Coursera Plus Annual is 40% Off — Ends July 6.

Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

The Rise of Potatoes - Privilege Escalation in Windows Services

Hack In The Box Security Conference via YouTube

Start learning Write review
Financial Edge Ad

The Private Equity Associate Certification

Learn More → Coursera Ad

Learn AI, Data Science & Business — Earn Certificates That Get You Hired

Learn More →

Overview

AI, Data Science & Cloud Certificates from Google, IBM & Meta — 40% Off
One plan covers every Professional Certificate on Coursera. 40% off Coursera Plus Annual.
Unlock All Certificates
Explore advanced privilege escalation techniques in Windows services in this comprehensive conference talk from Hack In The Box Security Conference. Delve into recent methods used to escalate privileges from service accounts, including a new 0day NTLM relay attack. Learn about common scenarios involving compromised web applications and MSSQL servers on Windows systems. Examine Windows Service Hardening (WSH) and its potential vulnerabilities, such as the Rotten/JuicyPotato exploit. Understand the implications of SeImpersonatePrivilege and its classification as a "God privilege" by Microsoft. Discover multiple ways to escalate from SERVICE to SYSTEM privileges, despite Microsoft's stance on this security boundary. Gain insights into the newly discovered RemotePotato0 attack vector, combining privilege escalation with NTLM relaying techniques.

Syllabus

#HITB2021AMS D2T1 - The Rise Of Potatoes: Priv. Esc. In Windows Services - A. Pierini & A. Cocomazzi

Taught by

Hack In The Box Security Conference

Reviews

Start your review of The Rise of Potatoes - Privilege Escalation in Windows Services

Start learning

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.