Want to create an interactive transcript for this episode?
Podcast: DEF CON 22 [Materials] Speeches from the Hacker Convention.
Episode: Christopher Campbell - The $env:PATH less Traveled is Full of Easy Privilege Escalation Vulns
Description: Slides here: https://defcon.org/images/defcon-22/dc-22-presentations/Campbell/DEFCON-22-Christopher-Campbell-Path-Less-Traveled.pdf
The $env:PATH less Traveled is Full of Easy Privilege Escalation Vulns
Christopher Campbell SECURITY RESEARCHER
15 years after APT was released for Linux, Microsoft is finally going to ship Windows with a package manager! Windows PowerShell OneGet is the easiest and fastest way to install applications and will be a fundamental part of how Microsoft wants you to administer your enterprise. In this talk we will go over OneGet, Nuget and Chocolatey and observe some of the security problems that will have...