Close Encounters of the Advanced Persistent Kind: Leveraging Rootkits for Post-Exploitation

  Рет қаралды 3,967

Black Hat

Black Hat

Күн бұрын

...Our presentation will explore a full-chain Windows kernel post-exploitation scenario, where we discovered and weaponized a Windows 0-day vulnerability to load our kernel rootkit. Once loaded, we will demonstrate how Direct Kernel Object Manipulation (DKOM) can be utilized to dynamically alter OS telemetry/sensor visibility, thereby rendering endpoint security solutions ineffective. Additionally, we will showcase a number of advanced attacks, such as employing Network Driver Interface Specification (NDIS) modules to disrupt EDR cloud telemetry or establish covert persistence channels or directly read memory-resident keyboard states in the Kernel for high-performance global keylogging....
By: Ruben Boonen , Valentina Palmiotti
Full Abstract and Presentation Materials: www.blackhat.c...

Пікірлер
Privacy Detective: Sniffing Out Your Data Leaks for Android
30:04
BAYGUYSTAN | 1 СЕРИЯ | bayGUYS
36:55
bayGUYS
Рет қаралды 1,9 МЛН
Try this prank with your friends 😂 @karina-kola
00:18
Andrey Grechka
Рет қаралды 9 МЛН
小丑教训坏蛋 #小丑 #天使 #shorts
00:49
好人小丑
Рет қаралды 54 МЛН
Demystifying Modern Windows Rootkits
31:23
Black Hat
Рет қаралды 14 М.
Event-Driven Architecture (EDA) vs Request/Response (RR)
12:00
Confluent
Рет қаралды 177 М.
"Simple Made Easy" - Rich Hickey (2011)
1:01:39
Strange Loop Conference
Рет қаралды 103 М.
MAJOR EXPLOIT: This GIF can Backdoor any Android Phone (sort of)
12:00
The intro to Docker I wish I had when I started
18:27
typecraft
Рет қаралды 321 М.
The Only Unbreakable Law
53:25
Molly Rocket
Рет қаралды 342 М.
All Rust string types explained
22:13
Let's Get Rusty
Рет қаралды 189 М.
BAYGUYSTAN | 1 СЕРИЯ | bayGUYS
36:55
bayGUYS
Рет қаралды 1,9 МЛН