Az - Pass the Cookie

Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)

Support HackTricks

Check the subscription plans!
Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live.
Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.

Kwa Nini Cookies?

Cookies za kivinjari ni mekanizma nzuri ya kupita uthibitisho na MFA. Kwa sababu mtumiaji tayari amejiandikisha katika programu, cookie ya kikao inaweza kutumika tu kupata data kama mtumiaji huyo, bila kuhitaji kujiandikisha tena.

Unaweza kuona ambapo cookies za kivinjari ziko katika:

Browser ArtifactsHackTricks

Shambulio

Sehemu ngumu ni kwamba cookies hizo zimefungwa kwa mtumiaji kupitia Microsoft Data Protection API (DPAPI). Hii imefungwa kwa kutumia funguo za kikazi zinazohusiana na mtumiaji ambao cookies zinahusiana nazo. Unaweza kupata maelezo zaidi kuhusu hii katika:

DPAPI - Extracting PasswordsHackTricks

Kwa Mimikatz mkononi, naweza kutoa cookies za mtumiaji ingawa zimefungwa kwa amri hii:

mimikatz.exe privilege::debug log "dpapi::chrome /in:%localappdata%\google\chrome\USERDA~1\default\cookies /unprotect" exit

Kwa Azure, tunajali kuki za uthibitishaji ikiwemo ESTSAUTH, ESTSAUTHPERSISTENT, na ESTSAUTHLIGHT. Hizi zipo kwa sababu mtumiaji amekuwa hai kwenye Azure hivi karibuni.

Tu naviga kwenye login.microsoftonline.com na ongeza kuki ESTSAUTHPERSISTENT (iliyoundwa na chaguo la "Stay Signed In") au ESTSAUTH. Na utathibitishwa.

Marejeleo

https://stealthbits.com/blog/bypassing-mfa-with-pass-the-cookie/

Support HackTricks

Angalia mpango wa usajili!
Jiunge na 💬 kikundi cha Discord au kikundi cha telegram au fuata sisi kwenye Twitter 🐦 @hacktricks_live.
Shiriki mbinu za udukuzi kwa kuwasilisha PRs kwa HackTricks na HackTricks Cloud repos za github.

PreviousAz - Local Cloud Credentials NextAz - Pass the Certificate

Last updated 8 days ago