Awesome

Toggle_Token_Privileges_BOF

What is this?

An (almost) syscall-only BOF file intended to either add or remove token privileges within the context of your current process.

Who wrote it?

Justin Lucas (@the_bit_diddler)
Brad Campbell (@hackersoup)

What problem are you trying to solve?

There are many boilerplate options to enable a specific subset of privileges; traditionally, this has been almost entirely centered around SE_DEBUG
- Why not let you, the operator have the power of choice? Pick to add-or-remove from an à la carte help menu.

How do I build this?

git clone https://github.com/EspressoCake/Toggle_Token_Privileges_BOF.git
cd Toggle_Token_Privileges_BOF/src
make

How do I use this?

Load the Aggressor .cna file from the dist directory, after building
Determine whatever relative privilege number (see the help menu) you wish to apply to your current process token

From a given Beacon:

# Getting general help
syscall_enable_priv

# Adding a privilege (SE_DEBUG)
syscall_enable_priv 20

# Removing a privilege (SE_DEBUG)
syscall_disable_priv 20

I tend to touch the stove carelessly, how are you taking care of the injury-prone?

Currently, the Aggressor script has safeguards
- The current Beacon is checked to ensure that it is administrative, and an x64 process

Awesome

Toggle_Token_Privileges_BOF

What is this?

Who wrote it?

What problem are you trying to solve?

How do I build this?

How do I use this?

I tend to touch the stove carelessly, how are you taking care of the injury-prone?

What does the output look like?

Adding/Revoking Current Process Token Privileges