Dailydave mailing list archives

Previous By Date Next
Previous By Thread Next

Re: ID, Apples

From: Piotr Bania <bania.piotr () gmail com>
Date: Fri, 26 May 2006 16:53:12 +0200
>Also kernel-mode heap exploits were demonstrated by at Xcon 2005 and >SyScan 2005 by SoBeIt. 
>http://xcon.xfocus.org/xcon2005/archives/2005/Xcon2005_SoBeIt.pdf
If we talk about local "kernel-mode" exploitation, i've really enjoyed NAVAP exploit in Aug 2003 (http://www.securityfocus.com/bid/8329/discuss). I belive it was one of the premier.
Few months ago, i've also written short paper about exploiting windows device drivers, it covers some of exploitation techniques (http://www.piotrbania.com/all/articles/ewdd.pdf).
I think this type of exploitation, like any other mostly depends on your imagination, you can leave some cool callgates, switch the pids etc. etc. If i can citate one of my highschool teachers: "Good pilot will fly even on barn doors". 


best regards,
brainpatio

--
--------------------------------------------------------------------
Piotr Bania - <bania.piotr () gmail com> - 0xCD, 0x19
Fingerprint: 413E 51C7 912E 3D4E A62A  BFA4 1FF6 689F BE43 AC33
http://www.piotrbania.com  - Key ID: 0xBE43AC33
--------------------------------------------------------------------

              - "The more I learn about men, the more I love dogs."
Previous By Date Next
Previous By Thread Next

Current thread: