Az - Pass the Cookie

Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)

Support HackTricks

Check the subscription plans!
Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live.
Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.

Kwa Nini Cookies?

Cookies za kivinjari ni mekanizma nzuri ya kupita uthibitisho na MFA. Kwa sababu mtumiaji tayari amejiandikisha katika programu, cookie ya kikao inaweza kutumika tu kupata data kama mtumiaji huyo, bila kuhitaji kujiandikisha tena.

Unaweza kuona ambapo cookies za kivinjari ziko katika:

Shambulio

Sehemu ngumu ni kwamba cookies hizo zimefungwa kwa mtumiaji kupitia Microsoft Data Protection API (DPAPI). Hii imefungwa kwa kutumia funguo za cryptographic zinazohusishwa na mtumiaji ambao cookies zinahusiana nazo. Unaweza kupata maelezo zaidi kuhusu hii katika:

Kwa Mimikatz mkononi, naweza kutoa cookies za mtumiaji hata ingawa zimefungwa kwa amri hii:

mimikatz.exe privilege::debug log "dpapi::chrome /in:%localappdata%\google\chrome\USERDA~1\default\cookies /unprotect" exit

Kwa Azure, tunajali kuki za uthibitishaji ikiwemo ESTSAUTH, ESTSAUTHPERSISTENT, na ESTSAUTHLIGHT. Hizi zipo kwa sababu mtumiaji amekuwa hai kwenye Azure hivi karibuni.

Tu naviga kwenye login.microsoftonline.com na ongeza kuki ESTSAUTHPERSISTENT (iliyoundwa na chaguo la “Stay Signed In”) au ESTSAUTH. Na utathibitishwa.

Marejeo

https://stealthbits.com/blog/bypassing-mfa-with-pass-the-cookie/

Support HackTricks

Check the subscription plans!
Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live.
Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.

PreviousAz - Local Cloud Credentials NextAz - Pass the Certificate

Last updated 3 days ago