Token Impersonation
Permissions: User Permissions
What are tokens?
Temporary Keys that allow you to access to a system/network without having to provide credentials each time you access a file.
Think cookies but in this case for computers.
Types of Tokens
Delegate Token - Create for logging into a machine or using Remote Desktop.
Impersonate Token - Basically is a "non-interactive". Such as attaching a network drive or a domain logon script.
Execution
Metasploit
Once you have a shell session open, type the following commands.
list_tokens -u // List's all the user tokens on a machine
load incognito // load the tool built-in metasploit
impersonate_token <domian>\\<user> // impersonate the user token
rev2self // if you have any problems executing programs like hashdump
Last updated