You snooze you lose: RPC Racer winning RPC endpoints against services

Name: You snooze you lose: RPC Racer winning RPC endpoints against services
Description: The Windows Remote Procedure Call (RPC) protocol is the backbone of interprocess communication on Windows systems, used by virtually every service in the OS and by countless enterprise applications. A

Ron Ben Yizhak

DEF CON 33 · Day 2 · Main Stage

The Windows Remote Procedure Call (RPC) protocol is the backbone of interprocess communication on Windows systems, used by virtually every service in the OS and by countless enterprise applications. A

AI review

RPC endpoint squatting exploits the Windows RPC registration race condition to intercept privileged service calls — LPE with SYSTEM-level primitive and a scanning tool that finds squattable interfaces across the OS.

Watch on YouTube