Win-DoS Epidemic - Abusing RPC for Win-DoS & Win-DDoS

Name: Win-DoS Epidemic - Abusing RPC for Win-DoS & Win-DDoS
Description: Or Yair and Shahak Morag from SafeBreach presented a comprehensive study of Denial of Service (DoS) vulnerabilities in Windows, centered on the abuse of Remote Procedure Call (RPC) interfaces. Their r

Or Yair, Shahak Morag

DEF CON 33 · Day 1 · Main Stage

Or Yair and Shahak Morag from SafeBreach presented a comprehensive study of Denial of Service (DoS) vulnerabilities in Windows, centered on the abuse of Remote Procedure Call (RPC) interfaces. Their r

AI review

SafeBreach researchers take LDAP Nightmare (CVE-2024-49113) — an unauthenticated single-packet domain controller crash — and build it into a systematic methodology for finding DoS conditions across Windows RPC interfaces, yielding four additional vulnerabilities and a Windows-native DDoS amplification primitive.

Watch on YouTube