Exploit Development: Leveraging Page Table Entries for Windows Kernel Exploitation
Exploiting page table entries through arbitrary read/write primitives to circumvent SMEP, no-execute (NX) in the kernel, and page table randomization.
Exploiting page table entries through arbitrary read/write primitives to circumvent SMEP, no-execute (NX) in the kernel, and page table randomization.
Brief introduction to memory paging on Windows 10 x64 to help leverage bypassing SMEP via page table entries.
Reverse engineering BFS’s eko2019.exe application and obtaining an ASLR bypass via an arbitrary read primitive.
Revisiting token stealing payloads on Windows 10 x64 and diving into mitigations such as SMEP.
An introduction to exploiting the ability to write data to an arbitrary location.