w0rk3r's Windows Hacking Library

Forwarded from Security Talks (Jonhnathan Jonhnathan Jonhnathan)

Not a Security Boundary: Bypassing User Account Control
Matt Nelson at Derbycon 2017

Microsoft's User Account Control feature, introduced in Windows Vista, has been a topic of interest to many in the security community. Since UAC was designed to force user approval for administrative actions, attackers (and red teamers) encounter UAC on nearly every engagement. As a result, bypassing this control is a task that an actor often has to overcome, despite its lack of formal designation as a security boundary. This talk highlights what UAC is, previous work by others, research methodology, and details several technical UAC bypasses developed by the author.

https://youtu.be/c8LgqtATAnE

@SecTalks

YouTube

T114 Not a Security Boundary Bypassing User Account Control Matt Nelson

These are the videos from Derbycon 7 (2017):http://www.irongeek.com/i.php?page=videos/derbycon7/mainlist

www.tgoop.com/windowshackinglibrary/23

40 viewsMay 24, 2018 at 23:38

Not a Security Boundary: Bypassing User Account Control
Matt Nelson at Derbycon 2017

Microsoft's User Account Control feature, introduced in Windows Vista, has been a topic of interest to many in the security community. Since UAC was designed to force user approval for administrative actions, attackers (and red teamers) encounter UAC on nearly every engagement. As a result, bypassing this control is a task that an actor often has to overcome, despite its lack of formal designation as a security boundary. This talk highlights what UAC is, previous work by others, research methodology, and details several technical UAC bypasses developed by the author.

https://youtu.be/c8LgqtATAnE

@SecTalks

BY w0rk3r's Windows Hacking Library