Joel Eriksson: Kernel Wars
Jan 09, 2006•54 min
Listen to this episode in Metacast mobile app
Don't just listen to podcasts. Learn from them with transcripts, summaries, and chapters for every episode. Skim, search, and bookmark insights. Learn more
Episode description
"Kernel vulnerabilities are often deemed unexploitable or at least unlikely tbe exploited reliably. Although it's true that kernel-mode exploitation often presents some new challenges for exploit developers, it still all boils down t""creative debugging"" and knowledge about the target in question.
This talk intends tdemystify kernel-mode exploitation by demonstrating the analysis and reliable exploitation of three different kernel vulnerabilities without public exploits. From a defenders point of view this could hopefully serve as an eye-opener, as it demonstrates the ineffectiveness of HIDS, NX, ASLR and other protective measures when the kernel itself is being exploited.
The entire process will be discussed, including how the vulnerabilities were found, how they were analyzed tdetermine if and how they can be reliably exploited and of course the exploits will be demonstrated in practice.
This talk intends tdemystify kernel-mode exploitation by demonstrating the analysis and reliable exploitation of three different kernel vulnerabilities without public exploits. From a defenders point of view this could hopefully serve as an eye-opener, as it demonstrates the ineffectiveness of HIDS, NX, ASLR and other protective measures when the kernel itself is being exploited.
The entire process will be discussed, including how the vulnerabilities were found, how they were analyzed tdetermine if and how they can be reliably exploited and of course the exploits will be demonstrated in practice.
For the best experience, listen in Metacast app for iOS or Android