HomeCalendarCertificationsColumnsFeaturesForumResourcesVitals
 
Image
 
linkedin_logo.png rss_logo.jpg
twitter_logo.png youtube_logo.jpg
Latest Additions
 
EH-Net Login
Welcome Guest.
Lost Password?
No account yet? Register
Who's Online
We have 40 guests and 1 member online
 
Advertisement

You are here: Home arrow Ethical Hacking Discussions and Related Certificationsarrow Network Pen Testingarrow Question - Using Token Impersonization in PWB Course
EH-Net
May 21, 2013, 06:43:12 AM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News: Go back to The Ethical Hacker Network Online Magazine Home Page
 
   Home   Help Calendar Login Register  
Pages: [1]   Go Down
« previous next »
  Print  
Author Topic: Question - Using Token Impersonization in PWB Course  (Read 2093 times)
0 Members and 1 Guest are viewing this topic.
blueaxis
Newbie
*
Offline Offline

Posts: 44


View Profile
« on: May 18, 2012, 10:22:39 AM »
Happy Friday!

I was reading the "Metasploit: The Penetration Tester's Guide" and discovered some new techniques to compromise systems or escalate privileges (such as token impersonization). However they used Metasploit modules for it. Since PWB course doesn't permit Metasploit how could we achieve the same effect with what is allowed to us. Please let me know your thoughts and feedback on this. Thanks all.
Logged
hayabusa
Hero Member
*****
Offline Offline

Posts: 1631



View Profile
« Reply #1 on: May 18, 2012, 10:31:31 AM »
Well, PWB doesn't allow Metasploit to be used against EVERY exam target, but against specific boxes, it was allowed (at least when I took it.)  You'll learn that in the exam docs...

That said, many Metasploit modules are just front ends to other, existing exploits.  Your job is either to A.) figure out how to port and use the same exploits outside of MSF, or B.) understand what it's doing, and find another tool or method to accomplish it.

I can tell you that, while MSF is permissible on specific exam machines, I didn't use it on ANY when I passed the exam.

That said, though, without more specific details about the various things you want to accomplish (I know you mentioned token impersonization, and offhand, I don't recall any scenario in the PWB labs, even, where I needed MSF for that,) it's hard to point you towards other tools.
Logged
~ hayabusa ~ 

"All men can see these tactics whereby I conquer, but what none can see is the strategy out of which victory is evolved." - Sun Tzu, 'The Art of War'

OSCE, OSCP , GPEN, C|EH
cd1zz
Hero Member
*****
Offline Offline

Posts: 561


View Profile WWW
« Reply #2 on: May 19, 2012, 11:53:11 AM »
Like hayabusa mentioned, metasploit modules are usually just exploits that have been ported. The one you asked about is based on this paper http://packetstorm.igor.onlinedirect.bg/papers/presentations/mwri_security-implications-of-windows-access-tokens_2008-04-14.pdf

You could use the original tool instead of the meterpreter module (incognito)....see what we mean?
Logged
OSCE | OSCP | GXPN | OSWP | CISSP
http://www.pwnag3.com
http://www.networkadminsecrets.com
Pages: [1]   Go Up
  Print  
« previous next »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.18 | SMF © 2013, Simple Machines
Joomla Bridge by JoomlaHacks.com 		Valid XHTML 1.0! Valid CSS!
Page created in 0.074 seconds with 22 queries.
 
Exclusive Deal

sansfire13_245x90_cw90.jpg
SANSFIRE 2013
June 15 - 22

5% Off w/ Code: EHN_5

SANS Deals 4 EH-Netters
5% OFF Any SANS Course in Any Format!
Coupon Code: EHN_5 Including SANS Rocky Mountain 2013 & SANS Boston 2013
Polls
Compared to this year, 2013 will be:
 
Recent Forum Topics
EH-Net News Feeds
Latest Additions
 
         
Advertisement

© 2013 The Ethical Hacker Network
Joomla! is Free Software released under the GNU/GPL License.