Microsoft Windows Rpc Security Vulnerabilities presented at HITBSecConf Malaysia 2003

by Last Delirium,

Tags: Security Exploitation

Summary : The presentation will discuss security vulnerabilities of Microsoft Windows operating systems in the context of RPC communication component. In the beginning a brief introduction to Microsoft RPC with special emphasis on its security will be provided. Further on, the talk will cover reverse engineering techniques that have been successfully applied during the process of a security audit of Windows RPC services along with a description of tools that have been developed for this purpose. Finally, detailed information with regard to exploitation techniques for both stack and heap-based RPC security vulnerabilities will be provided on the basis of examples of recently discovered vulnerabilities.