Win32k Type Confusion Vulnerability Analysis Guide

zoemurmure
| , 22 min read
0. Preface As we all know, win32k has contributed significantly to Windows privilege escalation vulnerabilities in recent years. I have always wanted to understand the principles of these vulnerabilities and read many related papers for this purpose. However, as a novice in kernel vulnerability rese

CSRSS Basics

zoemurmure
| , 6 min read
0. Preface This is an incomplete introduction to CSRSS. Since I was analyzing CSRSS-related vulnerabilities recently, I organized some related knowledge. Therefore, you cannot fully understand CSRSS solely through this article. However, if this article can answer some of your questions while learnin

x64 Paging Mechanism

zoemurmure
| , 4 min read
Preface During the process of learning HEVD (HackSys Extreme Vulnerable Driver), I found there were many concepts I didn’t fully understand, which prompted this article. The content is translated from reference^[1]^, with minor adjustments to the content and structure for learning purposes. Ba

[HEVD Exploit Series] StackOverflowGS

zoemurmure
| , 18 min read
0. Preface HackSys Extreme Vulnerable Driver (HEVD) is a Windows driver with multiple vulnerabilities developed for learning kernel exploit techniques. This article describes how to bypass a stack overflow vulnerability with /GS protection under a Windows 10 64-bit environment, involving two securit