Slides of Hitcon 2016 in Taipei China:
Abstract: From Window 8, Microsoft has introduced many new kernel protection mechanism including SMEP, improved KASLR, process integrity level, zero page memory protection, No-Execute(NX) Nonpaged pool... etc. These exploitation relief mechanism combines with existing safety mechanism DEP/NX, Kernel Patch Guard, brings certain difficulty to kernel attackers. In this session, we will review some latest Kernel Exploitation techniques, then bring forward an exploit technique inducted by the speaker. Afterwards the I will demonstrate this technique with a latest kernel vulnerability discovered in wild.