Close Encounters of the Advanced Persistent Kind: Leveraging Rootkits for Post-Exploitation
...Our presentation will explore a full-chain Windows kernel post-exploitation scenario, where we discovered and weaponized a Windows 0-day vulnerability to load our kernel rootkit. Once loaded, we will demonstrate how Direct Kernel Object Manipulation (DKOM) can be utilized to dynamically alter OS telemetry/sensor visibility, thereby rendering endpoint security solutions ineffective. Additionally, we will showcase a number of advanced attacks, such as employing Network Driver Interface Specification (NDIS) modules to disrupt EDR cloud telemetry or establish covert persistence channels or directly read memory-resident keyboard states in the Kernel for high-performance global keylogging....
By: Ruben Boonen , Valentina Palmiotti
Full Abstract and Presentation Materials: #close-encounters-of-the-advanced-persistent-kind-leveraging-rootkits-for-post-exploitation-32913
1 view
15
4
5 months ago 00:01:48 1
That’s Not My Neighbor the Musical TEASER TRAILER [by Random Encounters]
5 months ago 00:24:18 1
Trap Door to the Past | Felix The Cat
5 months ago 00:00:19 1
Beyond Speed: How Accuracy Transforms Chain Punches into a Deadly Weapon - Master Tu Tengyao
5 months ago 00:00:18 1
Mastering Wing Chun’s Devastating Elbow Strikes: Unleashing Close-Range Power - Master Tu Tengyao
5 months ago 00:36:17 1
Suspicious People Caught on Camera
5 months ago 00:00:31 1
Close encounter with a gorilla #animalsightings #wildlife #gorillas
5 months ago 00:35:24 1
Deep House DJ Mix / Lavrikova / Live from Ticino / Sunset Edition 4K
5 months ago 00:58:05 2
Sanya, Hainan🇨🇳 Discovering China’s Hidden Island Paradise (4K UHD)