File tree Expand file tree Collapse file tree 1 file changed +47
-0
lines changed
documentation/modules/post/windows/manage Expand file tree Collapse file tree 1 file changed +47
-0
lines changed Original file line number Diff line number Diff line change 1+ ## Overview
2+ This module will start a process as another user using powershell.
3+ By default, it will start an interactive cmd as the target user.
4+
5+ ## Module Options
6+ - ** USER** - The use to run the program as.
7+ - ** PASS** - The user's password
8+ - ** DOMAIN** - The domain of the user
9+ - ** EXE** - The program to run (default cmd.exe)
10+ - ** PASS** - The program arguments
11+ - ** PATH** - The path to run the program in (default C:\)
12+ - ** CHANNELIZE** - Channelize the output, required to read output or interact
13+ - ** INTERACT** - Interact with program
14+ - ** HIDDEN** - Hide the console window
15+
16+ ## Module Process
17+ The process will use the Start-Process command of powershell to run a process as another user.
18+ ## Limitations
19+ - Requires Powershell
20+ - Hidden Mode does not work with older powershell versions
21+ - Interactive mode needs to be ran from a meterpreter console
22+
23+ ## Examples
24+
25+ `
26+ meterpreter > getuid
27+ Server username: NT AUTHORITY\SYSTEM
28+ meterpreter > run post/windows/manage/run_as_psh user=test pass=mypassword
29+
30+ [ * ] Hidden mode may not work on older powershell versions, if it fails, try HIDDEN=false
31+ [ * ] Process 1672 created.
32+ [ * ] Channel 30 created.
33+ Microsoft Windows [ Version 10.0.14393]
34+ (c) 2016 Microsoft Corporation. All rights reserved.
35+
36+ C:\> whoami
37+ whoami
38+ my-pc\test
39+
40+ C:\>
41+
42+ meterpreter > run post/windows/manage/run_as_psh user=test pass=mypassword hidden=false channelize=false interactive=false exe=cmd path=C:\\ windows args="/c start notepad"
43+
44+ [ * ] Process 9768 created.
45+ meterpreter >
46+
47+ `
You can’t perform that action at this time.
0 commit comments