Udemy – Windows Access Tokens for Red Teamers
English | Tutorial | Size: 2.97 GB
Learn about windows access tokens
WHAT IS TOKEN?
A process can be defined as instance of program running in memory.
A thread is unit of execution of a process. a process can have any number of threads.
An access token describes the security context of a process or thread.
access token contains information about a user, user’s groups, user’s privileges, etc.
LOGON PROCESS
Winlogon.exe is responsible for providing interface for user to enter credentials.
lsass process loads authentication packages like MSV1_0, Kerberos etc from security dlls
when user enters credentials, winlogon.exe sends to lsass process by calling lsaregisterlogonprocess, lsalookupauthenticationpackage, lsalogonuser
lsass then pass on creds to authentication packages functions. these will check sam database or domain controller if credentials are correct.
if credentials are correct, lsass creates a logonsession and creates a token and run explorer.exe
USAGE OF ACCESS TOKENS
Access tokens are checked aganist the object the process/thread trying to access.
If user is trying to access a file, his token is being check aganist the file. if the ace of file allows the user to read the file then user is allowed access to the file.
tokens also contains some special privileges like seshutdownprivilege, sedebugprivilege etc.
these privileges allows user to perform certain actions without any restrictions.
Eg: if we have sedebugprivilege, we can open handle to any process regardless of our permissions. “Programmers, testers” might have this privilege in an organisation.
access tokens can be classified into PRIMARY TOKEN, IMPERSONATION TOKEN
If this looks interesting to you then why not try it?
RAPIDGATOR
rapidgator.net/file/930b7663735a692957de633757a0e357/Windows_Access_Tokens_for_Red_Teamers.part1.rar.html
rapidgator.net/file/ea9aeba5ca1e5f695c07ced25c6795bb/Windows_Access_Tokens_for_Red_Teamers.part2.rar.html
rapidgator.net/file/082b23c3d6b5edcf7ab66fa5fdc27186/Windows_Access_Tokens_for_Red_Teamers.part3.rar.html
rapidgator.net/file/94d93ffdbbf0874b985ffb95932b25aa/Windows_Access_Tokens_for_Red_Teamers.part4.rar.html
rapidgator.net/file/fa66feb7e647fb5c778752861168bd10/Windows_Access_Tokens_for_Red_Teamers.part5.rar.html
TURBOBIT
turbobit.net/f06dapvfejg8/Windows_Access_Tokens_for_Red_Teamers.part1.rar.html
turbobit.net/csw9eqhtb8hd/Windows_Access_Tokens_for_Red_Teamers.part2.rar.html
turbobit.net/jzv7vx8gdvdk/Windows_Access_Tokens_for_Red_Teamers.part3.rar.html
turbobit.net/9dkhdrwnywci/Windows_Access_Tokens_for_Red_Teamers.part4.rar.html
turbobit.net/cidcpe3gl8gk/Windows_Access_Tokens_for_Red_Teamers.part5.rar.html