Incognito Integrated Into Metasploit
I just read a brilliant blog post on Carnal0wnage. Luke Jennings’ Incognito has been integrated into metasploit. Check out Luke’s recent paper if you missed it.
In a nutshell, if you get SYSTEM level access to a box (e.g. MSSQL database) and a domain user is logged into that box, then you can use meterpreter (or the original incongnito tools if your prefer) to impersonate that user. Equivalently, if you want to be a domain admin then find out where he is logged in, and if you can own that box, then you can become a domain admin.
CG walks you through exactly how to use new features of incognito. You might also want to check out his first post on this topic too.
Categories
- Blog (78)
- Cheat Sheets (10)
- Shells (1)
- SQL Injection (7)
- Contact (2)
- Site News (3)
- Tools (17)
- Audit (3)
- Misc (7)
- User Enumeration (4)
- Web Shells (3)
- Uncategorized (3)
- Yaptest (15)
- Front End (1)
- Installing (2)
- Overview (2)
- Using (8)
Leave a Reply
You must be logged in to post a comment.