SteelCon is a unique event; the North of England hasn’t (until now) had a hacker con to call its own.
This is a hacker con, for anyone who is interested in how things work, how things can be broken and how they can be fixed. This is not about criminal hacking and stealing people’s data for mass reward. If you like to tinker with things, aren’t happy with something until you know how it does what it does, won’t let something be broken without trying to fix it, SteelCon is for you.
There will be something for everyone with a wide range of talks, workshops, challenges and good old fashioned social networking.
Talk presented by MWR
- Time: 12:30:00
- Room: Track One
- Topic: A chain is only as strong as its weakest Win32k
- Speakers: Sam Brown
- Description: This talk aims to provide an overview of the Windows kernel mode attack surface, how to interact with it and the challenges in exploiting kernel memory corruption vulnerabilities on the latest releases of Windows.
With the rise of sandboxes and locked down user accounts attackers are increasingly resorting to attacking kernel mode code to gain full access to compromised systems.
This talk will demonstrate the tools available for finding bugs in Windows kernel mode code and drivers together with highlighting some of the lower hanging fruit, common mistakes and the steps being taken (or lack of steps being taken) to mitigate the risks posed. The talk will then cover common exploitation techniques to gather information about the state of kernel mode memory and to gain code execution as SYSTEM.
Finally the talk will walk through exploiting a Kernel mode memory corruption vulnerability on a modern release of Windows.