null Pune Humla 07 March 2015 Windows Kernel Exploitation Register

Saturday March 07 2015 10:00 AM Humla Pune

Null offensive hacking hands-on training.

Proposed sessions for this event:

  • Windows Kernel Exploitation by Ashfaq Ansari
Note: The session details including schedule are available below.

Overview

We are conducting a n|u Humla session at Pune on Windows Kernel Exploitation. This will be a complete hands-on session where attendees will be introduced to Windows Kernel exploitation techniques. We invite people who knows basics of user mode exploitation and are really interested in upgrading their skills to attack and exploit Windows Kernel. This is a per-invite based session and will be sending out the invites to only 10 people.

Humla Champion

Ashfaq Ansari is working as Security Consultant at Payatu Technologies where he spends time experimenting and understanding different attack vectors to exploit Windows User Mode as well as Kernel Mode vulnerabilities. He is a computer enthusiast and he tries to learn new things.

Links

  • http://hacksys.vfreaks.com/
  • https://twitter.com/HackSysTeam
  • https://github.com/hacksysteam
  • http://swachalit.null.co.in/profile/411-ashfaq-ansari

Agenda

  1. Introduction to Windows Kernel
  2. Why to Attack Kernel
  3. Windows Drivers Basic
  4. Types of Vulnerabilities
  5. Windows Kernel Debugging
  6. WinDbg-Fu
  7. Exploiting Vulnerabilities (Hands-on)
  8. Overview of EoP Shellcode (Token Stealing)
  9. Kernel Recovery
  10. Q/A & Feedback

Prerequisites (Basics)

  1. Windows Kernel
  2. Kernel Mode Drivers
  3. User Mode Exploitation
  4. Assembly and C/Python
  5. WinDbg
  6. Types of Vulnerabilities

Hardware & Software Requirement

  1. A laptop capable of running two virtual machines simultaneously (4/8 GB of RAM).
  2. 8/16 GB Flash Drive

Note: We will be distributing unlicensed version of Windows 7 with WinDbg, Dev C++, Python, Vulnerable Kernel Driver installed and VirtualBox. Everyone should have Administrator privilege on their laptop.

What to Expect?

  1. Complete Hands-on
  2. Fast & Quick Overview of Windows Internals
  3. WinDbg-Fu
  4. Windows Kernel Drivers Basics/IOCTL/IRP
  5. Techniques to Exploit Windows Kernel/Driver Vulnerabilities

What Not to Expect?

  1. Elite Kernel Hacker in One day
  2. Basics of ASM/C/Python
  3. Basics of User Mode Exploitation

Note: This session is conducted to introduce Windows Kernel Exploitation concepts to attendees and walk-through/hands-on to help gain confidence in Kernel Exploitation.

This is just a TIP of an ICEBERG.

Date Saturday March 07 2015
Chapter Pune
Registrations 14
Max Registrations Unlimited
Event Type Invite Only
Start Time 10:00 AM
End Time 06:00 PM

Session Schedule

Name Speaker Start Time End Time Resources
Windows Kernel Exploitation Ashfaq Ansari 10:00 AM 06:00 PM

Venue

This is an invite only event. If you are selected you will receive further information via e-mail.