Windows Privilege Escalation Techniques null Bangalore Humla 24 June 2017 Windows Privilege Escalation Techniques
Abstract
Windows Privilege Escalation Techniques
Introduction:
This will be a completely hands on session on identifying and exploiting Logical flaws in Windows to perform privilege escalation attacks. At the end of this session, the participant will be able manually identify logical flaws in Windows Systems and learn how to elevate to administrator\SYSTEM privileges.
At a bare minimum, the following techniques will be covered:
1. Kernel exploits
2. Design issues
3. Service Misconfigurations
4. Binary planting and DLL Preloading attacks
5. Windows registry misconfigurations/stored secrets
5. File and resource permission issues
6. Memory and Disk forensics
7. hash passing/spraying
8. UAC BypassesHardware Pre-requisites (Mandatory)
- A system capable of running Virtual Box. You can test this by installing Virtual Box and creating a test VM.
- Atleast 2 GB of RAM
- Atleast 5 GB of free space on any drive.
Software Pre-requisites (Mandatory)
- VirtualBox (Any version higher than 5.1.10). Please install this and come before the session. VMWare will not be supported.
- Sysinternals Suite (https://technet.microsoft.com/en-in/sysinternals/bb545021.aspx)
- FTK Imager Lite (http://accessdata.com/product-download/ftk-imager-lite-version-3.1.1)
- mimikatz (https://github.com/gentilkiwi/mimikatz)
- hashcat (https://hashcat.net/hashcat/)
- Password dictionary - rockyou.txt (Get this from Kali or any other Internet source)
Speaker
I like photography, stargazing, collecting stamps and fishing.
Timing
Starts at Saturday June 24 2017, 09:30 AM. The sessions runs for about 9 hours.