(Non-Sucking Service Manager) is a legitimate tool used to run any executable as a Windows service, it is frequently exploited for local privilege escalation (LPE)
where nssm
Understanding "NSSM-2.24 Privilege Escalation": Vulnerabilities, Mechanics, and Mitigation nssm-2.24 privilege escalation
Before dissecting the vulnerabilities, it is essential to understand what NSSM is and why version 2.24 is so pervasive. NSSM, short for Non-Sucking Service Manager, is a service helper program. It solves a persistent problem in Windows: many simple applications and scripts are not designed to run as system services. NSSM bridges that gap by acting as a wrapper. It starts any application or command line script as a Windows service, automatically restarts it if it fails, and provides service-specific environment variables and logging capabilities. Unlike Microsoft’s own srvany.exe , NSSM is more robust, easier to configure, and remains actively maintained. (Non-Sucking Service Manager) is a legitimate tool used
: It leaks thread handles when applications restart, which can lead to system instability over time. NSSM bridges that gap by acting as a wrapper