Hack The Box Meetup

Welcome to the latest Cincinnati HackTheBox meetup!

It sounds like there is some interest in doing some deep dives and reverse engineering with IDA. During the last meetup we worked on exploiting a machine called DRIVER that involved attacking RPC for privilege escalation. So we'll spend some time doing RPC enumeration, work on understanding how this privesc works, and finally talk a little bit about potential methods for detection! I'll do a quick HTB challenge at the start, just so we can look at something new for a moment beforehand.

If you'd like to follow along, grab a copy of ida 7.6 free and the windows sysinternals suite, installed on a windows VM.
https://download.sysinternals.com/files/SysinternalsSuite.zip
https://out7.hex-rays.com/files/idafree76_windows.exe

This meetup is hands on and will include access to a meetup lab environment!