{"id":21472205,"url":"https://github.com/cailllev/windows_priv_esc","last_synced_at":"2025-03-17T07:18:19.723Z","repository":{"id":184665587,"uuid":"319063608","full_name":"cailllev/windows_priv_esc","owner":"cailllev","description":"BLACK HAT PYTHON - file and process monitors to inject bhpnet.py","archived":false,"fork":false,"pushed_at":"2020-12-06T15:21:21.000Z","size":3,"stargazers_count":1,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-01-23T16:29:59.567Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/cailllev.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null}},"created_at":"2020-12-06T15:20:19.000Z","updated_at":"2021-03-22T03:49:49.000Z","dependencies_parsed_at":"2023-07-29T15:42:38.687Z","dependency_job_id":null,"html_url":"https://github.com/cailllev/windows_priv_esc","commit_stats":null,"previous_names":["cailllev/windows_priv_esc"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cailllev%2Fwindows_priv_esc","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cailllev%2Fwindows_priv_esc/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cailllev%2Fwindows_priv_esc/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cailllev%2Fwindows_priv_esc/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/cailllev","download_url":"https://codeload.github.com/cailllev/windows_priv_esc/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":243989714,"owners_count":20379648,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-23T09:48:01.958Z","updated_at":"2025-03-17T07:18:19.700Z","avatar_url":"https://github.com/cailllev.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# BLACK HAT PYTHON\n## file_monitor_injector.py\n### Description\nMonitors file creation in temp folders. Some (older) programs create files, that are later run with admin rights from those programs. Inject our bhpnet.py in those files and we have root reverse shell.\n\n### TODO\n- Check privileged of created files, check with process created them (use process_monitor maybe?)\n- bhpnet.py has to be in TEMP_Folder, why not combine this with the bhp_trojan (download from git)\n- check bhpnet.py start command in all shells (ps1, cmd, bash)\n\n## process_monitor.py\n### Description\nMonitors running processes.\n\n### TODO\n- read up in Black Hat Python how this is used originally.","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcailllev%2Fwindows_priv_esc","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcailllev%2Fwindows_priv_esc","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcailllev%2Fwindows_priv_esc/lists"}