Windows Kernel Graphics Driver Attack Surface

Presented at Black Hat USA 2014, Aug. 6, 2014, 11:45 a.m. (60 minutes)

Ever wondered about the attack surface of graphics drivers on Windows? Are they similar to other drivers? Do they expose ioctl's? In this talk, all those questions will be answered and more. Whether you're a security researcher, a developer looking for some security guidance when writing these drivers, or just generally curious about driver internals, there's something here for all. The research done focuses both on C/C++ code when available, as well as reverse engineering of these drivers.

Presenters:

  • Ilja van Sprundel - IOActive
    Ilja van Sprundel is experienced in exploit development and network and application testing. As IOActive's Director of Penetration Testing, he performs primarily gray-box penetration testing engagements on mobile (specializing in iOS) and runtime (specializing in Windows kernel) applications that require customized fuzzing and source code review, identifying system vulnerabilities, and designing custom security solutions for clients in technology development telecommunications, and financial services. van Sprundel specializes in the assessment of low-level kernel code and architecture/infrastructure design, having security reviewed literally hundreds of thousands of lines of code. However, as a Director, he also functions in a managerial capacity by overseeing penetration testing engagements, providing oversight regarding technical accuracy, serving as the point of contact between technical consultants and technical stakeholders, and ensuring that engagements are delivered on time and in alignment with customer's expectations. van Sprundel also is responsible to mentor and guide Associate-level consultants as they grow both their penetration testing and general consulting skillsets. He is the driver behind the team's implementation of cutting-edge techniques and tools, guided by both research and successful exploits performed during client engagements.

Links:

Similar Presentations: