Windows Kernel Exploitation Papers
 Justin Seitz (jms) <jms bughunter ca> |
Wednesday, June 11 2008 16:04.30 CDT |
I can't remember where all I posted about this, but Kostya and I published a couple of papers today and you can find them
HERE
June 11, 2008: Exploiting Kernel Pool Overflows (Kostya Kortchinsky)
June 11, 2008: The I2OMGMT Driver Impersonation Attack (Justin Seitz)
Hope you enjoy!
Comments
 dennis |
Posted: Thursday, June 12 2008 13:56.44 CDT |
|
I've seen them announced on DD yesterday and read that paper of yours - really nice stuff! It reminded me of a very similar bug that I have found while having audited an AV filter driver which suffered from pretty the same bug (except that it allowed writing of arbitrary values to user-supplied addresses instead of calling a user supplied address). It's a bit surprising how lacking (if present at all) the checks on the i/o buffers passed from user-mode are. Let's see how long it takes for developers to take this kind of bug a bit more serious - or do they need to be made aware of it first? ;-) Going for the paper on pool overflows now... |
|
 jms |
Posted: Thursday, June 12 2008 21:45.25 CDT |
| Thanks! Yes, definitely read Kostya's paper it's far more badass than mine. | |