aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--Exfiltration/Invoke-TokenManipulation.ps14
1 files changed, 2 insertions, 2 deletions
diff --git a/Exfiltration/Invoke-TokenManipulation.ps1 b/Exfiltration/Invoke-TokenManipulation.ps1
index affbc20..c692299 100644
--- a/Exfiltration/Invoke-TokenManipulation.ps1
+++ b/Exfiltration/Invoke-TokenManipulation.ps1
@@ -140,13 +140,13 @@ Spawns cmd.exe using the token belonging to thread ID 500.
.EXAMPLE
-Get-Process lsass | Token-TokenManipulation -CreateProcess "cmd.exe"
+Get-Process wininit | Invoke-TokenManipulation -CreateProcess "cmd.exe"
Spawns cmd.exe using the primary token of LSASS.exe. This pipes the output of Get-Process to the "-Process" parameter of the script.
.EXAMPLE
-Get-Process lsass | Token-TokenManipulation -ImpersonateUser
+Get-Process wininit | Invoke-TokenManipulation -ImpersonateUser
Makes the current thread impersonate the lsass security token.
generated by cgit v1.2.3 (git 2.39.1) at 2025-05-26 04:51:12 +0000