A Rust implementation for enabling various Windows privileges and token access. This project demonstrates advanced Windows API usage for privilege manipulation and process token management.
- Enables multiple Windows privileges including:
- SE_ASSIGNPRIMARYTOKEN
- SE_AUDIT
- SE_BACKUP
- SE_DEBUG
- And many more system privileges
- Process token manipulation
- Error handling and status reporting
- Shellcode execution demonstration
The PoC implements:
- Windows Token Privilege manipulation
- Process token access and modification
- Memory allocation and shellcode execution
- Thread creation and management
-
Privilege Management
- Opens process token with required access rights
- Looks up privilege values
- Adjusts token privileges
-
Shellcode Execution
- Allocates memory for shellcode
- Creates thread for execution
- Handles thread synchronization
-
Build the project using Cargo:
cargo build --release
-
Run the executable:
cargo run --release
- winapi: Windows API bindings with specific features:
- errhandlingapi
- handleapi
- memoryapi
- processthreadsapi
- securitybaseapi
- synchapi
- winbase
- winnt
This tool is for educational and research purposes only. Use with caution and only in controlled environments where you have proper authorization.
@5mukx