HEVD Windows Kernel Exploitation 3 -Write What Where

Let’s continue with the third blogpost of the Kernel exploitation series. Few notes: With Stack Overfow:  we put our shellcode in user-land in an allocated memory and execute in kernel-land With Arbitraty Overwrite: we’ll be writing the value pointed by “what” to the memory location referenced by “where” The strategy for this blogpost: Initial Phase: Source… Continue reading HEVD Windows Kernel Exploitation 3 -Write What Where

HEVD Windows Kernel Exploitation 1 – Setup the Environment

There will be few setup steps we need to follow before we jump into the Kernel Exploitation: Install Windows x86 in VM Install WinDBG 2. Setup the Debugging Symbols computer – properties – advanced system settings – emvironmental variables create a sys variable Variable Name: _NT_SYMBOL_PATH Variable Value: SRV*C:\Symbols*https://msdl.microsoft.com/download/symbols 3. Enable Debugging in BCD Run CMD as… Continue reading HEVD Windows Kernel Exploitation 1 – Setup the Environment