Tech
Memory Corruption: from Sandbox to SMM
Author: Nikita Tarakanov
This report will focus on similarities and differences of memory corruptions exploitation in different rings, from userland to all-mighty SMM. It will demonstrate how many vulnerabilities are required to bypass all security mechanisms. Additionally, it will also discuss historical retrospective of multi-ring exploitation.
- Language
- Russian
- Info
- Video
- Presentation
Nikita Tarakanov is a security researcher at Intel currently engaged in reverse engineering and vulnerability search automation. He previously worked as an IS researcher at Positive Technologies, VUPEN Security, and CISS. The winner of the PHDays Hack2Own 2011/2012 contest and the author of reports about kernel mode drivers and their exploitation techniques. He is interested in writing exploits, especially for Windows NT Kernel.
