def getSidToken(token_sid):
# trying to get system privileges
if token_sid == "S-1-5-18":
sids = ListSids()
for sid in sids:
if "winlogon" in sid[1].lower():
hToken = gethTokenFromPid(sid[0])
if hToken:
print "\t[+] Using PID: " + str(sid[0])
return hToken
else:
return None
# trying to impersonate a token
else:
pids = [int(x) for x in psutil.pids() if int(x)>4]
for pid in pids:
hToken = gethTokenFromPid(pid)
if hToken:
if GetTokenSid( hToken ) == token_sid:
print "\t[+] Using PID: " + str(pid)
return hToken
评论列表
文章目录
