Memory Corruption: from Sandbox to SMM

Want to visit   +38

Author: Nikita Tarakanov

This report will focus on similarities and differences of memory corruptions exploitation in different rings, from userland to all-mighty SMM. It will demonstrate how many vulnerabilities are required to bypass all security mechanisms. Additionally, it will also discuss historical retrospective of multi-ring exploitation.

  • Language
  • Russian

Nikita Tarakanov is a security researcher at Intel currently engaged in reverse engineering and vulnerability search automation. He previously worked as an IS researcher at Positive Technologies, VUPEN Security, and CISS. The winner of the PHDays Hack2Own 2011/2012 contest and the author of reports about kernel mode drivers and their exploitation techniques. He is interested in writing exploits, especially for Windows NT Kernel.

Nikita Tarakanov Nikita Tarakanov

Back to the list