Explore Windows system privileges and their potential for privilege escalation in this 44-minute conference talk from Hack in Paris. Delve into the concepts of privileges and tokens, learning how to obtain them and identify paths for elevating user privileges to SYSTEM level through Windows privilege abuse and token manipulation. Focus on the "SeImpersonate" and "SeAssignPrimary" privileges, examining their role in exploits like "Rotten Potato" and "Juicy Potato," which have been dubbed "Golden Privileges" for their effectiveness in achieving system-level access.
Overview
Syllabus
HIP19: whoami priv - show me your privileges and I will lead you to SYSTEM - A. Pierini
Taught by
Hack in Paris