SharpImpersonation : A User Impersonation Tool – Via Token Or Shellcode Injection

SharpImpersonation is a User Impersonation Tool – Via Token Or Shellcode Injection. This was a learning by doing project from my side. Well known techniques are used to built just another impersonation tool with some improvements in comparison to other public tools. The code base was taken from:

https://github.com/0xbadjuju/Tokenvator

A blog post for the intruduction can be found here:

https://s3cur3th1ssh1t.github.io/SharpImpersonation-Introduction/

List user processes

List only elevated processes

PS > PS C:\temp> SharpImpersonation.exe list elevated

Impersonate the first process of the target user to start a new binary

PS > PS C:\temp> SharpImpersonation.exe user: binary:

Inject base64 encoded shellcode into the first process of the target user

PS > PS C:\temp> SharpImpersonation.exe user: shellcode:

Inject shellcode loaded from a webserver into the first process of the target user

PS > PS C:\temp> SharpImpersonation.exe user: shellcode:

Impersonate the target user via ImpersonateLoggedOnuser for the current session

PS > PS C:\temp> SharpImpersonation.exe user: technique:ImpersonateLoggedOnuser

Related

SharpNamedPipePTH : Pass The Hash To A Named Pipe For Token Impersonation

September 29, 2022

In "Kali Linux"

NamedPipePTH : Pass The Hash To A Named Pipe For Token Impersonation

June 29, 2021

In "Kali Linux"

Mshikaki – Advanced Shellcode Injection Tool for Bypassing AMSI

September 28, 2023

In "Exploitation Tools"

R K

Next kics : Find security vulnerabilities, compliance issues, and infrastructure misconfigurations »

Previous « SDomDiscover : A Easy-To-Use Python Tool To Perform DNS Recon

Leave a Comment

Share

Published by

R K

Tags: SharpImpersonationshellcode injection

3 years ago

Recent Posts

Linux

How to Use the Linux find Command to Locate Files Like a Pro

Managing files efficiently is a core skill for anyone working in Linux, whether you're a…

1 day ago

Linux

How to Check Open Ports in Linux Using netstat, ss, and lsof

Open ports act as communication endpoints between your Linux system and the outside world. Every…

1 day ago

Cyber security

Best Endpoint Monitoring Tools for 2026

Introduction In today’s cyber threat landscape, protecting endpoints such as computers, smartphones, and tablets from…

4 days ago

Cyber security

Best 9 Incident Response Automation Tools

Introduction In today's fast-paced cybersecurity landscape, incident response is critical to protecting businesses from cyberattacks.…

4 days ago

Cyber security

How AI Puts Data Security at Risk

Artificial Intelligence (AI) is changing how industries operate, automating processes, and driving new innovations. However,…

2 months ago

TECH

The Evolution of Cloud Technology: Where We Started and Where We’re Headed

Image credit:pexels.com If you think back to the early days of personal computing, you probably…

3 months ago

L