From 3e56980ecef776f69fc48827f7301926d6758c5c Mon Sep 17 00:00:00 2001
From: Jean-Pierre LESUEUR <jplesueur@phrozen.io>
Date: Fri, 25 Feb 2022 15:56:34 +0100
Subject: [PATCH] docs: update readme

---
 README.md | 40 +++++++++++++++++++++++++++++++++++++++-
 1 file changed, 39 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 9c9538a..f4172a2 100644
--- a/README.md
+++ b/README.md
@@ -28,7 +28,7 @@ If you don't want to use PowerShell Gallery, you can install and import this mod
 
 ## Usage
 
-⚠️ Both commands requires **Administrator Privilege**. 
+⚠️ All commands requires **Administrator Privilege**. 
 
 ### Invoke-SystemCommand
 
@@ -47,6 +47,8 @@ Create a new process (default: `powershell.exe`) running under the context of `N
 | Execute                 | String           | powershell.exe                                 | Program to execute as SYSTEM (Session `0`)  |
 | Argument                | String           | -Command "whoami \| Out-File C:\result.txt"    | Optional argument to run with program |
 
+⚠️ You cannot run this function if current thread is impersonating another user. Use `Invoke-RevertToSelf` first.
+
 ---
 
 ### Invoke-InteractiveSystemPowerShell
@@ -57,6 +59,42 @@ Invoke-InteractiveSystemPowerShell
 
 Create a new **PowerShell** instance running under the context of `NT AUTHORITY/SYSTEM` and visible on your desktop (active session)
 
+⚠️ You cannot run this function if current thread is impersonating another user. Use `Invoke-RevertToSelf` first.
+
+### Invoke-ImpersonateSystem
+
+```PowerShell
+Invoke-ImpersonateSystem
+```
+
+Impersonate **SYSTEM User** on current thread (current PowerShell thread) using **ImpersonateNamedPipeClient** technique.
+
+After impersonating user, you can use `Invoke-ImpersonatedProcess` to spawn an interactive process as SYSTEM.
+
+### Invoke-ImpersonatedProcess
+
+```PowerShell
+Invoke-ImpersonatedProcess
+```
+
+Create a new **PowerShell** instance running under the context of `NT AUTHORITY/SYSTEM` and visible on your desktop (active session)
+
+##### ⚙️ Supported Options:
+
+| Parameter               | Type             | Default                                        | Description  |
+|-------------------------|------------------|------------------------------------------------|--------------|
+| CommandLine             | String           | powershell.exe                                 | Program to execute as SYSTEM (Active Session)  |
+
+### Invoke-RevertToSelf
+
+```PowerShell
+Invoke-RevertToSelf
+```
+
+Stop impersonating user.
+
+⚠️ You cannot run this function if you are not currently impersonating a user. Use `Invoke-ImpersonateSystem` first.
+
 ## Future Ideas
 
 - Redirect Stdin and Stdout/Stderr to caller (Administrator <--> System).