Token Kidnapping (revisited)

Posted on October 16, 2008 by Dominick Baier

It’s been a while since I linked to Cesar Cerrudo’s slide deck about token kidnapping. Now there is also a POC available (with samples how to use it from SQL Server and IIS).

There is also some movement at MS now…(here, here)

Quoting from the recommendations page of the original slide deck:

  • Windows XP and 2003
    • On IIS 6 don’t run ASP .NET in full trust and if classic ASP is enabled don’t allow users to execute binaries
  • On Windows Vista and 2008
    • On IIS 7 don’t run ASP .NET in full trust or don’t run web sites under NetworkServer or LocalService accounts
    • Don’t run services under NetworkService or LocalService accounts
      • Use regular user accounts to run services
This entry was posted in Uncategorized. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s