DEF CON 27 - Jesse Michael - Get Off the Kernel if You Cant Drive
For software to communicate with hardware, it needs to talk to a kernel-mode driver that serves as a middle-man between the two, helping to make sure everything operates as it should. In Windows that is done using the Kernel-Mode Driver Framework (KMDF).
These drivers are used to control everything in your computer, from small things like CPU fan speed, color of your motherboard LED lights, up to flashing a new BIOS.
However, as the code in these drivers runs with the same privileges as the rest of the kernel, malicious drivers can be used to compromise the security of the platform. To that end, Microsoft relies on WHQL, code signing, and EV Signing to prevent drivers which have not been approved by Microsoft from being loaded into the kernel.
Unfortunately, security vulnerabilities in signed drivers can be used to as a proxy to read and write hardware resources such as kernel memory, internal CPU configuration registers, PCI devices, and more. These helpful driver capabilities can even be misused to bypass and disable Windows protection mechanisms.
Let us teach you how these drivers work, show you the unbelievable risk they pose, and enjoy our walk of shame as we parade all the silly and irresponsible things we discovered in our research.
Видео DEF CON 27 - Jesse Michael - Get Off the Kernel if You Cant Drive канала HackersOnBoard
These drivers are used to control everything in your computer, from small things like CPU fan speed, color of your motherboard LED lights, up to flashing a new BIOS.
However, as the code in these drivers runs with the same privileges as the rest of the kernel, malicious drivers can be used to compromise the security of the platform. To that end, Microsoft relies on WHQL, code signing, and EV Signing to prevent drivers which have not been approved by Microsoft from being loaded into the kernel.
Unfortunately, security vulnerabilities in signed drivers can be used to as a proxy to read and write hardware resources such as kernel memory, internal CPU configuration registers, PCI devices, and more. These helpful driver capabilities can even be misused to bypass and disable Windows protection mechanisms.
Let us teach you how these drivers work, show you the unbelievable risk they pose, and enjoy our walk of shame as we parade all the silly and irresponsible things we discovered in our research.
Видео DEF CON 27 - Jesse Michael - Get Off the Kernel if You Cant Drive канала HackersOnBoard
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
32C3 - Neither Snow Nor Rain Nor MITM The State of Email Security in 2015An Inside Story of Mitigating Speculative Execution Side Channel VulnerabilitiesBlack Hat USA 2018 - The Air Gap JumpersDEF CON 25 - Yan Shoshitaishvili - 25 Years of Program AnalysisBlack Hat USA 2018 - Mainframe [z/OS] Reverse Engineering and Exploit Development32C3 - The Ultimate Amiga 500 TalkDEF CON 27 - Campbell Murray - GSM We Can Hear Everyone NowDEF CON 26 - Vincent Tan - Hacking BLE Bicycle Locks for Fun and a Small Profit29c3 many tamagotchis were harmed in the making of this presentationDEF CON 27 - Nikhil Mittal - RACE - Minimal Rights and ACE for Active Directory DominanceBlack Hat USA 2018 - Automated Discovery of Deserialization Gadget ChainsDEF CON 25 - See no evil and hear no evil - Hacking invisibly and silently with light and soundDEF CON 27 - Douglas McKee - HVACking Understand the Delta Between Security and RealityDEF CON 25 - Svea Owen and Andreas Dewes - Dark Data[Linux.conf.au 2013] - Free and open source software and activism[Linux.conf.au 2013] - All-around OpenStack storage with CephBlack Hat USA 2018 - Compression Oracle Attacks on VPN Networks32C3 - Wie man einen Blackout verursachtBlack Hat USA 2018 - A Deep Dive into macOS MDM and How it can be CompromisedBehind the Speculative Curtain The True Story of Fighting Meltdown and Spectre