all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

DEF CON 31 - #NoFilter Abusing Windows Filtering Platform for privilege escalation - Ron Ben Yizhak

Add to bookmarks
Sept. 15, 2023, 9:29 p.m. | DEFCONConference

DEFCONConference www.youtube.com

Privilege escalation is a common attack vector in the Windows OS.

Today, there are multiple offensive tools in the wild that can execute code as “NT AUTHORITY\SYSTEM” (Meterpreter, CobaltStrike, Potato tools), and they all usually do so by duplicating tokens and manipulating services in some way or another. This talk will show an evasive and undetected privilege escalation technique that abuses the Windows Filtering Platform (WFP). This platform processes network traffic and allow configuring filters that permit or block communication. …

abusing attack attack vector authority ben cobaltstrike code con def def con def con 31 escalation meterpreter nofilter offensive platform privilege privilege escalation ron services system today tokens tools windows windows filtering platform windows os

Visit resource

More from www.youtube.com / DEFCONConference

DEF CON 31 DCGVR Village - Allen Baranov -What Is A GRC Hacker 1 month ago | www.youtube.com
con def def con def con 31 +5
DEF CON 31 - There Are No Mushroom Clouds in Cyberwar - Mieke Eoyang 7 months, 2 weeks ago | www.youtube.com
clouds con conflict culture +20
DEF CON 31 - A Broken Marriage Abusing Mixed Vendor Kerberos Stacks - Ceri Coburn 7 months, 2 weeks ago | www.youtube.com
abusing active directory authority con +19
DEF CON 31 - Contactless Overflow Code Execution in Payment Terminals & ATMs - Josep … 7 months, 2 weeks ago | www.youtube.com
atm atms code code execution +20
DEF CON 31 - The GitHub Actions Worm - Asi Greenholts 7 months, 2 weeks ago | www.youtube.com
actions attacker attackers con +14
DEF CON 31 - Defeating VPN Always On - Maxime Clementz 7 months, 2 weeks ago | www.youtube.com
access always on attack attack surface +22
DEF CON 31 Car Hacking Village - Automotive USB Fuzzing - Euntae Jang, Donghyon Jeong, … 7 months, 2 weeks ago | www.youtube.com
automotive automotive industry car car hacking +17
DEF CON 31 - Contextualizing The Vulkan Leaks & State Sponsored Offensive Ops - Joe … 7 months, 2 weeks ago | www.youtube.com
analysis con def def con +17
DEF CON 31 Car Hacking Village - Abusing CAN Bus Spec for DoS in Embedded … 7 months, 2 weeks ago | www.youtube.com
abusing automotive bus can bus +18

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Lead Security Specialist

@ Fujifilm | Holly Springs, NC, United States
View on infosec-jobs.com

Security Operations Centre Analyst

@ Deliveroo | Hyderabad, India (Main Office)
View on infosec-jobs.com

CISOC Analyst

@ KCB Group | Kenya
View on infosec-jobs.com

Lead Security Engineer – Red Team/Offensive Security

@ FICO | Work from Home, United States
View on infosec-jobs.com

Cloud Security SME

@ Maveris | Washington, District of Columbia, United States - Remote
View on infosec-jobs.com

SOC Analyst (m/w/d)

@ Bausparkasse Schwäbisch Hall | Schwäbisch Hall, DE
View on infosec-jobs.com
View more jobs