Battle of Windows Service: A Silver Bullet to Discover File Privilege Escalation Bugs Automatically

Дата: 15.01.2020. Автор: CISOCLUB. Категории: Подкасты и видео по информационной безопасности

In this presentation, I will start from a historical bug analysis, then share the methodology about how I start this work with minimum knowledge as a web security researcher and knowing little about windows internal.

I will explain the inner working of this technique about how I analyzed Advanced Local Procedure Call (ALPC), found new attack surfaces, and did some hot patches to make process monitor a command line tool to detect sensitive operation, make them combined together in a system, which could discover file privilege escalation bugs automatically.

By: Wenxu Wu

Full Abstract & Presentation Materials:

Об авторе CISOCLUB

Редакция CISOCLUB. Официальный аккаунт. CISOCLUB - информационный портал и профессиональное сообщество специалистов по информационной безопасности.
Читать все записи автора CISOCLUB

Добавить комментарий

Ваш адрес email не будет опубликован.