lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Thu Jan 19 15:00:51 2006
From: davek_throwaway at hotmail.com (Dave Korn)
Subject: Re: Question for the Windows pros


Paul Schmehl wrote in news:5E610DD0DFACB633154F31E7@...59514.utdallas.edu

> This is incorrect.  The privilege exists *and* functions on the
> Workstation operating systems Win2000 SP4 *and* WinXP.  I have verified
> this through testing.

  Yes, there's nothing new about impersonation, it's been there all the way 
back to NT.

> I've already been there and read the page - several times.  I understand
> *in general* what an impersonation privilege is.  I need to know
> *specifically* what "server's clients" can be impersonated when this
> privilege is applied to an account.  So far, I've found nothing on the web
> that even attempts to address that issue.

> Unfortunately, it has not.  Again, I understand *in general* what
> impersonation is, how it works and what it can mean in terms of security.
>
> I am looking *specifically* for what a user who has the privilege
> Impersonate a client after authentication has the right to do.  Does it
> mean that *anything* that user runs runs under his/her privileges?  Does
> it mean only *local* processes are affected?  Does it mean a hacker can
> access the machine remotely and run under the user's privileges?
>
> IOW, if I have a domain account name "Joe", and I grant "Joe" this
> privilege, what is placed at risk?  The local machine he's logged in to?
> The entire domain?  Only certain services?  Saying it's a high risk (like
> ISS does) and then not defining *precisely* what the risks are is not
> helpful.

> And all I was really asking for is pointers to any white papers or
> conference presentations that even attempt to illuminate this issue.
>
> It's looking like there are none.

  The info is out there, but it's scattered across a combination of MSDN, 
WDJ, OSR and similar sources.

  I started writing a full explanation yesterday when you posted this.  I'll 
try and finish it off when I get home from work this evening.

    cheers,
      DaveK
-- 
Can't think of a witty .sigline today....

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ