Social Engineering the Windows Kernel - Finding and Exploiting Token Handling Vulnerabilities

Social Engineering the Windows Kernel - Finding and Exploiting Token Handling Vulnerabilities

Black Hat via YouTube Direct link

Conclusions

17 of 17

17 of 17

Conclusions

Class Central Classrooms beta

YouTube videos curated by Class Central.

Classroom Contents

Social Engineering the Windows Kernel - Finding and Exploiting Token Handling Vulnerabilities

Automatically move to the next video in the Classroom when playback concludes

  1. 1 Obligatory Background Slide
  2. 2 Windows Security Components
  3. 3 Security Reference Monitor
  4. 4 Token Categories
  5. 5 Impersonation Security Level
  6. 6 Named Pipes
  7. 7 NTLM Negotiation
  8. 8 Services For User (S4U)
  9. 9 How the Kernel Code Interacts with Tokens
  10. 10 Not Checking Impersonation Level
  11. 11 Crafted Subject Context
  12. 12 System Thread Impersonation
  13. 13 Leaky Tokens
  14. 14 Incorrect Token Duplication
  15. 15 Windows 10 Changes
  16. 16 Windows 10 Elevated Token Impersonation
  17. 17 Conclusions

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.