Exploit Development: Leveraging Page Table Entries for Windows Kernel Exploitation
Exploiting page table entries through arbitrary read/write primitives to circumvent SMEP, no-execute (NX) in the kernel, and page table randomization.
Recent posts
Turning the Pages: Introduction to Memory Paging on Windows 10 x64
Brief introduction to memory paging on Windows 10 x64 to help leverage bypassing SMEP via page table entries.
Exploit Development: Rippity ROPpity The Stack Is Our Property - Blue Frost Security eko2019.exe Full ASLR and DEP Bypass on Windows 10 x64
Reverse engineering BFS’s eko2019.exe application and obtaining an ASLR bypass via an arbitrary read primitive.
Exploit Development: Panic! At The Kernel - Token Stealing Payloads Revisited on Windows 10 x64 and Bypassing SMEP
Revisiting token stealing payloads on Windows 10 x64 and diving into mitigations such as SMEP.
Exploit Development: Windows Kernel Exploitation - Arbitrary Overwrites (Write-What-Where)
An introduction to exploiting the ability to write data to an arbitrary location.