Awesome
Toggle_Token_Privileges_BOF
What is this?
- An (almost) syscall-only BOF file intended to either add or remove token privileges within the context of your current process.
Who wrote it?
- Justin Lucas (@the_bit_diddler)
- Brad Campbell (@hackersoup)
What problem are you trying to solve?
- There are many boilerplate options to enable a specific subset of privileges; traditionally, this has been almost entirely centered around
SE_DEBUG
- Why not let you, the operator have the power of choice? Pick to add-or-remove from an à la carte help menu.
How do I build this?
git clone https://github.com/EspressoCake/Toggle_Token_Privileges_BOF.git
cd Toggle_Token_Privileges_BOF/src
make
How do I use this?
I tend to touch the stove carelessly, how are you taking care of the injury-prone?
- Currently, the
Aggressor
script has safeguards
- The current
Beacon
is checked to ensure that it is administrative, and an x64
process
What does the output look like?
Adding/Revoking Current Process Token Privileges