Skip to content
/ ImpersonationPipeServer Public

Malicious named pipe server that impersonates connecting clients and executes arbitrary commands under their security context.

License

MIT license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

CyberCX-STA/ImpersonationPipeServer

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
ImpersonationPipeServer
ImpersonationPipeServer
 
 
Releases
Releases
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
PipeServers.sln
PipeServers.sln
 
 
README.md
README.md
 
 

Repository files navigation

Pipe Client Impersonation Server

This tool creates a malicious named pipe server that impersonates connecting clients and executes arbitrary commands under their security context.

Why?

This tool was created to assist in the creation of PoCs for insecure CreateFile and ReadFile/WriteFile calls, as well as exploit Named Pipe Instance Creation Race Condition and Superfluous Pipe Connectivity vulnerabilities.

C# was used for this implementation over C++ to allow easier customisation for AV evasion in INPT reviews.

Prerequisets

Use of this tool requires access to a user with the SeImpersonatePrivilege privilege, such as a compromised service account.

Usage

Run the server using the following command

ImpersonationPipeServer.exe {pipeName} {command}

About

Malicious named pipe server that impersonates connecting clients and executes arbitrary commands under their security context.

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

0 stars

Watchers

4 watching

Forks

0 forks
Report repository

Releases 1

v1.0 Latest
Feb 15, 2024

Packages

No packages published

Languages