YoVDO

Breaking VSM by Attacking SecureKernel

Offered By: Black Hat via YouTube

Tags

Black Hat Courses Cybersecurity Courses Ethical Hacking Courses Windows 10 Security Courses Arbitrary Code Execution Courses

Course Description

Overview

Explore a comprehensive analysis of vulnerabilities in Windows 10's SecureKernel, a critical component of Microsoft's Virtualization Based Security (VBS) model. Delve into the discovery and exploitation of two vulnerabilities that could compromise the entire VBS system by allowing arbitrary code execution in VTL1. Follow the presenters' step-by-step process of exploiting these vulnerabilities on the latest Windows version, gaining insights into the intricacies of virtualization stack security. Learn about SecureKernel Pool, Pull Allocations, Push Shipping, and various MDR concepts. Witness live demonstrations of exploitation techniques, including kmdl safe structures, mdl free idea, and pt allocator target structure. Gain valuable knowledge about the potential weaknesses in virtualization-based security technologies and the importance of continuous improvement in software stack security.

Syllabus

Introduction
First Vulnerability
SecureKernel Pool
Pull Allocations
Push Shipping
Undo MDR
Ascii MDR
LeftArm Context
PowerMdl
RedWhatWhere
Summary
Demo
Demonstration
skmdl
safe
structures
mdl
free idea
pt allocator
target structure
in action
crash
conclusion
Questions


Taught by

Black Hat

Related Courses

The Great Escape of ESXi
media.ccc.de via YouTube Android Parcels - The Bad, the Good and the Better - Introducing Android's Safer Parcel
Black Hat via YouTube Arbitrary Code Execution on RISC-V Using Fault Injection
nullcon via YouTube Back to the Epilogue - How to Evade Windows' Control Flow Guard with Less than 16 Bytes
Black Hat via YouTube iOS Kernel Heap Armageddon Revisited
Black Hat via YouTube