24C3 - 1.01

24th Chaos Communication Congress
Volldampf voraus!

Luke Jennings

Luke Jennings is a security consultant for MWR InfoSecurity in the UK and is a computer science graduate of the University of Southampton. Luke's previous work has primarily been focused on penetration testing and application testing which has also led to his discovery of some critical, remotely exploitable vulnerabilities in widely deployed software. As a result of this, Luke has become increasingly interested in dedicating a portion of his time to active security research. Luke is also interested in promoting security awareness among computer scientists, and has guest lectured at his old university to further this.

Luke's talk is about the abuse of windows access tokens for post-exploitation and just how vulnerable large windows networks can be these attacks.