Backdoorplz, a privilege escalation tool for Windows

Security pentester Jean Maes published a tool on Github called Backdoorplz.

Backdoorplz [1] is a portable executable (PE) file that creates a user (“LegitAdmin” with password “Backdoor123!”) on a Windows device and adds it to the local administrators group of granting administrator privileges to the user.
The command is done by making win32 API calls on the system.


Backdoorplz can be deployed by running directly the executable or injecting its DLL version on a legitimate program on the target device. This tool could be leveraged by adversaries to gain higher-level permissions on a system or network.


Related posts

  1. Red Commander: open source Red Team C2 Infrastructure
  2. Pen Test Partners: Boeing 747 walk through, from a hacker’s perspective
  3. SIGRed: a 17-year-old wormable vulnerability in Windows DNS server
  4. Using .lnk files as zero-touch downloaders
  5. How to monitor battery healt and optimize power consumption on Windows 10 laptops without additional softwares