O'Reilly logo

BackTrack 5 Cookbook by David De Smet, Willie Pritchett

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Using impersonation tokens

In this recipe, we will impersonate another user on a network by using impersonation tokens. When a user logs in to a Windows system, they are given an access token as a part of their authenticated session. Token impersonation allows us to escalate our privileges by "impersonating" that user. A system account, for example, may need to run as a domain administrator to handle a specific task, and it generally relinquishes its elevated authority when done. We will utilize this weakness to elevate our access rights.

Getting ready

The following requirements need to be fulfilled:

  • A connection to the Internet or intranet is required to complete this task
  • A victim's target machine is also required

How to do it...

We begin our exploration ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required