Reimplementing Local RPC in .Net

Explore the intricacies of reimplementing local RPC in .NET through this comprehensive conference talk from HITB CyberWeek. Delve into the challenges of finding privilege escalation in local Windows RPC servers and learn about the innovative approaches to implement RPC clients in .NET languages like C# and PowerShell. Discover the process of reverse engineering APIs, implementing NDR parsing and serialization, and integrating with PowerShell. Gain insights into assessing implementation approaches, identifying low-level ALPC implementation, and uncovering new bugs using custom tooling. Benefit from the speaker's expertise in computer hardware and software security, including their recognition as a top MSRC researcher and Pwn2Own winner. Follow along as the presentation covers topics such as Interface Definition Language, MIDL Compiler, NDR Format Strings, structure marshalling, client implementation, and finding RPC server interfaces. Explore undocumented byte codes, standards, and techniques for dealing with arrays of structures with pointers. Learn about fuzzing, possible future work, and gain access to the tooling developed for this research.