A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


Using Windows diagnostics for system compromiseÊ - Nicholas Berthaume "aricon" Derbycon 2015 (Hacking Illustrated Series InfoSec Tutorial Videos)

Using Windows diagnostics for system compromiseÊ
Nicholas Berthaume "aricon"
Derbycon 2015

This talk will discuss the merits of using Microsoft diagnostic tools in order to deliver payloads to modern Microsoft operating systems with little or no scrutiny by anti-virus and network intrusion sensors.Ê In it I will go over the reasons for using this tool-set including the advantages of more conventional techniques as well as the reasoning behind its exploration vs. more invasive payloads including those reliant on bugs to provide system compromise.Ê Additionally a tool will be introduced that will provide for the creation of payloads on compatible *nix operating systems whereas previously they could only be generated using the Microsoft SDK on their operating systems.Ê Additionally there will be an element of privilege escalation by way of UAC bypass on default configurations of the windows operating system.

aricon is a penetration tester living in the Denver Colorado who has presented at shmoocon and various bsides events in the past.Ê Past research demonstration has been into HTML5 exploitation, various forms of windows persistence, IPv6 exploitation and critical thinking development for information security.

Back to Derbycon 2015 video list

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2016, IronGeek
Louisville / Kentuckiana Information Security Enthusiast