Artwork

Contenuto fornito da Black Hat / CMP and Jeff Moss. Tutti i contenuti dei podcast, inclusi episodi, grafica e descrizioni dei podcast, vengono caricati e forniti direttamente da Black Hat / CMP and Jeff Moss o dal partner della piattaforma podcast. Se ritieni che qualcuno stia utilizzando la tua opera protetta da copyright senza la tua autorizzazione, puoi seguire la procedura descritta qui https://it.player.fm/legal.
Player FM - App Podcast
Vai offline con l'app Player FM !

Barnaby Jack: Remote Windows Kernel Exploitation - Step In To the Ring 0

36:08
 
Condividi
 

Manage episode 155121482 series 1146744
Contenuto fornito da Black Hat / CMP and Jeff Moss. Tutti i contenuti dei podcast, inclusi episodi, grafica e descrizioni dei podcast, vengono caricati e forniti direttamente da Black Hat / CMP and Jeff Moss o dal partner della piattaforma podcast. Se ritieni che qualcuno stia utilizzando la tua opera protetta da copyright senza la tua autorizzazione, puoi seguire la procedura descritta qui https://it.player.fm/legal.
Almost every possible method and technique regarding Windows exploitation has been discussed in depth. Surprisingly, a topic that has rarely been touched on publicly is the remote exploitation of Win32 kernel vulnerabilities; a number of kernel vulnerabilities have been published, yet no exploit code has surfaced in the public arena. I predict we will see more kernel vulnerabilities in the future, as more core networking components are being implemented at the driver level. In this presentation I will walk through the remote exploitation of a kernel level vulnerability. A number of payloads will be discussed and demonstrated, and I will explain how to overcome the various obstacles that arise when attempting to exploit ring 0 vulnerabilities. As a final demonstration, we will say goodnight to the Windows OS entirely. Barnaby Jack is a Senior Research Engineer at eEye Digital Security. His role at eEye involves developing internal technologies, malicious code analysis, vulnerability research-and applying this research to the eEye product line. His main areas of interest include reverse engineering and operating system internals. He has been credited with the discovery of numerous security vulnerabilities, and has published multipl
  continue reading

61 episodi

Artwork
iconCondividi
 
Manage episode 155121482 series 1146744
Contenuto fornito da Black Hat / CMP and Jeff Moss. Tutti i contenuti dei podcast, inclusi episodi, grafica e descrizioni dei podcast, vengono caricati e forniti direttamente da Black Hat / CMP and Jeff Moss o dal partner della piattaforma podcast. Se ritieni che qualcuno stia utilizzando la tua opera protetta da copyright senza la tua autorizzazione, puoi seguire la procedura descritta qui https://it.player.fm/legal.
Almost every possible method and technique regarding Windows exploitation has been discussed in depth. Surprisingly, a topic that has rarely been touched on publicly is the remote exploitation of Win32 kernel vulnerabilities; a number of kernel vulnerabilities have been published, yet no exploit code has surfaced in the public arena. I predict we will see more kernel vulnerabilities in the future, as more core networking components are being implemented at the driver level. In this presentation I will walk through the remote exploitation of a kernel level vulnerability. A number of payloads will be discussed and demonstrated, and I will explain how to overcome the various obstacles that arise when attempting to exploit ring 0 vulnerabilities. As a final demonstration, we will say goodnight to the Windows OS entirely. Barnaby Jack is a Senior Research Engineer at eEye Digital Security. His role at eEye involves developing internal technologies, malicious code analysis, vulnerability research-and applying this research to the eEye product line. His main areas of interest include reverse engineering and operating system internals. He has been credited with the discovery of numerous security vulnerabilities, and has published multipl
  continue reading

61 episodi

Tous les épisodes

×
 
Loading …

Benvenuto su Player FM!

Player FM ricerca sul web podcast di alta qualità che tu possa goderti adesso. È la migliore app di podcast e funziona su Android, iPhone e web. Registrati per sincronizzare le iscrizioni su tutti i tuoi dispositivi.

 

Guida rapida