Explore the intricacies of Advanced Local Procedure Call (ALPC) and its application in Remote Procedure Call (RPC) on Windows systems in this 46-minute conference talk from Hack.lu 2017. Delve into the core structures and APIs of ALPC, and discover how RPC-over-ALPC functions. Learn about the speakers' methodology for vulnerability hunting using a custom full-Python implementation of a simple RPC client. Gain insights into real-world security implications as the presenters reveal an UAC bypass and a Local Privilege Escalation discovered during their research. Presented by Clement Rouault, a Python enthusiast with expertise in reverse engineering and Windows internals, and Thomas Imbert, a security researcher specializing in reverse engineering, virtualization, and forensics.
A View into ALPC-RPC - Advanced Local Procedure Call and Remote Procedure Call
Overview
Syllabus
Hack.lu 2017 A view into ALPC-RPC by Clement Rouault and Thomas Imbert
Taught by
Cooper
Related Courses
-
All About RPC, LRPC, ALPC, and LPC in Your PC
-
Using ALPC Security Features to Compromise RPC Services
-
Reimplementing Local RPC in .Net
-
Battle of Windows Service - A Silver Bullet to Discover File Privilege Escalation Bugs Automatically
-
Automated Discovery of Logical Privilege Escalation Bugs in Windows 10
-
Windows Agentless C2 - Abusing the MDM Client Stack
