For some common local Kernel vulnerabilities there is no general, multi-version and reliable way to exploit them. There have been interesting techniques published but they are not simple and/or neither they work across different Windows versions most of the time. This presentation will show some easy, reliable and cross platform techniques for exploiting some common local Windows kernel vulnerabilities. These new techniques allow even to exploit vulnerabilities that have been considered difficult or almost impossible to exploit in the past.
Cesar Cerrudo is CTO at IOActive Labs where he leads the team in producing ongoing cutting edge research in the areas of SCADA, mobile device, application security and more. Formerly the founder and CEO of Argeniss Consulting, acquired by IOActive, Cesar is a world renown security researcher and specialist in application security. Throughout his career, Cesar is credited with discovering and helping to eliminate dozens of vulnerabilities in leading applications including Microsoft SQL Server, Oracle database server, IBM DB2, Microsoft BizTalk Server, Microsoft Commerce Server, Microsoft Windows, Yahoo! Messenger, etc. In addition, Cesar has authored several white papers on database, application security, attacks and exploitation techniques and he has been invited to present at a variety of companies and conferences including Microsoft, Black Hat, Bellua, CanSecWest, EuSecWest, WebSec, HITB, Microsoft BlueHat, EkoParty, FRHACK, H2HC, Defcon, Infiltrate, etc. Cesar collaborates with and is regularly quoted in print and online publications including eWeek, ComputerWorld, and other leading journals.