Assignment #4
(optional)
Difficulty: HIGH
Recreate Darkpulsar persistence (EquationGroup tool)
Hint #1: check Telephony Service Provider documentation. Focus on TAPI 2.x (not 3.x)
Hint #2: set TapiSrv and Rasman services to AUTOSTART
Hint #3: don't implement privilege escalation by abusing SeImpersonate token privilege of TapiSrv. For the exercise just change TapiSrv user from NETWORK SERVICE to SYSTEM in service configuration.
Difficulty: HIGH
Recreate Darkpulsar persistence (EquationGroup tool)
Hint #1: check Telephony Service Provider documentation. Focus on TAPI 2.x (not 3.x)
Hint #2: set TapiSrv and Rasman services to AUTOSTART
Hint #3: don't implement privilege escalation by abusing SeImpersonate token privilege of TapiSrv. For the exercise just change TapiSrv user from NETWORK SERVICE to SYSTEM in service configuration.