https://github.com/cailllev/windows_priv_esc

BLACK HAT PYTHON - file and process monitors to inject bhpnet.py
https://github.com/cailllev/windows_priv_esc

Last synced: over 1 year ago
JSON representation

BLACK HAT PYTHON - file and process monitors to inject bhpnet.py

Host: GitHub
URL: https://github.com/cailllev/windows_priv_esc
Owner: cailllev
Created: 2020-12-06T15:20:19.000Z (over 5 years ago)
Default Branch: master
Last Pushed: 2020-12-06T15:21:21.000Z (over 5 years ago)
Last Synced: 2025-01-23T16:29:59.567Z (over 1 year ago)
Language: Python
Size: 2.93 KB
Stars: 1
Watchers: 1
Forks: 0
Open Issues: 0
Metadata Files:
- Readme: README.md

Awesome Lists containing this project

README

# BLACK HAT PYTHON
## file_monitor_injector.py
### Description
Monitors file creation in temp folders. Some (older) programs create files, that are later run with admin rights from those programs. Inject our bhpnet.py in those files and we have root reverse shell.

### TODO
- Check privileged of created files, check with process created them (use process_monitor maybe?)
- bhpnet.py has to be in TEMP_Folder, why not combine this with the bhp_trojan (download from git)
- check bhpnet.py start command in all shells (ps1, cmd, bash)

## process_monitor.py
### Description
Monitors running processes.

### TODO
- read up in Black Hat Python how this is used originally.

ecosyste.ms

Data

Tools

Indexes

Applications

Experiments

Awesome

https://github.com/cailllev/windows_priv_esc

Awesome Lists containing this project

README