Skip to content

Token Privileges

Jump to bottom
Alexander edited this page Aug 23, 2021 · 4 revisions

List_Privileges

Synopsis: List the privileges assigned to a token
Mandatory Parameters: -
Optional Parameters: Process ID
Examples:
(Tokens) > List_Privileges
(Tokens) > List_Privileges /Process:27015
(Tokens) > List_Privileges /Process:powershell
P/Invokes: OpenProcess | GetCurrentProcess, OpenProcessToken, CloseHandle, GetTokenInformation, LookupPrivilegeName, PrivilegeCheck

Enable_Privilege

Synopsis: Enable a privilege assigned to a token
Mandatory Parameters: Privilege
Optional Parameters: Process ID
Examples:
(Tokens) > Enable_Privilege /Privilege:SeSecurityPrivilege
(Tokens) > Enable_Privilege /Process:27015 /Privilege:SeSecurityPrivilege
(Tokens) > Enable_Privilege /Process:powershell /Privilege:SeSecurityPrivilege
P/Invokes: OpenProcess | GetCurrentProcess, OpenProcessToken, CloseHandle, LookupPrivilegeValue, AdjustTokenPrivileges

Disable_Privilege

Synopsis: Disable a privilege assigned to a token
Mandatory Parameters: Privilege
Optional Parameters: Process ID
Examples:
(Tokens) > Disable_Privilege /Privilege:SeSecurityPrivilege
(Tokens) > Disable_Privilege /Process:27015 /Privilege:SeSecurityPrivilege
(Tokens) > Disable_Privilege /Process:powershell /Privilege:SeSecurityPrivilege
P/Invokes: OpenProcess | GetCurrentProcess, OpenProcessToken, CloseHandle, LookupPrivilegeValue, AdjustTokenPrivileges

Remove_Privilege

Synopsis: Permanently remove a privilege assigned to a token
Mandatory Parameters: Privilege
Optional Parameters: Process ID
Examples:
(Tokens) > Remove_Privilege /Privilege:SeSecurityPrivilege
(Tokens) > Remove_Privilege /Process:27015 /Privilege:SeSecurityPrivilege
(Tokens) > Remove_Privilege /Process:powershell /Privilege:SeSecurityPrivilege
P/Invokes: OpenProcess | GetCurrentProcess, OpenProcessToken, CloseHandle, LookupPrivilegeValue, AdjustTokenPrivileges

Nuke_Privileges

Synopsis: Permanently remove all privilege assigned to a token
Mandatory Parameters: Process ID
Optional Parameters: -
Examples:
(Tokens) > Nuke_Privileges /Process:27015
(Tokens) > Nuke_Privileges /Process:powershell
P/Invokes: OpenProcess | GetCurrentProcess, OpenProcessToken, CloseHandle, LookupPrivilegeValue, AdjustTokenPrivileges, PrivilegeCheck

Clone this wiki locally