Windows Permissions

Name: Windows Permissions
Uploaded: Jul 6, 2024
Duration: 2283 s

hexdump31.7K subscribers

3.5K views

Jul 6, 2024

38:03

Hi and welcome to this new video! In this video we continue the "Windows Privilege Escalation" series. This time the focus will be on how permissions are handled by the Windows operating system. We will discuss about the ideas behind authentication, authorization and session managements. Then we discuss the concept of security principals, and how they are identified by Security Identifiers (SIDs). Continuing, we see how to check permissions on files using the icacls.exe command. Finally, we discuss the concepts of Mandatory Integrity Control (MIC) and User Account Control (UAC), which are extra mechanism that are employed by windows to increase the level of security. I hope you find it helpful, and I would appreciate if you leave your feedback down in the comments, and share this series with like-minded people. Thank you very much! ------------------------- TIMESTAMP 00:00 Introduction 01:24 Authentication, Authorization and Session Management 06:45 Security Principals and Security Identifier (SID) 10:05 How to read SIDs 17:41 Enumerate user SIDs 20:40 Access Tokens 24:00 File Permissions with icacls.exe 29:55 Mandatory Integrity Control (MIC) 33:05 User Account Control (UAC) 35:40 Conclusion ------------------------- REFERENCES - Material: https://github.com/LeonardoE95/yt-en/tree/main/src/TBD-windows-privesc-windows-permissions - Windows SIDs: https://learn.microsoft.com/en-us/windows-server/identity/ad-ds/manage/understand-security-identifiers - Well Known SIDs: https://learn.microsoft.com/en-us/windows/win32/api/winnt/ne-winnt-well_known_sid_type - Access Token: https://learn.microsoft.com/en-us/windows/win32/secauthz/access-tokens - Mandatory Integrity Controls: https://learn.microsoft.com/en-us/windows/win32/secauthz/mandatory-integrity-control - File Permissions: https://superuser.com/questions/322423/explain-the-output-of-icacls-exe-line-by-line-item-by-item - Playing with Windows API: https://0x00-0x00.github.io/research/2018/10/17/Windows-API-and-Impersonation-Part1.html ------------------------- CONTACTS - Blog: https://blog.leonardotamiano.xyz/ - Github: https://github.com/LeonardoE95?tab=repositories - Support: https://www.paypal.com/donate/?hosted_button_id=T49GUPRXALYTQ

Download

0 formats

No download links available.