Gray Hat Hacking, Second Edition, 2nd Edition

Tools for Analyzing Access Control Configurations

With the concept introduction out of the way, we’re getting closer to the fun stuff. Before we can get to the attacks, however, we must build up an arsenal of tools capable of dumping access tokens and security descriptors. As usual, there’s more than one way to do each task. All the enumeration we’ve shown in the figures so far was done with free tools downloadable from the Internet. Nothing is magic in this chapter or in this book. We’ll demonstrate each tool we used earlier, show you where to get them, and show you how to use them.

Dumping the Process Token

The two easiest ways to dump the access token of a process or thread are Process Explorer and the! token debugger command. Process Explorer ...

Get Gray Hat Hacking, Second Edition, 2nd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Gray Hat Hacking, Second Edition, 2nd Edition by Shon Harris, Allen Harper, Chris Eagle, Jonathan Ness

Tools for Analyzing Access Control Configurations

Dumping the Process Token

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly