A simple program to create a Windows account you will only know about 🙂
- Create invisible local accounts without
net useror Windows OS user management applications (e.g.
- Works on all Windows NT Machines (Windows XP to 11, Windows Server 2003 to 2022)
- Impersonate through RID Hijacking any existing account (enabled or disabled) after a successful authentication
Create an invisible machine account with administrative privileges, and without invoking that annoying Windows Event Logger to report its creation!
Where can I see more?
Released at Black Hat USA 2022: Suborner: A Windows Bribery for Invisible Persistence
- Blogpost: R4WSEC – Suborner: A Windows Bribery for Invisible Persistence
- Demo: YouTube – Suborner: Creation of Invisible Account on Windows 11
- Slides – HITB Singapore Main Track – Suborner Slides
How can I use this?
- Make sure you have .NET 4.0 and Visual Studio 2019
- Clone this repo:
git clone https://github.com/r4wd3r/Suborner/
- Open the .sln with Visual Studio
- Build x86, x64 or both versions
- Bribe Windows!
Download the latest release and pwn!
This attack would not have been possible without the great research done by:
- Benjamin Delpy (@gentilkiwi) and his outstanding Mimikatz
- The SecureAuth researchers behind Impacket
- Ben Ten @Ben0xA
- Infosec community!
Hack Suborn the planet!