Abstract

This will be a completely hands on session on identifying and exploiting Logical flaws in Windows to perform privilege escalation attacks. At the end of this session, the participant will be able manually identify logical flaws in Windows Systems and learn how to elevate to administrator\SYSTEM privileges.

At a bare minimum, the following techniques will be covered:
1. Kernel/Third Party Software exploits
2. Scheduled Tasks / Startup scripts
3. Service Misconfigurations
4. Binary planting and DLL Preloading attacks
5. Windows registry misconfigurations/stored secrets
5. Passwords in files
6. Windows Installer misconfigurations
7. Memory and Disk forensics
8. hash passing/spraying
9. UAC Bypasses

Speaker

Kartik Lalan

Timing

Starts at Saturday January 19 2019, 11:00 AM. The sessions runs for about 5 hours.

Resources