Phrozen InfoSec Tools - Papers - Phrozen
PowerRunAsSystem 25 Feb 2022

Run application as system with interactive system process support (active Windows session)

This technique doesn't rely on any external tools and doesn't require a Microsoft Service.

It spawns an NT Authority/System process using the Microsoft Windows Task Scheduler then upgrade to Interactive System Process using cool WinApi's (Run in Active Windows Session)



Read more...