π 02 - Impersonation
Overview
Impersonation is the act of a process or a user capturing the security context of another user to perform actions on their behalf. Often involving tokens or cookies in some system or specific security context.
Note: It is important to differentiate Impersonation and Privilege Escalation. While Privesc often focus on looking for system misconfigurations and vulnerabilities, Impersonation on the other hand looking for active user sessions and also sometimes system misconfigurations to steal the targetβs identity and act on their behalf. This leads to sometimes these two concepts overlap, for example exploiting a
Potato Attackmeans using Impersonation to achieve Privilege Escalation.
π§ Techniques
TABLE creation_date AS "Created"
FROM "05 - Content"
WHERE contains(secondary, this.file.link) AND contains(tags, "π§ ")
SORT file.name ASCπ οΈ Tools
TABLE creation_date AS "Created"
FROM "05 - Content"
WHERE contains(secondary, this.file.link) AND contains(tags, "π οΈ")
SORT file.name ASCπ© Related CTF Operations
TABLE difficulty
FROM "05 - Content"
WHERE contains(secondary, this.file.link) AND contains(tags, "π©")
SORT file.name ASC