Null offensive hacking hands-on training.
Proposed sessions for this event:
- Windows Kernel Exploitation by Ashfaq Ansari
Overview
We are conducting a n|u Humla session at Pune on Windows Kernel Exploitation. This will be a complete hands-on session where attendees will be introduced to Windows Kernel exploitation techniques. We invite people who knows basics of user mode exploitation and are really interested in upgrading their skills to attack and exploit Windows Kernel. This is a per-invite based session and will be sending out the invites to only 10 people.
Humla Champion
Ashfaq Ansari is working as Security Consultant at Payatu Technologies where he spends time experimenting and understanding different attack vectors to exploit Windows User Mode as well as Kernel Mode vulnerabilities. He is a computer enthusiast and he tries to learn new things.
Links
- http://hacksys.vfreaks.com/
- https://twitter.com/HackSysTeam
- https://github.com/hacksysteam
- http://swachalit.null.co.in/profile/411-ashfaq-ansari
Agenda
- Introduction to Windows Kernel
- Why to Attack Kernel
- Windows Drivers Basic
- Types of Vulnerabilities
- Windows Kernel Debugging
- WinDbg-Fu
- Exploiting Vulnerabilities (Hands-on)
- Overview of EoP Shellcode (Token Stealing)
- Kernel Recovery
- Q/A & Feedback
Prerequisites (Basics)
- Windows Kernel
- Kernel Mode Drivers
- User Mode Exploitation
- Assembly and C/Python
- WinDbg
- Types of Vulnerabilities
Hardware & Software Requirement
- A laptop capable of running two virtual machines simultaneously (4/8 GB of RAM).
- 8/16 GB Flash Drive
Note: We will be distributing unlicensed version of Windows 7 with WinDbg, Dev C++, Python, Vulnerable Kernel Driver installed and VirtualBox. Everyone should have Administrator privilege on their laptop.
What to Expect?
- Complete Hands-on
- Fast & Quick Overview of Windows Internals
- WinDbg-Fu
- Windows Kernel Drivers Basics/IOCTL/IRP
- Techniques to Exploit Windows Kernel/Driver Vulnerabilities
What Not to Expect?
- Elite Kernel Hacker in One day
- Basics of ASM/C/Python
- Basics of User Mode Exploitation
Note: This session is conducted to introduce Windows Kernel Exploitation concepts to attendees and walk-through/hands-on to help gain confidence in Kernel Exploitation.
This is just a TIP of an ICEBERG.
Date | Saturday March 07 2015 |
---|---|
Chapter | Pune |
Registrations | 14 |
Max Registrations | Unlimited |
Event Type | Invite Only |
Start Time | 10:00 AM |
End Time | 06:00 PM |
Session Schedule
Name | Speaker | Start Time | End Time | Resources |
---|---|---|---|---|
Windows Kernel Exploitation | Ashfaq Ansari | 10:00 AM | 06:00 PM |