A Deep Dive Into Two Windows Exploits Demonstrated at Pwn2Own
Offered By: Hack In The Box Security Conference via YouTube
Course Description
Overview
Dive deep into Windows kernel exploitation through an analysis of two new exploits demonstrated at Pwn2Own. Explore the current state and evolution of Windows kernel security, focusing first on the Cloud Filter component and a use-after-free vulnerability in its Filter Communication Port interface. Learn how this vulnerability was exploited to hijack kernel code execution and escalate privileges to SYSTEM. Review current kernel mitigations, their weaknesses, and the future of kernel security, including KASLR, SMAP, SMEP, CET, and CFG. Examine a second exploit involving a logical bug that defeats most mitigations by allowing direct read and write access to kernel virtual memory. Gain insights from Thomas Imbert, a security engineer at Synacktiv with expertise in reverse engineering and vulnerability research, particularly in Windows operating systems.
Syllabus
#HITB2023HKT D2T1 - A Deep Dive Into Two (Windows) Exploits Demonstrated At Pwn2Own - Thomas Imbert
Taught by
Hack In The Box Security Conference
Related Courses
CNIT 127: Exploit DevelopmentCNIT - City College of San Francisco via Independent Enterprise Security Fundamentals
Microsoft via edX Penetration Testing - Post Exploitation
New York University (NYU) via edX Ultimate Ethical Hacking and Penetration Testing (UEH)
Udemy Hands-on Penetration Testing Labs 4.0
Udemy