Explore a groundbreaking technique for exploiting kernel pool overflows in Microsoft Windows operating systems. Delve into the evolving landscape of Windows kernel security and the increasing value of kernel-level vulnerabilities. Learn how to convert pool overflows into powerful primitives, including arbitrary memory read/write, execution flow hijacking, and adjacent read/write operations. Discover a novel approach to elevating privileges without relying on kernel shellcode or Return-Oriented Programming (ROP). Gain insights into the security enhancements implemented by Microsoft across different Windows versions and understand how this new exploitation method overcomes these protections. Ideal for security researchers, penetration testers, and those interested in advanced Windows kernel exploitation techniques.
Overview
Syllabus
Data-Only Pwning Microsoft Windows Kernel
Taught by
Black Hat