Token Impersonation

Token Impersonation Attack

Token Impersonation is a way of impersonating a user access token, allowing you to effectively take over the user without even needing to know the user’s password. Subsequently, attackers are currently using this in the wild as a way to escalate privileges and move laterally across the network. However, without proper mitigation in place, it is relatively easy to perform. The one caveat is that a token impersonation attack is a post-exploitation attack. This…

Scroll to top