MP4 | Video: h264, 1280x720 | Audio: AAC, 44.1 KHz, 2 Ch
Genre: eLearning | Language: English | Duration: 17 Lectures ( 5h 5m ) | Size: 3 GB
Learn about windows access tokens
What you'll learn:
Learn about Windows access tokens
Token Enumeration
Adjusting privileges
Enumerating Vulnerable process, token handles
Taking advantage of SeDebug, SeImpersonate, SeTCBPrivileges
Requirements:
Basics of windows programming via any language can be good but not necessary
Description:
WHAT IS TOKEN?A process can be defined as instance of program running in memory.A thread is unit of execution of a process. a process can have any number of threads.An access token describes the security context of a process or thread.access token contains information about a user, user’s groups, user’s privileges, etc.LOGON PROCESSWinlogon.exe is responsible for providing interface for user to enter credentials.lsass process loads authentication packages like MSV1_0, Kerberos etc from security dllswhen user enters credentials, winlogon.exe sends to lsass process by calling lsaregisterlogonprocess, lsalookupauthenticationpackage, lsalogonuserlsass then pass on creds to authentication packages functions. these will check sam database or domain controller if credentials are correct.if credentials are correct, lsass creates a logonsession and creates a token and run explorer.exeUSAGE OF ACCESS TOKENSAccess tokens are checked aganist the object the process/thread trying to access.If user is trying to access a file, his token is being check aganist the file. if the ace of file allows the user to read the file then user is allowed access to the file.tokens also contains some special privileges like seshutdownprivilege, sedebugprivilege etc.these privileges allows user to perform certain actions without any restrictions.Eg: if we have sedebugprivilege, we can open handle to any process regardless of our permissions. “Programmers, testers” might have this privilege in an organisation.access tokens can be classified into PRIMARY TOKEN, IMPERSONATION TOKENIf this looks interesting to you then why not try it?
