Host Name: RedsTaftss
OS Name: Microsoft Windows 10 Pro
OS Version: 10.0.19044 N/A Build 19044
#Another Discover Methot to Unquoted Services Path:
wmic service get name,displayname,pathname,startmode | findstr /i
"auto" | findstr /i /v "c:\windows\\" | findstr /i /v """
#Exploit:
If the attacker has taken over the system and the taken user has write
privileges to the "C:\Program Files\ActiveFax" folder or "C:\", they
can inject their own malicious "ActSrvNT.exe" file. Then the
ActiveFaxServiceNT Service can be restarted to privilege escalation.