Rust-for-Malware-Development

Enable Token Access

A Rust implementation for enabling various Windows privileges and token access. This project demonstrates advanced Windows API usage for privilege manipulation and process token management.

Features

• Enables multiple Windows privileges including:
  • SE_ASSIGNPRIMARYTOKEN
  • SE_AUDIT
  • SE_BACKUP
  • SE_DEBUG
  • And many more system privileges
• Process token manipulation
• Error handling and status reporting
• Shellcode execution demonstration

Technical Details

The PoC implements:

• Windows Token Privilege manipulation
• Process token access and modification
• Memory allocation and shellcode execution
• Thread creation and management

Key Components

1. Privilege Management
   • Opens process token with required access rights
   • Looks up privilege values
   • Adjusts token privileges
2. Shellcode Execution
   • Allocates memory for shellcode
   • Creates thread for execution
   • Handles thread synchronization

Usage

1. Build the project using Cargo:

   cargo build --release
   

2. Run the executable:

   cargo run --release
   

Dependencies

• winapi: Windows API bindings with specific features:
  • errhandlingapi
  • handleapi
  • memoryapi
  • processthreadsapi
  • securitybaseapi
  • synchapi
  • winbase
  • winnt

Warning

This tool is for educational and research purposes only. Use with caution and only in controlled environments where you have proper authorization.

Credits / Resources

• https://github.com/b4rdia/HackTricks/blob/master/windows-hardening/windows-local-privilege-escalation/access-tokens.md

@5mukx

This site is open source. Improve this page.