sliver 'Spawn as' feature, similar to cobalt strike

feature: https://github.com/S1ckB0y1337/Cobalt-Strike-CheatSheet#miscellaneous https://www.youtube.com/watch?v=7jn1mG30YR4

runas [DOMAIN\user] [password] [command]- This runs a command as another user using their credentials. The runas command will not return any output. You may use runas from a non- privileged context though.

spawnas [DOMAIN\user] [password] [listener] - This command spawns a session as another user using their credentials. This command spawns a temporary process and injects your payload stage into it.

Apr 30 '23 14:04 fredericgoossens

runas [DOMAIN\user] [password] [command]- This runs a command as another user using their credentials. The runas command will not return any output. You may use runas from a non- privileged context though.

Pretty sure we have that already with the reworked runas command.

May 01 '23 15:05 rkervella

I tried to execute my same payload using the 'runas' command, which executes the payload as a different user. In theory, this should result in a new beacon from that user. But unfortunately, that didn't seem to be the case.

I will make another attempt tomorrow and provide more comprehensive information regarding this issue.

May 01 '23 15:05 fredericgoossens

Could be a bug in runas too.

May 01 '23 15:05 rkervella

Since this is windows specific, it's probably better to implement it as an extension.

Jul 12 '23 16:07 rkervella