Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/hatRiot/token-priv

Token Privilege Research
https://github.com/hatRiot/token-priv

Last synced: 21 days ago
JSON representation

Token Privilege Research

Host: GitHub
URL: https://github.com/hatRiot/token-priv
Owner: hatRiot
License: mit
Created: 2017-07-19T06:01:36.000Z (over 7 years ago)
Default Branch: master
Last Pushed: 2017-09-01T18:54:00.000Z (over 7 years ago)
Last Synced: 2024-08-05T17:24:55.380Z (4 months ago)
Language: C++
Size: 68.4 KB
Stars: 765
Watchers: 27
Forks: 172
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

awesome-hacking-lists - hatRiot/token-priv - Token Privilege Research (C++)

README

# Abusing Token Privileges For EoP

August 2017
Bryan Alexander (@dronesec)
Stephen Breen (@breenmachine)

This repository contains all code and a Phrack-style paper on research into abusing token privileges for escalation of privilege. Please feel free to ping us with questions, ideas, insults, or bugs.

This repository is organized into three parts:
* lib/, which contains auxiliary scripts (for now just the pykd token script)
* poptoke/, which is the main bulk of the code. It's organized as a project, but should be noted, and stressed, that it's NOT going to compile and give you shells as is. It's an amalgam of proof of concepts and portable functions for use in your own bugs and edification, and meant only as a reference guide. Don't submit issues for "fixing" it, please.
* abusing_token_eop_1.0.txt, complimentary paper on the topic and our findings.