And so it happened ;> As I’ve written in this post, Gynvael Coldwind has just finished speaking about recent Windows Kernel Vulnerabilities on the Hack In The Box Dubai conference, taking place today. Unfortunately, because of the European air communication being disabled these days, the presentation was held remotely – one way or another, it can be considered very successful, imho.
Thanks to the organisers, who publish the materials right after the speeches are over, all of the slides are now available at http://conference.hitb.org/hitbsecconf2010dxb/materials/.
Our presentation, containing the details of how the aforementioned kernel / CSRSS vulns work and can be exploited, can be found here (1.27MB).
I am not going to spoil anything more here – if you were not lucky to attend the Dubai conference, I strongly recommend the polish CONFidence 2010 held in May (which I also mentioned already).
Have fun! ;-)
Hello, Thx for the pdf ;)
How you send the CsrExitProcess opcode ?
@Nameless: using the CsrClientCallServer function mentioned in the latest post! ;>