Completed
Crafted Subject Context
Class Central Classrooms beta
YouTube videos curated by Class Central.
Classroom Contents
Social Engineering the Windows Kernel - Finding and Exploiting Token Handling Vulnerabilities
Automatically move to the next video in the Classroom when playback concludes
- 1 Obligatory Background Slide
- 2 Windows Security Components
- 3 Security Reference Monitor
- 4 Token Categories
- 5 Impersonation Security Level
- 6 Named Pipes
- 7 NTLM Negotiation
- 8 Services For User (S4U)
- 9 How the Kernel Code Interacts with Tokens
- 10 Not Checking Impersonation Level
- 11 Crafted Subject Context
- 12 System Thread Impersonation
- 13 Leaky Tokens
- 14 Incorrect Token Duplication
- 15 Windows 10 Changes
- 16 Windows 10 Elevated Token Impersonation
- 17 Conclusions