HITB (Hack In The Box) 2004 Presentation by S.K. Chong: "Windows Local Kernel Exploitation". Discusses mechanisms to exploit the Windows Kernel for useful local privilege escalation. Unlike "Shatter Attack" which is usually only useful if an attacker has physical access of the computer, Kernel exploitation will escalate the attacker to the highest level of the kernel itself without any restrictions. The presentation will include usage of undocumented APIs, memory corruption in device drivers, kernel 'shellcode' as well as other relevant tricks to find and exploit the Windows kernel-land for a successful privilege escalation.
3b0a27ebf4e22e17709d7a4a775a2c4e5de69c307b42ade96b78fb71a7c52ac2