Finding a Weak Link - Attacking Windows OEM Kernel Drivers
Offered By: YouTube
Course Description
Overview
Explore the intricacies of attacking Windows OEM kernel drivers in this comprehensive conference talk from Derbycon 2016. Delve into driver quarry techniques, fuzzing methodologies, and crash analysis using Driver Verifier. Learn to identify exploitable vulnerabilities, analyze IO Request Packets, and leverage WDF tools for driver examination. Discover real-world examples involving Lenovo drivers and Apple-related exploits. Gain insights into memory manipulation, local denial of service attacks, and secret extraction techniques. Examine locker systems, cloud-based options, and decryption strategies. Conclude with a summary of essential tools and a list of vulnerable drivers uncovered during the presentation.
Syllabus
Introduction
Driver Quarry
WhenTosh
Drivers
Fuzz
Fuzz Improvements
Fuzz Crashes
Driver Verifier
Being Exploitable
Annalise
IO Request Packet
Design Ideas
Identify Windows Drivers
Identify WDF Functions
WDF Tools
Device Type
API Calls
Lenovo Driver
Tale to Box
Space Division
Memory Gaining
Local Denial Service
Memory Read
MyAppleAmbler
Immortal Function
How Function Call
For Loop
Read Secrets
Locker Overview
Memory
heuristics
cloud options
example
decryption
what would really be like
TLDR
Wrapup
Tools
Drivers you found
Did they make it
Related Courses
Building Geospatial Apps on Postgres, PostGIS, & Citus at Large ScaleMicrosoft via YouTube Unlocking the Power of ML for Your JavaScript Applications with TensorFlow.js
TensorFlow via YouTube Managing the Reactive World with RxJava - Jake Wharton
ChariotSolutions via YouTube What's New in Grails 2.0
ChariotSolutions via YouTube Performance Analysis of Apache Spark and Presto in Cloud Environments
Databricks via YouTube