Windows Local Kernel Exploitation presented at HITBSecConf Malaysia 2004

by S.k. Chong,

Tags: Security Exploitation

Summary : This presentation will highlight mechanisms to exploit the Windows Kernel for useful local privilege escalation. Unlike "Shatter Attack" which is usually only useful if an attacker has physical access of the computer, Kernel exploitation will escalate the attacker to the highest level of the kernel itself without any restrictions. The presentation will include usage of undocumented APIs, memory corruption in device drivers, kernel 'shellcode' as well as other relevant tricks to find and exploit the Windows kernel-land for a successful privilege escalation.