////////////////////////////////////////////////////////////////////////////////
//
////////////////////////////////////////////////////////////////////////////////
private static void _CloneToken(bool remote, int processID, string command, IntPtr hToken)
{
if (!remote)
{
Console.WriteLine("[-] Unable to identify Process ID");
return;
}
if (!string.IsNullOrEmpty(command))
{
if (!remote)
{
Console.WriteLine("[-] Unable to parse {0}", command);
}
}
using (TokenManipulation t = new TokenManipulation(hToken))
{
if (!t.OpenProcessToken(processID))
{
return;
}
t.SetWorkingTokenToRemote();
if (!t.DuplicateToken(Winnt._SECURITY_IMPERSONATION_LEVEL.SecurityDelegation))
{
Console.WriteLine("[-] Unable to Duplicate with Delegation, attempting Impersonation");
if (!t.DuplicateToken(Winnt._SECURITY_IMPERSONATION_LEVEL.SecurityImpersonation))
{
return;
}
}
if (!t.AssignPrimaryToken())
{
return;
}
}
}