Projects List.
Vous ne pouvez pas sélectionner plus de 25 sujets Les noms de sujets doivent commencer par une lettre ou un nombre, peuvent contenir des tirets ('-') et peuvent comporter jusqu'à 35 caractères.


Vbootkit 2.0: Attacking Windows 7 via Boot Sectors

This talk will introduce a new tool which allows attacks against Windows 7 via boot sectors. In this talk we will demo Vbootkit 2.0 in action and show how to bypass and circumvent security policies / architecture using customized boot sectors for Windows 7 (x64).
The talk will cover:

  1. Windows 7 Boot architecture
  2. Vbootkit 2.0 architecture and inner workings
  3. insight into the Windows 7 minkernel

We will also demonstrate:

  1. The use of Vbootkit in gaining access to a system without leaving traces
  2. Leveraging normal programs to escalate system privileges
  3. Running unsigned code in kernel
  4. Remote command & Control

All this is done, without having any footprint on the HDD (everything is in memory). It also remains invisible to all existing anti-virus solutions.

Vbootkit 2.0 Attacking Windows 7 (x64) via Boot Sectors

Vbootkit 2.0 source is available under open-source under GPL license.