r4wd3r / Rid Hijacking
Windows RID Hijacking persistence technique
Stars: ✭ 130
Programming Languages
powershell
5483 projects
RID Hijacking: Maintaining Access on Windows Machines
The RID Hijacking hook, applicable to all Windows versions, allows setting desired privileges to an existent account in a stealthy manner by modifying some security attributes of an user.
By only using OS resources, it is possible to replace the RID of an user right before the primary access token is created, allowing to spoof the privileges of the hijacked RID owner.
Modules
- RID Hijacking with Metasploit
- RID Hijacking with Powershell
- RID Hijacking with Empire
- RID Hijacking with Crackmapexec
- RID Hijacking with ibombshell
Slides
References
r4wsecurity: RID Hijacking - Maintaining access on Windows Machines
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].