hacksysteam/token_stealing_3.raw

## token_stealing_3.raw
kd> !process 83dbb020 1
PROCESS 83dbb020  SessionId: none  Cid: 0004    Peb: 00000000  ParentCid: 0000
    DirBase: 00185000  ObjectTable: 87801c98  HandleCount: 481.
    Image: System
    VadRoot 84b33cd8 Vads 8 Clone 0 Private 4. Modified 67365. Locked 64.
    DeviceMap 87808a38
    Token                             878013e0
    ElapsedTime                       <Invalid>
    UserTime                          00:00:00.000
    . . .
	kd> !process 83dbb020 1
	PROCESS 83dbb020 SessionId: none Cid: 0004 Peb: 00000000 ParentCid: 0000
	DirBase: 00185000 ObjectTable: 87801c98 HandleCount: 481.
	Image: System
	VadRoot 84b33cd8 Vads 8 Clone 0 Private 4. Modified 67365. Locked 64.
	DeviceMap 87808a38
	Token 878013e0
	ElapsedTime <Invalid>
	UserTime 00:00:00.000
	. . .