Null offensive hacking hands-on training.

Proposed sessions for this event:

  • Windows Privilege Escalation Techniques by Riyaz Walikar
Note: The session details including schedule are available below.

Windows Privilege Escalation Techniques

Registrations open on June 14 at 00:00 AM and registrations close by June 22 2:00 PM or when the count reaches 55 (whichever happens first) .

You can register by clicking on the Register button and Confirming Registration on the next page.

Only the registered participants will be sent a confirmation email with the venue details. This email will be sent by Thursday June 22 10:00 PM.

After registration, if you realise you cannot make it to the session, please un-register yourself using the "Cancel Registration" button so that your seat can be given to someone else.

Please read the following instructions carefully. This will enable us to have a smooth, hassle free session.

Introduction:

This will be a completely hands on session on identifying and exploiting Logical flaws in Windows to perform privilege escalation attacks. At the end of this session, the participant will be able manually identify logical flaws in Windows Systems and learn how to elevate to administrator\SYSTEM privileges.

At a bare minimum, the following techniques will be covered:
1. Kernel/Third Party Software exploits
2. Scheduled Tasks / Startup scripts
3. Service Misconfigurations
4. Binary planting and DLL Preloading attacks
5. Windows registry misconfigurations/stored secrets
5. Passwords in files
6. Windows Installer misconfigurations
7. Memory and Disk forensics
8. hash passing/spraying
9. UAC Bypasses

Hardware Pre-requisites (Mandatory)

  • A system capable of running Virtual Box. You can test this by installing Virtual Box and creating a test VM.
  • Atleast 2 GB of RAM
  • Atleast 5 GB of free space on any drive.

Software Pre-requisites (Mandatory)

  • VirtualBox (Any version higher than 5.1.10). Please install this and come before the session. VMWare will not be supported.
  • Sysinternals Suite (https://technet.microsoft.com/en-in/sysinternals/bb545021.aspx)
  • FTK Imager Lite (http://accessdata.com/product-download/ftk-imager-lite-version-3.1.1)
  • mimikatz (https://github.com/gentilkiwi/mimikatz)
  • Python 2.7 (with pycrypto (pip install pycrypto))
  • hashcat (https://hashcat.net/hashcat/)
  • Password dictionary - rockyou.txt (Get this from Kali or any other Internet source)
Date Saturday June 24 2017
Chapter Bangalore
Registrations 52
Max Registrations 55
Event Type Invite Only
Start Time 09:30 AM
End Time 06:00 PM

Session Schedule

Name Speaker Start Time End Time Resources
Windows Privilege Escalation Techniques Riyaz Walikar 09:30 AM 06:00 PM

Venue


This is an invite only event. If you are selected you will receive further information via e-mail.