Suborner - The Invisible Account Forger

1 year ago 96
BOOK THIS SPACE FOR AD
ARTICLE AD

What's this?

A simple program to create a Windows account you will only know about :)

Create invisible local accounts without net user or Windows OS user management applications (e.g. netapi32::netuseradd) Works on all Windows NT Machines (Windows XP to 11, Windows Server 2003 to 2022) Impersonate through RID Hijacking any existing account (enabled or disabled) after a successful authentication

Create an invisible machine account with administrative privileges, and without invoking that annoying Windows Event Logger to report its creation!

Where can I see more?

Released at Black Hat USA 2022: Suborner: A Windows Bribery for Invisible Persistence

Blogpost: R4WSEC - Suborner: A Windows Bribery for Invisible Persistence Demo: YouTube - Suborner: Creation of Invisible Account on Windows 11 Slides - HITB Singapore Main Track - Suborner Slides

How can I use this?

Build

Make sure you have .NET 4.0 and Visual Studio 2019 Clone this repo: git clone https://github.com/r4wd3r/Suborner/ Open the .sln with Visual Studio Build x86, x64 or both versions Bribe Windows!

Release

Download the latest release and pwn!

Usage

Read Entire Article