|
|
|
|
|
|
by AstralStorm
1250 days ago
|
|
|
You need an elevated token to inject code into (well written) protected applications as well, and sometimes even that might not be enough. Generally admins tend to be most worried about central databases or user visible services being compromised. Compromising an user account is a necessary step to get there, often enough. |
|
|
But whether you have an elevated token or not won’t make a difference in almost all cases.