Created
May 7, 2015 08:18
-
-
Save hacksysteam/d98b987227e74ac32883 to your computer and use it in GitHub Desktop.
Token Stealing Using WinDBG
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
kd> !process 83dbb020 1 | |
PROCESS 83dbb020 SessionId: none Cid: 0004 Peb: 00000000 ParentCid: 0000 | |
DirBase: 00185000 ObjectTable: 87801c98 HandleCount: 481. | |
Image: System | |
VadRoot 84b33cd8 Vads 8 Clone 0 Private 4. Modified 67365. Locked 64. | |
DeviceMap 87808a38 | |
Token 878013e0 | |
ElapsedTime <Invalid> | |
UserTime 00:00:00.000 | |
. . . |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment