Hi, i searching for a command line tool, that can change the Integrity level of a running process, with a command, like this example:
program.exe -integrity low -pid 12412
I think, SetTokenInformation function, what we need in order to do this.
Why i need this? Because, this is an automatic security layer, and, a layer, in order, to limit a running infection, within a whitelist, using Autohotkey and hash verification to the processes exe location. This is done, and working, but without this tool, i only capable to check, and terminate, and suspend the processes, and some basic things.
So, i hope, someone can find a solution for me, because, i didn't find it in a 2 months of search.
Command Line Token Manipulation Tool [Integrity Change Of A Running Process]
-
- n00b
- Posts:1
- Joined:Tue Apr 05, 2022 7:16 am [phpBB Debug] PHP Warning: in file [ROOT]/vendor/twig/twig/lib/Twig/Extension/Core.php on line 1275: count(): Parameter must be an array or an object that implements Countable
- Cool_Fire
- Not a sandwich
- Posts:1913
- Joined:Fri May 09, 2003 1:20 pm
- Location:41 6d 73 74 65 72 64 61 6d
- Contact:
Re: Command Line Token Manipulation Tool [Integrity Change Of A Running Process]
As far as I'm aware this is not possible by design since thit would make it possible for the process to have violated integrity constraints. But I'm by no means an expert on this subject, so there may be something I'm missing.
If we're breaking the rules, then how come you can't catch us? You can't find us? I know why. Cause, it's ... MAGIC!
Hackerthreads chat, where the party is going 24/7.
Hackerthreads chat, where the party is going 24/7.