Windows services are particular processes that run in a separate Session and without user interaction. For security reasons, many of these services run under dedicated and less privileged accounts (WSH). But those accounts usually holds impersonation privileges that can be also abused under certain conditions, for instance the well known DCOM/NTLM reflection. Even if some […]