In token impersonation, we grab a Kerberos token on the target’s machine and then use it in place of authentication to assume the identity of the user that originally created that token. Token impersonation is very beneficial for penetration tests and can be one of Meterpreter’s most powerful features.
Consider the following scenario, for example: You’re performing a penetration test at your organization, and you successfully compromise the system and establish a Meterpreter console. A domain administrator account has logged on within the last 13 hours. When this account logs on, a Kerberos token is passed to the server (single sign-on) and is valid for a certain period of time. You exploit this system via the valid and active Kerberos token, and through Meterpreter you successfully assume the role of a domain administrator, without needing the password. Then you hack a domain administrator account or go after a domain controller. This is probably one of the easiest ways to gain access into a system and just another example of why Meterpreter is so useful.