Videos
Home » Videos » T05 - WinReg MiTM: Simple Injection and Remote Fileless Payload Execution

T05 - WinReg MiTM: Simple Injection and Remote Fileless Payload Execution

Santiago Hernández Ramos
This paper presents an analysis of the security problems in the implementation of the Remote Registry protocol of the latest Windows operating systems (such as Windows 10). The analysis shows how these weaknesses can be used by an attacker through the application of the man in the middle technique for writing arbitrary data in the Windows Registry of the victim's computer, and consequently, remote code execution.