Development Kernel Exploit for Microsoft Windows
- Nikita Tarakanov
This course will familiarize attendees with development of Microsoft Windows kernel exploit on 32-bit and 64-bit editions of Microsoft Windows.
Attendees will learn the various internals of the kernel exploit development, will face various problem and will learn how to solve them.
This course covers almost every vulnerability type that have been discovered in MS Windows Kernel.
Starting with developing exploits for easy vulnerabilities like arbitrary memory overwrite to brand new techniques of exploiting pool overflow on Windows 8.1.
Pre-requisite of Training Class
Student
- Basic knowledge of Windows, Intel architecture, and operating systems is required
Hardware
- Intel Core 2 Duo x64 hardware (or superior) required
- 4GB RAM required, at a minimum, 8GB preferred
Software
- Microsoft Windows 7/8/8.1 x64 as host OS
- VMware Player or Workstation
- Visual Studio Preview
- IDA Pro 6.1+
Daily Class Outline
Day 1
- Setting up the environment
- Basics of Kernel Debugging with Windbg
- Microsoft Kernel Vulnerabilities Overview
- Null/Various Pointer Dereference Exploitation
- Arbitrary Memory Overwrite Exploitation
- Stack-Based Buffer Overflow Exploitation
- Race Condition Exploitation
Day 2
- Recent Exploit Mitigation Technologies Overview
- Pool Overflow/Corruption Exploitation
- Hardcore Pool Overflow/Corruption Exploitation
- Advanced Memory Corruption Techniques.
| Organiser: | ||||
 |
||||
| Patron of SyScan'14: | ||||
 |
||||
| Diamond Sponsor: | ||||
 |
||||
| Platinum Sponsor: | ||||
 |
 |
|||
| Silver Sponsor: | ||||
 |
Friends of SyScan'14: | |||
 |
 |
 |
 |
 |