[HN Gopher] 0x01 - Killing Windows Kernel Mitigations
___________________________________________________________________
0x01 - Killing Windows Kernel Mitigations
Author : neilwillgettoit
Score : 54 points
Date : 2024-12-08 01:14 UTC (5 days ago)
(HTM) web link (wetw0rk.github.io)
(TXT) w3m dump (wetw0rk.github.io)
| wetw0rk wrote:
| If you're following my Windows Kernel Exploitation series the
| time to bypass modern mitigations is now.
|
| We've learned how to exploit a Stack Overflow in Windows 7 (x86)
| but what has changed since then?
|
| Truthfully a lot, but the core fundamental problem exists and as
| such we as hackers will always find a way to exploit them.
|
| As part of this tutorial, I will be releasing my technique on
| bypassing SMEP and VBS I have dubbed Violet Phosphorous. I
| personally have not seen these mitigations bypassed in this
| manner so I'm claiming it.
|
| To prove its effectiveness, I installed the latest Windows 11
| (x64) build (24H2) and successfully elevated my privileges to NT
| AUTHORITY/SYSTEM.
|
| The king is dead, long live the king!
|
| LONG LIVE THE STACK OVERFLOW!
| dang wrote:
| (This text was originally part of
| https://news.ycombinator.com/item?id=42353276 but that got
| killed by HN's software (bad), so I moved it here to the live
| post.)
| daneel_w wrote:
| Was your test install also fully updated, i.e. is your exploit
| currently valid?
| cahoot_bird wrote:
| Super interesting. At one point thought control flow guard +
| DEP/ASLR was suppose to prevent this stuff, guess it can't be
| prevented nearly completely by now. Sounds like this took a lot
| of work to figure out, well done.
|
| Any comment on reporting to Microsoft or perhaps motivation for
| this research?
___________________________________________________________________
(page generated 2024-12-13 23:00 UTC)