Monthly Archives: May 2017

Windows 7 x64 Kernel Exploitation – Stack Overflow (3/3)

In this (short) post, we will explore triggering a stack overflow vulnerability in the kernel. This is a classic exploitation case. The Vulnerability: TriggerStackOverflow Similar to the last post, we first inspect the vulnerable function in code. This is a … Continue reading

Posted in Uncategorized | Leave a comment

Windows 7 x64 Kernel Exploitation – Arbitrary Write (2/3)

In this post, we will dive into an actual example of exploitation, against an arbitrary write-what-where vulnerability. The Vulnerability: TriggerArbitraryOverwrite The vulnerability we are exploiting is within the TriggerArbitraryOverwrite function. In source code, we can see this in the “TriggerArbitraryOverwrite” function, … Continue reading

Posted in Uncategorized | Leave a comment

Windows 7 x64 Kernel Exploitation – Setup (1/3)

Several months ago, I took a short sojourn into the world of Windows Kernel exploitation, based on the work of hacksysteam and their excellent HackSys Extreme Vulnerable Driver (github here). I learned some things, and built a short community presentation … Continue reading

Posted in Uncategorized | Leave a comment

HG658 for Fun and Profit (AES Remix)

Recently, I took a look at a Huawei HG658 router for fun – this is a router common to multiple ISP’s across Australia, so a solid vulnerability in this would be significantly re-usable. The router I had in question was … Continue reading

Posted in Bards, Computers, Jesting | Leave a comment