Author: admin

As this is the 5th vulnerability on HEVD (Use-After-Free), I’ll give a summary of what we’ve learned so far: Strategy: The strategy for this blogpost will be as follows: Initial Phase: Source Code Review As always we’ll check the C code first to understand where the vulnerability lies:  The structure of the code is the… Continue reading HEVD Windows Kernel Exploitation 6: Use-After-Free

Before I start talking about the 4th vulnerability on HEVD (Uninitialized Stack Variable), I’ll give a summary of what we’ve learned so far: With Stack Overfow:  put your shellcode in userland in an allocated memory and execute in kernelland With Arbitraty Overwrite: writing the value pointed by what to the memory location referenced by where With… Continue reading HEVD Windows Kernel Exploitation 5: Uninitialized Stack Variable

So as we exploit the 3rd vulnerability on HEVD, I’ll use this as a tradition and will give history on what we’ve done so far and whats up next: With Stack Overfow:  put your shellcode in userland in an allocated memory and execute in kernelland With Arbitraty Overwrite: writing the value pointed by what to the… Continue reading HEVD Windows Kernel Exploitation 4 – Null Pointer Dereference

Let’s continue with the third blogpost of the Kernel exploitation series. Few notes: With Stack Overfow:  we put our shellcode in user-land in an allocated memory and execute in kernel-land With Arbitraty Overwrite: we’ll be writing the value pointed by “what” to the memory location referenced by “where” The strategy for this blogpost: Initial Phase: Source… Continue reading HEVD Windows Kernel Exploitation 3 -Write What Where

There will be few setup steps we need to follow before we jump into the Kernel Exploitation: Install Windows x86 in VM Install WinDBG 2. Setup the Debugging Symbols computer – properties – advanced system settings – emvironmental variables create a sys variable Variable Name: _NT_SYMBOL_PATH Variable Value: SRV*C:\Symbols*https://msdl.microsoft.com/download/symbols 3. Enable Debugging in BCD Run CMD as… Continue reading HEVD Windows Kernel Exploitation 1 – Setup the Environment

After preparing for OSEE over a year and finishing almost most of the topics for the previous years syllabus, I finally found the time to start writing a blog series about all the learning I had so far (and more to come as this is a long journey). We’ll be focusing on Kernel Exploitation for… Continue reading HEVD Windows Kernel Exploitation 2 – Stack Overflow