As this is the 5th vulnerability on HEVD (Use-After-Free), I’ll give a summary of what we’ve learned so far: Strategy: The strategy for this blogpost will be as follows: Initial Phase: Source Code Review As always we’ll check the C code first to understand where the vulnerability lies: The structure of the code is the… Continue reading HEVD Windows Kernel Exploitation 6: Use-After-Free
Category: Kernel Exploitation
HEVD Windows Kernel Exploitation 5: Uninitialized Stack Variable
Before I start talking about the 4th vulnerability on HEVD (Uninitialized Stack Variable), I’ll give a summary of what we’ve learned so far: With Stack Overfow: put your shellcode in userland in an allocated memory and execute in kernelland With Arbitraty Overwrite: writing the value pointed by what to the memory location referenced by where With… Continue reading HEVD Windows Kernel Exploitation 5: Uninitialized Stack Variable
HEVD Windows Kernel Exploitation 4 – Null Pointer Dereference
So as we exploit the 3rd vulnerability on HEVD, I’ll use this as a tradition and will give history on what we’ve done so far and whats up next: With Stack Overfow: put your shellcode in userland in an allocated memory and execute in kernelland With Arbitraty Overwrite: writing the value pointed by what to the… Continue reading HEVD Windows Kernel Exploitation 4 – Null Pointer Dereference
HEVD Windows Kernel Exploitation 3 -Write What Where
Let’s continue with the third blogpost of the Kernel exploitation series. Few notes: With Stack Overfow: we put our shellcode in user-land in an allocated memory and execute in kernel-land With Arbitraty Overwrite: we’ll be writing the value pointed by “what” to the memory location referenced by “where” The strategy for this blogpost: Initial Phase: Source… Continue reading HEVD Windows Kernel Exploitation 3 -Write What Where
HEVD Windows Kernel Exploitation 1 – Setup the Environment
There will be few setup steps we need to follow before we jump into the Kernel Exploitation: Install Windows x86 in VM Install WinDBG 2. Setup the Debugging Symbols computer – properties – advanced system settings – emvironmental variables create a sys variable Variable Name: _NT_SYMBOL_PATH Variable Value: SRV*C:\Symbols*https://msdl.microsoft.com/download/symbols 3. Enable Debugging in BCD Run CMD as… Continue reading HEVD Windows Kernel Exploitation 1 – Setup the Environment
HEVD Windows Kernel Exploitation 2 – Stack Overflow
After preparing for OSEE over a year and finishing almost most of the topics for the previous years syllabus, I finally found the time to start writing a blog series about all the learning I had so far (and more to come as this is a long journey). We’ll be focusing on Kernel Exploitation for… Continue reading HEVD Windows Kernel Exploitation 2 – Stack Overflow