YoVDO

Battle of Windows Service - A Silver Bullet to Discover File Privilege Escalation Bugs Automatically

Offered By: Black Hat via YouTube

Tags

Black Hat Courses Web Security Courses Windows Internals Courses

Course Description

Overview

Explore a groundbreaking technique for automatically discovering file privilege escalation bugs in Windows services in this 21-minute Black Hat conference talk. Delve into the methodology developed by a web security researcher with minimal initial knowledge of Windows internals. Learn about the analysis of Advanced Local Procedure Call (ALPC), the identification of new attack surfaces, and the implementation of hot patches to transform process monitoring into a command-line tool for detecting sensitive operations. Gain insights into the inner workings of this innovative system that combines various elements to automate the discovery of file privilege escalation vulnerabilities. Follow the presenter's journey from historical bug analysis to the development of a powerful tool for enhancing Windows security.

Syllabus

Introduction
About the talk
Agenda
Logical Privileges
System Service Operations
Protocol Sequences
LPC Interfaces
LowHanging Fruits
Case Study 1
STL
System Token
Process
How it will exploit
Installer Service
Function List
New Bag
Testing
Repair
Attack Power
Sand Art
Canvas Users Token
Windows Defender Service
Virus Removal
System Service
Jim Salvaggio


Taught by

Black Hat

Related Courses

Attack on Titan M, Reloaded - Vulnerability Research on a Modern Security Chip
Black Hat via YouTube
Attacks From a New Front Door in 4G & 5G Mobile Networks
Black Hat via YouTube
AAD Joined Machines - The New Lateral Movement
Black Hat via YouTube
Better Privacy Through Offense - How to Build a Privacy Red Team
Black Hat via YouTube
Whip the Whisperer - Simulating Side Channel Leakage
Black Hat via YouTube