Windows Access Tokens for Red Teamers
Posted on 04 Feb 05:56 | by BaDshaH | 1 views
Published 2/2024
Created by Naga Sai Nikhil
MP4 | Video: h264, 1280x720 | Audio: AAC, 44.1 KHz, 2 Ch
Genre: eLearning | Language: English | Duration: 17 Lectures ( 5h 5m ) | Size: 3 GB
Learn about windows access tokens
What you'll learn:
Learn about Windows access tokens
Token Enumeration
Adjusting privileges
Enumerating Vulnerable process, token handles
Taking advantage of SeDebug, SeImpersonate, SeTCBPrivileges
Requirements:
Basics of windows programming via any language can be good but not necessary
Description:
WHAT IS TOKEN?A process can be defined as instance of program running in memory.A thread is unit of execution of a process. a process can have any number of threads.An access token describes the security context of a process or thread.access token contains information about a user, user's groups, user's privileges, etc.LOGON PROCESSWinlogon.exe is responsible for providing interface for user to enter credentials.lsass process loads authentication packages like MSV1_0, Kerberos etc from security dllswhen user enters credentials, winlogon.exe sends to lsass process by calling lsaregisterlogonprocess, lsalookupauthenticationpackage, lsalogonuserlsass then pass on creds to authentication packages functions. these will check sam database or domain controller if credentials are correct.if credentials are correct, lsass creates a logonsession and creates a token and run explorer.exeUSAGE OF ACCESS TOKENSAccess tokens are checked aganist the object the process/thread trying to access.If user is trying to access a file, his token is being check aganist the file. if the ace of file allows the user to read the file then user is allowed access to the file.tokens also contains some special privileges like seshutdownprivilege, sedebugprivilege etc.these privileges allows user to perform certain actions without any restrictions.Eg: if we have sedebugprivilege, we can open handle to any process regardless of our permissions. "Programmers, testers" might have this privilege in an organisation.access tokens can be classified into PRIMARY TOKEN, IMPERSONATION TOKENIf this looks interesting to you then why not try it?
Who this course is for:
Red Teamers
Security Consultants
Malware Developers
Homepage
https://www.udemy.com/course/windows-access-tokens-for-red-teamers/
https://rapidgator.net/file/eb88d49b1a4a8ad24e739d6cc36507ea
https://rapidgator.net/file/7b2b65ccdc39219debcf5917401f0a71
https://rapidgator.net/file/4f31d21a823fa7daa47cc6acfa107bfd
https://rapidgator.net/file/557b04d21a0f554a74fe7b60f2b82536
https://nitroflare.com/view/D3E20C4B2E7E224
https://nitroflare.com/view/84370005580F91E
https://nitroflare.com/view/7AF0E7DF274A75F
https://nitroflare.com/view/28D16C6F5375C2A
https://ddownload.com/fhdf26z2sjlu
https://ddownload.com/fgg7gu1s91uy
https://ddownload.com/0yr0qa9kix2f
https://ddownload.com/80ri8afh97ja
Related News
System Comment
Information
Users of Visitor are not allowed to comment this publication.
Facebook Comment
Member Area
Top News