Back to the Core presented at Syscan 2015

by Peter Hlavaty,

Summary : In order to harden kernel exploitation as much as possible was introduced variety of features including KASLR, SMEP and sometimes also SMAP.
Even those are powerful techniques their effectiveness rely on their cooperation, environment and their implementation.
We will present new and some not so new exploitation techniques, show ideas behind breaking trough before mentioned security features and why it is possible, and we will take a look at pool spraying on x64 as well.