Description: This is a video of the presentation titled "<span style="font-weight: bold;">NetWare Kernel Stack Overflow Exploitation</span>" given by Nicolas Pouvesle at Recon 2008. <br><br>Talk Description:<br><br>Although a lot of research has been done into exploiting remote buffer overflows in kernel mode on modern systems like Windows, Linux and BSD, there are really few publications about exploitation on other platforms which are still common in enterprise networks. The main approach in kernel mode exploitation is to inject a payload in user mode. While this method allows to reuse shellcodes and payloads it may not be the best solution when the system is kernel centric.<br><br>The purpose of this presentation is to describe common and less common kernel-land exploitation techniques applied to the NetWare Operating system. As such, the focus will be on the explanation of a full kernel mode stager and of two different kernel mode stages, a shellcode and an adduser payload. <br><br>A high resolution video is available here. The presentation slides can be downloaded here. <br><br><br><br><br></div><br><p style="text-align: justify;"><br></p>
Tags: basics ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.