Windows Kernel Exploitation presented at SyScan 2004

by Sk Chong,

Tags: Security Exploitation

Summary : The presentation will highlight mechanisms to exploit the Windows Kernel for useful local privilege
escalation. Unlike "Shatter Attack" which usually only useful if attacker has physical access of the
computer, Kernel exploitation will escalate the attacker to the highest level as the kernel itself
without any restriction. The presentation will include usage of undocumented API, memory corruption on
device driver, kernel 'shellcode' as well as other relevant tricks to find and exploit the Windows
kernel-land for a successful privilege escalation.