T3W3-Windows Privilege Escalation presented at BSidesUK 2015

by Ruben Boonen, Francesco Mifsud,

Summary : Limited Capacity full
The Windows Privilege Escalation workshop aims to provide attendees with a solid understanding of the various steps required to go from low level privileges to SYSTEM level privileges. Automated tools, such as meterpreter's ""getsystem"", have their place in this process however reliance on automation breeds weakness. Contrary to common perception Windows boxes can be really well locked down if they are configured with care. As such the attacker will need to dig deep in order to elevate privileges.
The workshop will be divided into the following sections: Enumeration of the target machine (who uses it and what does it do), identification of common and uncommon configuration weaknesses (patch level, automated installs and configuration weaknesses) and permission analysis (scheduled tasks, services and file/folder access). Each section will be followed by real-world practical examples that attendees can get their hands dirty with in order to solidify the theory. This workshop aims to provide hands-on knowledge which can be directly applied in the field.