Abstract
This chapter focuses on local Windows kernel exploitation. The chapter begins by introducing Windows kernel fundamentals and how to prepare a working environment. The chapter shows how to elevate the privileges of an arbitrary process. How to exploit different types of kernel vulnerabilities is also illustrated. Since Windows has gone through a lot of different releases, this chapter focuses on two server platforms: Windows Server 2003 32-bit SP2 and Windows Server 2008 R2 64-bit. Windows is a very interesting operating system rich with features and protection schemas. Moreover, because Windows is a closed source operating system, it takes a lot of effort to deal with its internal structures and undocumented system behaviors. The chapter shows how to set up a typical debugging environment. It introduces how to configure a kernel debugger (WinDbg) as well as how to properly set up the virtual machine that hosts the target vulnerable kernel. Next, the DVWD package is introduced which contains the vulnerable crafted codes. Then the chapter covers a few Windows kernel concepts that are important to understand before moving on to exploitation execution.
Published Version
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call