Description: Slides - https://www.defcon.org/images/defcon-18/dc-18-presentations/Cerrudo/DEFCON-18-Cerrudo-Token-Kidnapping-Revenge.pdf Extra - https://www.defcon.org/images/defcon-18/dc-18-presentations/Cerrudo/Extras/TokenKidnapping%27sRevenge-Exploits.zip White Paper - https://www.defcon.org/images/defcon-18/dc-18-presentations/Cerrudo/DEFCON-18-Cerrudo-Token-Kidnapping-Revenge-WP.pdf The patch properly fixed the issues but... This new presentation will detail new design mistakes and security issues that can be exploited to elevate privileges on all Windows versions including the brand new Windows 2008 R2 and Windows 7. These new attacks allow to bypass new Windows services protections such as Per service SID, Write restricted token, etc. It will be demonstrated that almost any process with impersonation rights can elevate privileges to Local System account and completely compromise Windows OSs. While the issues are not critical in nature since impersonation rights are required, they allow to exploit services such as IIS 6, IIS 7, SQL Server, etc. in some specific scenarios. Exploits code for those services will be released. The presentation will be given in a very practical way showing how the new issues were found, with what tools, techniques, etc. allowing the participants to learn how to easily find these kind security issues in Windows operating systems
Tags: securitytube , defcon , def con , hacking , hackers , information security , convention , computer security , DC 18 , defcon-18 , dc-18 ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.