Explore advanced heap manipulation techniques in Windows 8 through this Black Hat Europe 2013 conference talk. Delve into the challenges posed by Windows 8's exploit mitigation improvements and learn how to predict heap states with greater accuracy. Discover a new method for precisely manipulating heap layouts in both kernel pools and user heaps, building upon the "Heap Feng Shui" concept. Gain insights into exploiting specific vulnerability scenarios through controlled heap states. Examine practical demonstrations of planting kernel objects at fixed addresses, exploiting write-what-where vulnerabilities, and achieving reliable exploitation in kernel pool overflow scenarios. Investigate the possibilities of heap determinism in Windows 8 user heaps and witness demonstrations of successful heap exploitation through careful layout crafting.
Overview
Syllabus
Black Hat EU 2013 - Advanced Heap Manipulation in Windows 8
Taught by
Black Hat