HIP19: whoami priv - show me your privileges and I will lead you to SYSTEM - A. Pierini
whoami priv - show me your privileges and I will lead you to SYSTEM by Andrea Pierini
https://hackinparis.com/talks/#talk-2019-whoami-priv-show-me-your-privileges-and-i-will-lead-you-to-system
On Windows systems, users can be given special privileges. Some of these, if appropriately abused can lead to elevation of privileges to become SYSTEM.
In this talk, I will explain what the privileges and tokens are, how to get them, and based on their characteristics, identify some possible paths for Privilege Escalation via "Windows Privilege abusing" & "Token manipulation" .
Particular attention will be devoted to the privileges “SeImpersonate” and “SeAssignPrimary” which, combined with the “Rotten Potato” exploit and our subsequent research, the “Juicy Potato”, have proved to be “Golden Privilege”
Видео HIP19: whoami priv - show me your privileges and I will lead you to SYSTEM - A. Pierini канала Hack in Paris
https://hackinparis.com/talks/#talk-2019-whoami-priv-show-me-your-privileges-and-i-will-lead-you-to-system
On Windows systems, users can be given special privileges. Some of these, if appropriately abused can lead to elevation of privileges to become SYSTEM.
In this talk, I will explain what the privileges and tokens are, how to get them, and based on their characteristics, identify some possible paths for Privilege Escalation via "Windows Privilege abusing" & "Token manipulation" .
Particular attention will be devoted to the privileges “SeImpersonate” and “SeAssignPrimary” which, combined with the “Rotten Potato” exploit and our subsequent research, the “Juicy Potato”, have proved to be “Golden Privilege”
Видео HIP19: whoami priv - show me your privileges and I will lead you to SYSTEM - A. Pierini канала Hack in Paris
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
RomHack 2018 - show me your Windows privileges and I will lead you to SYSTEM - Pierini
The surprising secret to speaking with confidence | Caroline Goyder | TEDxBrixton
SANS Webcast: Pen Testing with PowerShell - Local Privilege Escalation Techniques
HIP19: DPAPI and DPAPI-NG Decrypting All Users’ Secrets and PFX Passwords - P. Januskiewicz
Elevating your Windows Privileges Like a Boss! - Jake Williams
The Memory Sinkhole - Unleashing An X86 Design Flaw Allowing Universal Privilege Escalation
HIP19: Introduction to IoT Reverse Engineering - V. Di Giampietro
How to use the CAGED system to play a SOLO
DEF CON 25 - Gil Cohen - Call the plumber: You have a leak in your named pipe
5 Lessons To Live By - Dr. Wayne Dyer (Truly Inspiring)
Introduction to Website Administration
Hack In Paris 2019 video
Privilege Escalation FTW
HIP19: In NTDLL I Trust - Process Reimaging and Endpoint Security Solution Bypass - E. Carroll
Virtual Session: GDPR without the Hype
HIP17 - Talk 04 - The forgotten interface: Windows named pipes by GIL COHEN
HIP19: You « try » to detect mimikatz - V. Le Toux
TryHackMe GAMING SERVER - LXD Privilege Escalation
Level Up! Practical Windows Privilege Escalation - Andrew Smith
The story of 'Oumuamua, the first visitor from another star system | Karen J. Meech