I just ran into a problem with a process that was running in Windows that I couldn’t kill, even as an administrator.  I happened to remember hearing about a “Windows XP Privilage Escalation Exploit” which in reality, isn’t exactly an exploit.  The idea is that you can gain SYSTEM level rights, which are higher than administrator.  The original author claimed that he could gain those rights even as a guest user.  This is false however because the mechanism that we use to gain SYSTEM requires the use of the Task Scheduler, which can only be manipulated as an administrator.

I was sitting here looking at the process that was claiming that I didn’t have the correct rights to kill.  I thought that this would be the perfect use for the “exploit”.  This is what I did:

• Open up a command prompt.
• Type in the following:
  at (time) /interactive “cmd.exe” with (time) being a valid timestamp.
• When the timestamp passes, the system will run a command prompt.  We can then use that command prompt and type “taskmgr” to run the Task Manager. 
• We then kill the explorer process.
• Then start a new explorer process.
• When the new explorer process is running, it shows that our username is now SYSTEM.

As we are now system, Windows grants us rights to anything on the box and we can now kill the offending process.