Abstract

Overview:-
We are conducting n|u Humla session at Mumbai on Windows Kernel Exploitation. This will be a complete hands-on session where attendees will be introduced to Windows Kernel exploitation techniques. We invite people who know basics of user mode exploitation and are really interested in upgrading their skills to attack and exploit Windows Kernel. This is a per-invite based session and will be sending out the invites to only 10 people.

Prerequisites (Basics):-
-Windows Kernel
-Kernel Mode Drivers
-User Mode Exploitation
-Assembly and C/Python
-WinDbg
-Types of Vulnerabilities

Hardware & Software Requirement:-
A laptop capable of running two virtual machines simultaneously (4/8 GB of RAM). 8/16 GB Flash Drive

Note: We will be distributing unlicensed version of Windows 7 with WinDbg, Dev C++, Python, Vulnerable Kernel Driver installed and VirtualBox. Everyone should have Administrator privilege on their laptop.

What to Expect?
-Complete Hands-on
-Fast & Quick Overview of Windows Internals
-WinDbg-Fu
-Windows Kernel Drivers Basics/IOCTL/IRP
-Techniques to Exploit Windows Kernel/Driver Vulnerabilities

What Not to Expect?
-Elite Kernel Hacker in One day
-Basics of ASM/C/Python
-Basics of User Mode Exploitation

Note: This session is conducted to introduce Windows Kernel Exploitation concepts to attendees and walk-through/hands-on to help gain confidence in Kernel Exploitation. This is just a TIP of an ICEBERG.

Speaker

Ashfaq Ansari

Ashfaq Ansari is the founder of HackSys Team code named "Panthera". He is a Security Researcher with experience in various aspects of Information Security. He has authored "HackSys Extreme Vulnerable Driver" and "Shellcode of Death". He has also written and published various whitepapers on low level software exploitation. His core interest lies in "Low Level Exploitation", "Reverse Engineering", "Program Analysis" and "Hybrid Fuzzing". He is a fanboy of Artificial Intelligence and Machine Learning. He is the chapter lead for null (Pune).

Timing

Starts at Saturday April 18 2015, 10:00 AM. The sessions runs for about 8 hours.

Resources