YoVDO

Windows Agentless C2 - Abusing the MDM Client Stack

Offered By: Ekoparty Security Conference via YouTube

Tags

Windows Security Courses Reverse Engineering Courses Mobile Device Management Courses Privilege Escalation Courses Command and Control Courses Windows Internals Courses Malware Development Courses Vulnerability Research Courses

Course Description

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore groundbreaking research on exploiting the Windows Mobile Device Management (MDM) stack to create an agentless Command and Control (C2) system in this conference talk from Ekoparty 2023. Delve into a comprehensive analysis of the MDM client architecture, protocols, components, and workflows, uncovering previously undisclosed vulnerabilities and attack vectors. Follow the speaker's journey in developing a custom C2 server, implementing MDM protocols, crafting malicious commands, and extending the MDM Client stack to support second-stage payloads. Learn how to exploit the MDM client architecture for remote device control, privilege escalation, security feature disabling, and arbitrary code deployment without traditional agent installation. Gain insights into innovative techniques for exploiting Windows features and discover potential defensive strategies against this emerging threat vector. Presented by Marcos Oviedo, an infosec professional specializing in Windows internals and reverse engineering, this talk aims to inspire further research and contribute to the information security field.

Syllabus

Windows Agentless C2: (Ab)using the MDM Client Stack - Marcos Oviedo - Ekoparty 2023


Taught by

Ekoparty Security Conference

Related Courses

Dal Reverse engineering alla stampa 3D
University of Naples Federico II via Federica
Rapid Manufacturing
Indian Institute of Technology Kanpur via Swayam
Generative Design for Industrial Applications
Autodesk via Coursera
Fundamentos de Ciberseguridad: un enfoque práctico
Inter-American Development Bank via edX
Functional And Conceptual Design
Indian Institute of Technology Madras via Swayam