This talk will discuss the merits of using Microsoft diagnostic tools in order to deliver payloads to modern Microsoft operating systems with little or no scrutiny by anti-virus and network intrusion sensors.Ê In it I will go over the reasons for using this tool-set including the advantages of more conventional techniques as well as the reasoning behind its exploration vs. more invasive payloads including those reliant on bugs to provide system compromise.Ê Additionally a tool will be introduced that will provide for the creation of payloads on compatible *nix operating systems whereas previously they could only be generated using the Microsoft SDK on their operating systems.Ê Additionally there will be an element of privilege escalation by way of UAC bypass on default configurations of the windows operating system.

aricon is a penetration tester living in the Denver Colorado who has presented at shmoocon and various bsides events in the past.Ê Past research demonstration has been into HTML5 exploitation, various forms of windows persistence, IPv6 exploitation and critical thinking development for information security.

Back to Derbycon 2015 video list