An ACE in the Hole - Stealthy Host Persistence via Security Descriptors

An ACE in the Hole - Stealthy Host Persistence via Security Descriptors

via YouTube Direct link

Where do security descriptors come from

12 of 39

12 of 39

Where do security descriptors come from

Class Central Classrooms beta

YouTube videos curated by Class Central.

Classroom Contents

An ACE in the Hole - Stealthy Host Persistence via Security Descriptors

Automatically move to the next video in the Classroom when playback concludes

  1. 1 Intro
  2. 2 Introductions
  3. 3 Overview
  4. 4 Offensive Implications
  5. 5 WinRM Backdoor
  6. 6 Misconfigured Configurations
  7. 7 General Persistence Approach
  8. 8 Domain Join Systems
  9. 9 We Believe
  10. 10 What is a Securable Object
  11. 11 What is a Security Descriptor
  12. 12 Where do security descriptors come from
  13. 13 What are decals
  14. 14 Object rights
  15. 15 Services
  16. 16 AntiAudit Measures
  17. 17 Methodology
  18. 18 Existing Tools
  19. 19 Caveats
  20. 20 Security Descriptors
  21. 21 Object Takeover Primitives
  22. 22 Process Rights
  23. 23 Case Studies
  24. 24 Service Control Manager
  25. 25 Security Descriptor
  26. 26 Decom
  27. 27 WMyClasses
  28. 28 WMyRemoteAccess
  29. 29 Printer Objects
  30. 30 Printer RPC
  31. 31 Commandlets
  32. 32 Remote Registry
  33. 33 Hash Dumping
  34. 34 Backdooring
  35. 35 MEMEMIC
  36. 36 Defensive Enumeration
  37. 37 Takeaways
  38. 38 Microsoft troll slides
  39. 39 RPC protocols

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.