Abstract

In this talk, we will look into different components of Windows Kernel and basics of driver communication, bypassing GS Cookie and understanding Kernel payload and Recovery mechanism such as Stack Unwinding.

In this particular talk, we will understand Arbitrary Memory Overwrite vulnerability a.k.a Write-What-Where.

Finally, we will craft a working exploit for the same on Win 2K3 or Windows 7.

Speaker

Ashfaq Ansari

Ashfaq Ansari is the founder of HackSys Team code named "Panthera". He is a Security Researcher with experience in various aspects of Information Security. He has authored "HackSys Extreme Vulnerable Driver" and "Shellcode of Death". He has also written and published various whitepapers on low level software exploitation. His core interest lies in "Low Level Exploitation", "Reverse Engineering", "Program Analysis" and "Hybrid Fuzzing". He is a fanboy of Artificial Intelligence and Machine Learning. He is the chapter lead for null (Pune).

Timing

Starts at Saturday December 20 2014, 11:10 AM. The sessions runs for about 1 hour.

Resources