Mastodawn

Windows RPC Exposes New Local Privilege Escalation Technique

A newly discovered technique allows hackers to easily escalate their privileges to SYSTEM level on Windows systems, using a vulnerability in the Remote Procedure Call stack. This alarming exploit relies on clever manipulation of Security Quality of Service parameters and impersonation levels.

https://osintsights.com/windows-rpc-exposes-new-local-privilege-escalation-technique?utm_source=mastodon&utm_medium=social

#LocalPrivilegeEscalation #Windows #Rpc #Alpc #Msrpc

Windows RPC Exposes New Local Privilege Escalation Technique

Learn the new Windows RPC local privilege escalation technique and protect your system now with expert insights and security measures against RPC vulnerabilities.

OSINTSights

Clément Notin

Jan 23, 2023

It was great to see a challenge @1ns0mn1h4ck where we had to exploit a logic bug in an #MSRPC service 🎉
Thanks to @itm4n for this great challenge 🙏 https://infosec.exchange/@itm4n/109732777607992952
His blog was very helpful, especially this part https://itm4n.github.io/from-rpcview-to-petitpotam/#the-petitpotam-case and in a nutshell the vulnerability was a case of this: https://csandker.io/2021/02/21/Offensive-Windows-IPC-2-RPC.html#server-non-impersonation as described by @0xcsandker The idea was to make the #impersonation (RpcImpersonateClient) by the server to fail.

Clément Labro (@[email protected])

Attached: 1 image That's it. The #CTF is now over. Congratulations to the 3 teams who solved my challenge. 🏆 I'm very pleased with this result. 😊

Infosec Exchange