NTLM BITS SYSTEM Token Impersonation Exploit
This Metasploit module exploit BITS behavior which tries to connect to the local Windows Remote Management server WinRM every times it starts. The module launches a fake WinRM server which listen on port 5985 and triggers BITS. When BITS starts, it tries to authenticate to the Rogue WinRM server,...