2011 Talks

Encyclopaedia Of Windows Privilege Escalation

Getting a shell on a box is only the beginning of the journey. While there are a number of things still possible to a low privileged user, a higher level of access is generally required for reboot persistence, or access to important information. Take a trip along the many paths of privilege escalation once you have obtained command execution. This talk will be your guide, as it explains different methods of increasing your level of access.

Techniques will include methods applicable to unpatched boxes, as well as fully patched systems that may be vulnerable to configuration and deployment issues commonly seen on Windows boxes.

Speaker: Brett Moore

Brett Moore has been crawling through security holes for over 10 years, and during this time has released a number of tools and whitepapers related to both attack and defence.

He currently heads up Insomnia Security in New Zealand, where he and his team spends most of their time devising new methods of attack to breach the security of their customers.

Brett is a regular speaking at Ruxcon and has also presented at conferences including Blackhat, Bluehat, Syscan, and Kiwicon as well as been the source of a number of Microsoft security advisories over the past decade.

 

Digital Forensic Evidence from Certainty to Shades of Gray Digital Forensic Evidence from Certainty to Shades of Gray
Forensic Timeline Splunking Forensic Timeline Splunking