Command Line Token Manipulation Tool [Integrity Change Of A Running Process]

Need a tool? Ask here if someone knows one that does what you need, or maybe someone can even write you one.
Post Reply
Monolis
n00b
Posts: 1
Joined: Tue Apr 05, 2022 7:16 am

Command Line Token Manipulation Tool [Integrity Change Of A Running Process]

Post by Monolis » Tue Apr 05, 2022 7:27 am

Hi, i searching for a command line tool, that can change the Integrity level of a running process, with a command, like this example:

program.exe -integrity low -pid 12412

I think, SetTokenInformation function, what we need in order to do this.

Why i need this? Because, this is an automatic security layer, and, a layer, in order, to limit a running infection, within a whitelist, using Autohotkey and hash verification to the processes exe location. This is done, and working, but without this tool, i only capable to check, and terminate, and suspend the processes, and some basic things.

So, i hope, someone can find a solution for me, because, i didn't find it in a 2 months of search.
Top
User avatar
Cool_Fire
Not a sandwich
Posts: 1912
Joined: Fri May 09, 2003 1:20 pm
Location: 41 6d 73 74 65 72 64 61 6d
Contact:
Contact Cool_Fire

Re: Command Line Token Manipulation Tool [Integrity Change Of A Running Process]

Post by Cool_Fire » Wed Apr 06, 2022 12:53 am

As far as I'm aware this is not possible by design since thit would make it possible for the process to have violated integrity constraints. But I'm by no means an expert on this subject, so there may be something I'm missing.
If we're breaking the rules, then how come you can't catch us? You can't find us? I know why. Cause, it's ... MAGIC!
Hackerthreads chat, where the party is going 24/7.
Top
Post Reply

Return to “Tool requests”