From 5af0589e8f97aa49aef6bd083a00a4689c7553aa Mon Sep 17 00:00:00 2001
From: clymb3r <bialek.joseph@gmail.com>
Date: Mon, 4 Nov 2013 08:19:28 -0800
Subject: Updated Invoke-TokenManipulation help

---
 Exfiltration/Invoke-TokenManipulation.ps1 | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'Exfiltration/Invoke-TokenManipulation.ps1')

diff --git a/Exfiltration/Invoke-TokenManipulation.ps1 b/Exfiltration/Invoke-TokenManipulation.ps1
index affbc20..c692299 100644
--- a/Exfiltration/Invoke-TokenManipulation.ps1
+++ b/Exfiltration/Invoke-TokenManipulation.ps1
@@ -140,13 +140,13 @@ Spawns cmd.exe using the token belonging to thread ID 500.
 
 .EXAMPLE
 
-Get-Process lsass | Token-TokenManipulation -CreateProcess "cmd.exe"
+Get-Process wininit | Invoke-TokenManipulation -CreateProcess "cmd.exe"
 
 Spawns cmd.exe using the primary token of LSASS.exe. This pipes the output of Get-Process to the "-Process" parameter of the script.
 
 .EXAMPLE
 
-Get-Process lsass | Token-TokenManipulation -ImpersonateUser
+Get-Process wininit | Invoke-TokenManipulation -ImpersonateUser
 
 Makes the current thread impersonate the lsass security token.
 
-- 
cgit v1.2.3