February 2018
Intermediate to advanced
426 pages
11h 3m
English
Incognito allows us to impersonate user tokens. It was first integrated into Metasploit first, then to Meterpreter. In this recipe, we will be covering Incognito and use cases.
Tokens are similar to web cookies. They are also similar to temporary keys, which allow us to enter the system and network without having to provide authentication details each time. Incognito exploits this by replaying that temporary key when asked to authenticate.There are two types of tokens: delegate and impersonate. delegate tokens are for interactive logins, whereas impersonate tokens are for noninteractive sessions.
Read now
Unlock full access