From db0fe66e6224db818415d541bcb9355e235bbe0b Mon Sep 17 00:00:00 2001
From: Carlos Polop <carlospolop@gmail.com>
Date: Thu, 23 Apr 2020 18:39:30 +0100
Subject: [PATCH] Update winPEAS.bat

---
 winPEAS/winPEASbat/winPEAS.bat | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/winPEAS/winPEASbat/winPEAS.bat b/winPEAS/winPEASbat/winPEAS.bat
index e1f39a1..03737b6 100755
--- a/winPEAS/winPEASbat/winPEAS.bat
+++ b/winPEAS/winPEASbat/winPEAS.bat
@@ -359,7 +359,7 @@ echo [i] The permissions are also checked and filtered using icacls
 echo   [?] https://book.hacktricks.xyz/windows/windows-local-privilege-escalation#services
 for /f "tokens=2" %%n in ('sc query state^= all^| findstr SERVICE_NAME') do (
 	for /f "delims=: tokens=1*" %%r in ('sc qc "%%~n" ^| findstr BINARY_PATH_NAME ^| findstr /i /v /l /c:"c:\windows\system32" ^| findstr /v /c:""""') do (
-		echo %%~s | findstr /r /c:"[a-Z][ ][a-Z]" >nul 2>&1 && (echo %%n && echo %%~s && icacls %%s | findstr /i "(F) (M) (W) :\" | findstr /i ":\\ everyone authenticated users todos %username%") && echo.
+		echo %%~s ^| findstr /r /c:"[a-Z][ ][a-Z]" >nul 2>&1 && (echo %%n && echo %%~s && icacls %%s | findstr /i "(F) (M) (W) :\" | findstr /i ":\\ everyone authenticated users todos %username%") && echo.
 	)
 )
 ::wmic service get name,displayname,pathname,startmode | more | findstr /i /v "C:\\Windows\\system32\\" | findstr /i /v """