Cubic

Here is a lovely but slightly redacted image: There's a lot going on here, so let me explain. First off, the Command Prompt is no ordinary Command Prompt. See the title bar of the window? 'cmd.exe' is running as NT AUTHORITY\SYSTEM, the most powerful user account in Windows, on my desktop as a child process of a non-elevated process via the assistance of a temporary NT System Service. A procedure that had never been done before May of 2021. I recommend reading this post (and watching the really cool video I made about it) if you haven't already done so. In short, we're already in completely uncharted territory on Windows. Since the parent process is running as NT AUTHORITY\SYSTEM, it is one step away from being able to create security tokens for other users without the user's credentials (i.e. without the user's password, biometrics, etc). The above command creates an elevated token for a user in the Administrators group from scratch, routes st...

Okay, I'm writing this post because I'm tired of hearing "There is [MULTIPLE]" spoken everywhere and figured I'd attempt to fix this particular pet peeve. "There is" or "There's" followed by a 'multiple' is incorrect English. Likewise, "There are" or the cringe-worthy "There're" followed by a 'singular' is also incorrect. Substituting "There's" when "There are" (or "There're") should be used is also incorrect. Let me provide an example: "There's no problems to report." No. You are wrong. "There ARE quite a few problems to report." Especially with your lack of decent English. Has everyone forgotten how to speak English properly? Knowing how to communicate with complete, properly formed sentences is the foundation of a stable, functional society. Congratulations! You are about to learn how to decide when to say IS vs. ARE, which...

I recently came up with a completely brand new way to start processes on Microsoft Windows that's never been done before. Specifically, starting a child process of a non-elevated user as a completely different user. For those who want to understand and learn new things, here's an in-depth video on how it all works: The video covers the complex topic of Microsoft Windows security objects, moves into looking at security objects with the CubicleSoft GetTokenInformation tool , trash talks Microsoft a few times, gets into a very brief demo of some major enhancements of the CubicleSoft CreateProcess command-line tool , and finally covers how the new enhancements to the CreateProcess command-line tool work under the hood. In the video though, I only briefly demo the CreateProcess tool. That may be a slight disservice to the work that was done. So in this post, I want to cover some of the really cool things that were hand-waved over. First off, did you know that an Administ...