Pinjector is a security tool that allows users to execute applications in the context
of other users. This tool is used most times in penetration tests to inject code
into the logged admin or domain admin process and spawn a shell with their credentials.
This tool was originally released at the NoConName Security congress
This tool will list all the process and the asocciated owner and spawn a shell on
the selected target.
pinjector calls the api
CreateRemoteThread to execute a new threaded proccess that will execute
an static bindshell code. The new proccess will inherit the user token so, after
connection to the bindshell port ( port 8080 by default ), the new shell will have
the new privileges.
The High quality video that shows how to use pinjector is available here for
Honestly i can´t imagine a penetration test without using this tool, as every time
a new computer is accesed, there is a high change that the logged user is able to
grant you access to more hosts.
We are currently working on a new version that is able to inject into remote threads
by suspending the thread and changing their context. This is needed because some
times there are threads running as another user but you cant inject code into the
running process. You can also browse online the
Usage Information: Privilege Switcher for Win32(Private version)
(c) 2006 Andres Tarasco - [email protected]