SharpImpersonation : A User Impersonation Tool – Via Token Or Shellcode Injection

SharpImpersonation is a User Impersonation Tool – Via Token Or Shellcode Injection. This was a learning by doing project from my side. Well known techniques are used to built just another impersonation tool with some improvements in comparison to other public tools. The code base was taken from:

https://github.com/0xbadjuju/Tokenvator

A blog post for the intruduction can be found here:

https://s3cur3th1ssh1t.github.io/SharpImpersonation-Introduction/

List user processes

List only elevated processes

PS > PS C:\temp> SharpImpersonation.exe list elevated

Impersonate the first process of the target user to start a new binary

PS > PS C:\temp> SharpImpersonation.exe user: binary:

Inject base64 encoded shellcode into the first process of the target user

PS > PS C:\temp> SharpImpersonation.exe user: shellcode:

Inject shellcode loaded from a webserver into the first process of the target user

PS > PS C:\temp> SharpImpersonation.exe user: shellcode:

Impersonate the target user via ImpersonateLoggedOnuser for the current session

PS > PS C:\temp> SharpImpersonation.exe user: technique:ImpersonateLoggedOnuser

Related

SharpNamedPipePTH : Pass The Hash To A Named Pipe For Token Impersonation

September 29, 2022

In "Kali Linux"

NamedPipePTH : Pass The Hash To A Named Pipe For Token Impersonation

June 29, 2021

In "Kali Linux"

Mshikaki – Advanced Shellcode Injection Tool for Bypassing AMSI

September 28, 2023

In "Exploitation Tools"

R K

Next kics : Find security vulnerabilities, compliance issues, and infrastructure misconfigurations »

Previous « SDomDiscover : A Easy-To-Use Python Tool To Perform DNS Recon

Leave a Comment

Share

Published by

R K

Tags: SharpImpersonationshellcode injection

4 years ago

Recent Posts

How To

Bash Scripting Best Practices Every Beginner Should Know

Introduction Bash scripting is a powerful way to automate Linux tasks, but writing a script…

1 day ago

How To

How To Create A Self-Signed SSL Certificate Using Bash And OpenSSL

Introduction A self-signed SSL certificate is a certificate that is created and signed by the…

1 day ago

How To

How To Debug Bash Scripts Using bash -x And set Commands

Introduction Debugging is an important part of Bash scripting. When a script does not work…

1 day ago

How To

How To Use Cron Jobs With Bash Scripts For Automation

Introduction Cron jobs are used in Linux to run commands or Bash scripts automatically at…

1 day ago

How To

How To Use Pipes In Bash Scripts For Command Chaining

Introduction Pipes are an important feature in Linux and Bash scripting. A pipe allows you…

2 days ago

How To

How To Use grep, awk, And sed In Bash Scripts

Introduction The grep, awk, and sed commands are powerful text-processing tools in Linux. They are…

2 days ago

L