Overview
Explore the intricacies of Advanced Local Procedure Call (ALPC) and its application in Remote Procedure Call (RPC) on Windows systems in this 46-minute conference talk from Hack.lu 2017. Delve into the core structures and APIs of ALPC, and discover how RPC-over-ALPC functions. Learn about the speakers' methodology for vulnerability hunting using a custom full-Python implementation of a simple RPC client. Gain insights into real-world security implications as the presenters reveal an UAC bypass and a Local Privilege Escalation discovered during their research. Presented by Clement Rouault, a Python enthusiast with expertise in reverse engineering and Windows internals, and Thomas Imbert, a security researcher specializing in reverse engineering, virtualization, and forensics.
Syllabus
Hack.lu 2017 A view into ALPC-RPC by Clement Rouault and Thomas Imbert
Taught by
Cooper