Microsoft Windows NtImpersonateAnonymousToken LPAC To Non-LPAC Privilege Escalation

Discussion in 'News Aggregator' started by Packet Storm, 12 Jan 2018.

  1. Packet Storm

    Packet Storm Guest

    On Microsoft Windows, when impersonating the anonymous token in an LPAC the WIN://NOAPPALLPKG security attribute is ignored leading to impersonating a non-LPAC token leading to privilege escalation.

    Continue reading...
     
    #1 Packet Storm, 12 Jan 2018
(You must log in or sign up to post here.)

Share This Page

Loading...