Elevating your Windows Privileges Like a Boss! - Jake Williams
24,991
Published 2019-12-12
Description: Local privilege escalation on Windows is becoming increasingly difficult. Gone are the days when you could just easily exploit the Windows kernel. Multiple controls (KASLR, DEP, SMEP, etc.) have made kernel mode exploitation of the bugs that are discovered much more difficult. In this talk, we'll discuss multiple opportunities for privilege escalation including using COM objects, DLL side loading, and various privileges assigned to user accounts. Bring a Windows 10 VM. We'll have instructions available for recreating the scenarios demonstrated in the talk.
Rendition InfoSec: renditioninfosec.com/
Wild West Hackin' Fest Socials
Twitter: twitter.com/wwhackinfest
LinkedIn: www.linkedin.com/company/wild-west-hackin-fest/
Wild West Hackin' Fest Shirts & Hoodies
spearphish-general-store.myshopify.com/collections…
Backdoors & Breaches - Incident Response Card Game
Backdoors & Breaches: www.backdoorsandbreaches.com/
Play B&B Online: play.backdoorsandbreaches.com/
Antisyphon Training
Pay What You Can: www.antisyphontraining.com/pay-what-you-can/
Live Training: www.antisyphontraining.com/course-catalog/
On Demand Training: www.antisyphontraining.com/on-demand-course-catalo…
Educational Infosec Content
Wild West Hackin' Fest YouTube: youtube.com/wildwesthackinfest
Active Countermeasures YouTube: youtube.com/activecountermeasures
Antisyphon Training YouTube: youtube.com/antisyphontraining
#infosec #wwhf
All Comments (8)
-
God damn man, this is the best info sec stand-up show i ever saw. This guy have a good sense of humor.
-
Wonderfully informative. Thank you!
-
Very nice! I Really did learn some things there.
-
Very informative man!
-
Thanks
-
Comment about subinacls vs powershell. I think if one pipes the output of Get-ACL to ConvertFromSddlString it will display in a more readable format
-
Presentation: Windows Privileges Escalation
Laptop: Apple Macbook