|
Title: Question - Using Token Impersonization in PWB Course Post by: blueaxis on May 18, 2012, 10:22:39 AM Happy Friday!
I was reading the "Metasploit: The Penetration Tester's Guide" and discovered some new techniques to compromise systems or escalate privileges (such as token impersonization). However they used Metasploit modules for it. Since PWB course doesn't permit Metasploit how could we achieve the same effect with what is allowed to us. Please let me know your thoughts and feedback on this. Thanks all. Title: Re: Question - Using Token Impersonization in PWB Course Post by: hayabusa on May 18, 2012, 10:31:31 AM Well, PWB doesn't allow Metasploit to be used against EVERY exam target, but against specific boxes, it was allowed (at least when I took it.) You'll learn that in the exam docs...
That said, many Metasploit modules are just front ends to other, existing exploits. Your job is either to A.) figure out how to port and use the same exploits outside of MSF, or B.) understand what it's doing, and find another tool or method to accomplish it. I can tell you that, while MSF is permissible on specific exam machines, I didn't use it on ANY when I passed the exam. That said, though, without more specific details about the various things you want to accomplish (I know you mentioned token impersonization, and offhand, I don't recall any scenario in the PWB labs, even, where I needed MSF for that,) it's hard to point you towards other tools. Title: Re: Question - Using Token Impersonization in PWB Course Post by: cd1zz on May 19, 2012, 11:53:11 AM Like hayabusa mentioned, metasploit modules are usually just exploits that have been ported. The one you asked about is based on this paper http://packetstorm.igor.onlinedirect.bg/papers/presentations/mwri_security-implications-of-windows-access-tokens_2008-04-14.pdf
You could use the original tool instead of the meterpreter module (incognito)....see what we mean?
Powered by SMF 1.1.18 |
SMF © 2013, Simple Machines
Joomla Bridge by JoomlaHacks.com |