2025-07-03, 09:50–10:10 (Europe/Paris), Amphitheater 122
Named Pipes are interprocess communication primitives used by many Windows applications.
However, these operating system APIs are often blindly trusted, and one can intercept and tamper with transmitted data by abusing a Man-in-the-Middle setup.
Commonly admitted mitigations implies checking process IDs, executable signatures or permissions on the named pipe. With proper tooling, such mitigations can be bypassed.
This presentation will delve into Windows Named Pipes APIs while highlighting common attacks, usual mitigations, and how to bypass them using the soon-to-be-opensource tool thats_no_pipe.
- A quick introduction of the speaker.
- A quick introduction of Windows Named Pipes APIs.
- An overview of common attacks against Named Pipes.
- Common mitigations against MitM attacks, and how to bypass them.
- Live demonstration of the tool.
Developer & Pentester @ Synacktiv