Suborner - The Invisible Account Forger

What's this?

A simple program to create a Windows account you will only know about :)

• Create invisible local accounts without net user or Windows OS user management applications (e.g. netapi32::netuseradd)
• Works on all Windows NT Machines (Windows XP to 11, Windows Server 2003 to 2022)
• Impersonate through RID Hijacking any existing account (enabled or disabled) after a successful authentication

Create an invisible machine account with administrative privileges, and without invoking that annoying Windows Event Logger to report its creation!

Where can I see more?

Released at Black Hat USA 2022: Suborner: A Windows Bribery for Invisible Persistence

• Blogpost: R4WSEC - Suborner: A Windows Bribery for Invisible Persistence
• Demo: YouTube - Suborner: Creation of Invisible Account on Windows 11
• Slides - HITB Singapore Main Track - Suborner Slides

How can I use this?

Build

• Make sure you have .NET 4.0 and Visual Studio 2019
• Clone this repo: git clone https://github.com/r4wd3r/Suborner/
• Open the .sln with Visual Studio
• Build x86, x64 or both versions
• Bribe Windows!

Release

Download the latest release and pwn!

Usage

AWS User Management

Introduction In order to keep your AWS environment secure while allowing your users to properly utilize resources, you must ensure that users are correctly created with proper permissions. Also, you must monitor your environment to ensure that unauthorized access does not occur and accounts are up to date. User Account Creation and Management AWS IAM […]

The post AWS User Management appeared first on Infosec Resources.

---

AWS User Management was first posted on September 30, 2020 at 1:24 pm.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com