Explore the exploitation of Windows Communication Foundation (WCF) endpoints for remote code execution and privilege escalation in this conference talk from BSidesSF 2019. Delve into the vulnerabilities discovered in 2018 affecting various software products, including VPN clients, network monitoring tools, and antivirus software. Learn about the unintended exposure of powerful capabilities and the bypassing of security mechanisms in WCF services. Gain insights into the process of identifying vulnerabilities and developing exploits, with a focus on a real-world example involving a 0-day privilege escalation in Check Point's ZoneAlarm antivirus product. Increase your awareness of WCF as a potential attack surface and acquire practical knowledge for finding and exploiting these types of bugs.
Overview
Syllabus
BSidesSF 2019 - Abusing WCF Endpoint for RCE and Privilege Escalation (Christopher Anastasio)
Taught by
Security BSides San Francisco
Related Courses
-
Windows Red Team Privilege Escalation Techniques - Bypassing UAC and Kernel Exploits
-
Diving Into Spooler - Discovering LPE and RCE Vulnerabilities in Windows Printer
-
Extreme Privilege Escalation on Windows 8 - UEFI Systems
-
A Methodical Approach to Privilege Escalation in AWS
-
CertifiedDCOM - The Privilege Escalation Journey to Domain Admin with DCOM
-
Privilege Escalation Using DOP in MacOS
