Loading…
This event has ended. View the official site or create your own event → Check it out
This event has ended. Create your own
Security B-Sides London 2015

3rd of June 2015
ILEC Conference Centre 47 Lillie Road, London, SW6 1UD
View analytic
Wednesday, June 3 • 3:30pm - 5:30pm
T3W3-Windows Privilege Escalation FULL

Sign up or log in to save this to your schedule and see who's attending!

Limited Capacity full
Adding this to your schedule will put you on the waitlist.

The Windows Privilege Escalation workshop aims to provide attendees with a solid understanding of the various steps required to go from low level privileges to SYSTEM level privileges. Automated tools, such as meterpreter's ""getsystem"", have their place in this process however reliance on automation breeds weakness. Contrary to common perception Windows boxes can be really well locked down if they are configured with care. As such the attacker will need to dig deep in order to elevate privileges.

The workshop will be divided into the following sections: Enumeration of the target machine (who uses it and what does it do), identification of common and uncommon configuration weaknesses (patch level, automated installs and configuration weaknesses) and permission analysis (scheduled tasks, services and file/folder access). Each section will be followed by real-world practical examples that attendees can get their hands dirty with in order to solidify the theory. This workshop aims to provide hands-on knowledge which can be directly applied in the field.

Speakers
RB

Ruben Boonen

Context Information Security
Ruben (sometimes known as b33f - @FuzzySec) has been working in InfoSec since 2012, one year as part of the Offensive Security team, assisting students from around the world as they worked through Offsec's various certifications and two years as a security consultant. He has a well rounded skill set, having taken on many web application, infrastructure and bespoke engagements. He has however developed a special interest for Windows... Read More →
FM

Francesco Mifsud

Francesco Mifsud (@GradiusX). Is quite new to the InfoSec Industry but he spent a fair share of sleepless nights staring at debuggers and ASM during my undergrad and post-grad. He has been working at Context Information Security for the past 6 months as a security consultant; taking on web application, infrastructure and any other engagement they throw at him! During his research on exploit-development he realized that a lot of material is... Read More →


Wednesday June 3, 2015 3:30pm - 5:30pm
Workshop Track - Regents Park
  • Workshop requirements There are no special requirements to attend the workshop, everyone is welcome and can benefit for the theoretical parts of each section. However, to participate in the hands-on sections, attendees will need to bring the following: - A laptop with 500MB RAM (1GB recommended) which can be dedicated to a VM. - VMWare player, which can be downloaded for free.
  • Tags Any Geek, Audience: Pentesters, Audience: Techies, Difficulty Level 3, Geek Fun track