Abusing Windows Built in VPN Providers

Source provenance. Raw material catalogued for the wiki ingest pipeline. Lives offline at raw_sources/offensive-security/ingested/Abusing Windows Built-in VPN Providers.md.

Status: integrated

Excerpt

Some interesting things happen when you connect to a virtual private network (VPN). One that recently caught my interest is updates to the routing table. Normally, a non-administrative Windows user can’t modify the system routing table; it is a privileged action due to the routing table being shared by all processes at all privilege levels on the entire system. This included connections by service…