Hello Readers,
It's been so long since I have written any blog post but now, the time has come :p Firstly I thought of writing a series of tutorials on Active Directory Pentesting but setting up a good AD lab will take some time so we can learn it once the AD lab is ready ;) :)
If you hate theories then you may not like this post because I have to include this in order to start it from scratch. I assume that you have some experience in binary exploitation because I won't be covering the user-land exploitation.
It's been so long since I have written any blog post but now, the time has come :p Firstly I thought of writing a series of tutorials on Active Directory Pentesting but setting up a good AD lab will take some time so we can learn it once the AD lab is ready ;) :)
If you hate theories then you may not like this post because I have to include this in order to start it from scratch. I assume that you have some experience in binary exploitation because I won't be covering the user-land exploitation.
Introduction
I thought of learning the basics of kernel exploitation on Win7 as a virtual environment. This blog post is a 0th part of this series on Windows Kernel Exploitation. Please feel free to point out mistakes, send suggestions and also criticize wherever you feel like ;)
Let us start !
Kernel -
According to Wikipedia - a kernel is a central part of an operating system which manages the operations of the computer and hardware - most notably memory and CPU time.
* it schedules activities that is performed by CPU
* you can call it as the heart of an operating system
Basic outline -
CPU spend time in two very distinct modules - a) kernel mode & b) user mode
a) Kernel Mode -
* the executing code has complete and unrestricted access to the underlying hardware
* can execute CPU instructions and reference any memory address
* generally reserved for low-level, most trusted functions on the operating system
* any crash in kernel mode will halt the entire PC
b) User Mode -
* executing code has no ability to directly access hardware or reference memory
* code running in user-mode must delegate to system APIs to access hardware or memory
* crashes in user-mode is always recoverable
* most of the code running in your computer will execute in user mode
x86 CPU Protection rings -
Ring 0 -
Ring 0 is the level with the most privileges and interacts most directly with the physical hardware such as the CPU and memory.
Ring 0 is for kernel code and device drivers.
Ring 3 -
Ring 3 is the level with least privileges which runs all user programs.
Ring 1 and Ring 2 are rarely used, but could be configured with different levels of access.
Kernel-Mode Architecture of Windows
Hardware Abstraction Layer -
* layer between physical hardware of computer and rest of the operating system
* designed to hide differences in hardware and provide consistent platform on which the kernel is run
* it includes hardware specific code that controls I/O interfaces, Interrupt controller and multiple processors
Bored with the theories ?? :p Expect some exploitation in next part of the tutorial. :) :D
References -
https://blog.codinghorror.com/understanding-user-and-kernel-mode/
https://www.cs.fsu.edu/~zwang/files/cop4610/Fall2016/windows.pdf
References -
https://blog.codinghorror.com/understanding-user-and-kernel-mode/
https://www.cs.fsu.edu/~zwang/files/cop4610/Fall2016/windows.pdf
KING CASINO, LLC GIVES A $100 FREE BET
ReplyDeleteKING CASINO, LLC GIVES A $100 FREE https://sol.edu.kg/ BET to try. 출장샵 Visit us today and receive https://vannienailor4166blog.blogspot.com/ a $100 FREE BET! Sign 토토사이트 up herzamanindir.com/ at our new site!