Suborner is a simple program to create a Windows account you will only know about 🙂
net user
or Windows OS user management applications (e.g. netapi32::netuseradd
)Create an invisible machine account with administrative privileges, and without invoking that annoying Windows Event Logger to report its creation!
Released at Black Hat USA 2022: Suborner: A Windows Bribery for Invisible Persistence
git clone https://github.com/r4wd3r/Suborner/
Download the latest release and pwn!
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
88
.d88888b. S U B O R N E R
d88P 88"88b
Y88b.88 The Invisible Account Forger
"Y88888b. by @r4wd3r
88"88b v1.0.1
Y88b 88.88P
"Y88888P" https://r4wsec.com
88
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
Description:
A stealthy tool to create invisible accounts on Windows systems.
Parameters:
USERNAME: Username for the new suborner account. Default = <HOSTNAME>$
Syntax: /username:[string]
PASSWORD: Password for the new suborner account. Default = Password.1
Syntax: /password:[string]
RID: RID for the new suborner account. Default = Next RID available
Syntax: /rid:[decimal int]
RIDHIJACK: RID of the account to impersonate. Default = 500 (Administrator)
Syntax: /ridhijack:[decimal int]
TEMPLATE: RID of the account to use as template for the new account creation. Default = 500 (Administrator)
Syntax: /template:[decimal int]
MACHINEACCOUNT: Forge as machine account for extra stealthiness. Default = yes
Syntax: /machineaccount:[yes/no]
DEBUG: Enable debug mode for verbose logging. Default = disabled
Syntax: /debug
This attack would not have been possible without the great research done by:
This repository contains tools created by yogSahare0 while learning Python 3 for ethical hacking and penetration testing.…
"NetSecChallenger" provides a suite of automated tools designed for security professionals and network administrators to…
The essential tool for cybersecurity enthusiasts! This guide provides a detailed walkthrough on how to…
Meet "Poodone," the ultimate Python script designed for cybersecurity enthusiasts and professionals alike. Packed with…
The Linux version is no longer supported! The last Linux version is 6.0 that you…
Jin is a hacking command-line tools designed to make your scan port, gathering urls, check…