You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
[short_descr]
A RunAs.exe clone with the ability to specify the password as an argument.
[/short_descr]
[long_descr]
Overview
This is a simple "RunAs.exe" clone that has the ability to specify a -p || --password flag. There has been several instances where I have not been in a fully interactive command prompt and have needed to use the runas.exe command. Mimikatz's sekurlsa::pth command is great, but obfuscating Mimikatz is not! Sometimes I just need a simple solution. Why bring a sledge hammer when all you need is a normal hammer? So, that's why I built RunAsPasswd. One day I hope to implement a -h | --hash mechanism for passing a NTLM hash, though I need to do a bit more research on how to actually implement that first.
Technical Details
This clone utilizies the CreateProcessWithLogonW Windows API and supports LOGON_NETCREDENTIALS_ONLY and the default (which I believe is LOGON_WITH_PROFILE). You can control which is used by passing with -n || --netonly flag. If the flag is provided, it with run the program with LOGON_NETCREDENTIALS_ONLY, else, the default.
Help & Changes
The program is fairly similar to the runas.exe command on Windows, just with a few minor changes. Flags are now passed in a unix stlye vs the windows /arg style, so /user: is now -u or --username
[/long_descr]
[image]
[/image]
[image]
[/image]
The text was updated successfully, but these errors were encountered:
[link]
https://github.com/Sq00ky/RunAsPasswd
[/link]
[tags]
windows, runas
[/tags]
[short_descr]
A RunAs.exe clone with the ability to specify the password as an argument.
[/short_descr]
[long_descr]
Overview
This is a simple "RunAs.exe" clone that has the ability to specify a
-p || --password
flag. There has been several instances where I have not been in a fully interactive command prompt and have needed to use therunas.exe
command. Mimikatz's sekurlsa::pth command is great, but obfuscating Mimikatz is not! Sometimes I just need a simple solution. Why bring a sledge hammer when all you need is a normal hammer? So, that's why I built RunAsPasswd. One day I hope to implement a-h | --hash
mechanism for passing a NTLM hash, though I need to do a bit more research on how to actually implement that first.Technical Details
This clone utilizies the
CreateProcessWithLogonW
Windows API and supportsLOGON_NETCREDENTIALS_ONLY
and the default (which I believe isLOGON_WITH_PROFILE
). You can control which is used by passing with-n || --netonly
flag. If the flag is provided, it with run the program withLOGON_NETCREDENTIALS_ONLY
, else, the default.Help & Changes
The program is fairly similar to the
runas.exe
command on Windows, just with a few minor changes. Flags are now passed in a unix stlye vs the windows /arg style, so /user: is now -u or --username[/long_descr]
[image]
![image](https://user-images.githubusercontent.com/98208035/236666739-00825ff3-d681-4f17-944c-12262f14e3f1.png)
[/image]
[image]
![image](https://user-images.githubusercontent.com/98208035/236666750-5faed842-3b2e-4f3e-b20f-5ec220a836de.png)
[/image]
The text was updated successfully, but these errors were encountered: