-
Notifications
You must be signed in to change notification settings - Fork 384
live process
skelsec edited this page Aug 16, 2019
·
1 revision
Process manipulation commands.
Administrative privileges, OR a user account that has SE_DEBUG enabled.
-
create: Spawns a new process in the context of another user.
-
--sid: Impersonate given SID in new process. Default: SYSTEM SID. -
-c: Full path to the executable you want to run. Default: cmd.exe
-
pypykatz live process create: Spawns a SYSTEM shell -
pypykatz live process create -c regedit: Executesregeditwith SYSTEM privileges