mirror of
https://github.com/Aryma-f4/Ares-mythic.git
synced 2026-06-12 22:54:11 +00:00
03d283cf49
This commit renames the Apollo payload type to Ares, moving all associated files and updating documentation accordingly. The change includes: - Renaming directories from `apollo` to `ares` - Updating documentation image references - Maintaining the same code functionality while changing the payload name - Adding new Ares-specific documentation files - Removing old Apollo documentation files The rename is done to reflect the new payload name while preserving all existing functionality.
28 lines
647 B
Markdown
28 lines
647 B
Markdown
+++
|
|
title = "printspoofer"
|
|
chapter = false
|
|
weight = 103
|
|
hidden = false
|
|
+++
|
|
|
|
{{% notice info %}}
|
|
Artifacts Generated: Process Create, Process Inject, Process Kill
|
|
{{% /notice %}}
|
|
|
|
## Summary
|
|
Inject a [printspoofer](https://github.com/itm4n/PrintSpoofer) DLL to execute a given command as SYSTEM. This will only succeed if the user has `SE_IMPERSONATE` privileges.
|
|
|
|
This DLL is injected with respect to the current injection technique, and spawns a sacrificial process designated by the `spawnto_*` commands.
|
|
|
|
## Usage
|
|
```
|
|
printspoofer [printspoofer args]
|
|
```
|
|
|
|
## MITRE ATT&CK Mapping
|
|
|
|
- T1547
|
|
|
|
## References
|
|
|
|
- https://github.com/itm4n/PrintSpoofer |