.

Question - Using Token Impersonization in PWB Course

<<

blueaxis

Newbie
Newbie

Posts: 44

Joined: Fri Sep 09, 2011 9:20 am

Post Fri May 18, 2012 10:22 am

Question - Using Token Impersonization in PWB Course

Happy Friday!

I was reading the "Metasploit: The Penetration Tester's Guide" and discovered some new techniques to compromise systems or escalate privileges (such as token impersonization). However they used Metasploit modules for it. Since PWB course doesn't permit Metasploit how could we achieve the same effect with what is allowed to us. Please let me know your thoughts and feedback on this. Thanks all.
<<

hayabusa

User avatar

Hero Member
Hero Member

Posts: 1661

Joined: Mon Jan 29, 2007 2:59 pm

Post Fri May 18, 2012 10:31 am

Re: Question - Using Token Impersonization in PWB Course

Well, PWB doesn't allow Metasploit to be used against EVERY exam target, but against specific boxes, it was allowed (at least when I took it.)  You'll learn that in the exam docs...

That said, many Metasploit modules are just front ends to other, existing exploits.  Your job is either to A.) figure out how to port and use the same exploits outside of MSF, or B.) understand what it's doing, and find another tool or method to accomplish it.

I can tell you that, while MSF is permissible on specific exam machines, I didn't use it on ANY when I passed the exam.

That said, though, without more specific details about the various things you want to accomplish (I know you mentioned token impersonization, and offhand, I don't recall any scenario in the PWB labs, even, where I needed MSF for that,) it's hard to point you towards other tools.
~ hayabusa ~ 

"All men can see these tactics whereby I conquer, but what none can see is the strategy out of which victory is evolved." - Sun Tzu, 'The Art of War'


OSCE, OSCP , GPEN, C|EH
<<

cd1zz

User avatar

Recruiters
Recruiters

Posts: 566

Joined: Sun Oct 03, 2010 9:01 pm

Post Sat May 19, 2012 11:53 am

Re: Question - Using Token Impersonization in PWB Course

Like hayabusa mentioned, metasploit modules are usually just exploits that have been ported. The one you asked about is based on this paper http://packetstorm.igor.onlinedirect.bg ... -04-14.pdf

You could use the original tool instead of the meterpreter module (incognito)....see what we mean?

Return to Network Pen Testing

Who is online

Users browsing this forum: No registered users and 0 guests

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software