Start Process with Token

Description

Start Process with Token

Overview

This script pulls a token from the TokenManager (e.g. SYSTEM) and uses that token to run a command.

Arguments

Parameter Type Description
TokenName string The name of the token to use to spawn the child process.
Filepath string The name or path to the executable to run.
Arguments string Commandline arguments to the process.

Dependencies

  • credentials

Operating Systems

  • Windows

Example Text

CommandLine    : C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -Command "whoami | Out-File C:\Users\helpdesk\Desktop\test.txt"
IntegrityLevel : System
PID            : 7620
PPID           : 14196
Name           : powershell.exe
Path           : C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
Username       : NT AUTHORITY\SYSTEM
Bitness        : x64
Scroll to Top