPUTS + +### PowerUp.ServiceBinary.Installed + +## NOTES + +## RELATED LINKS + -- cgit v1.2.3