Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/ga1ois/bluehat-2019-seattle

All the materials in BlueHat 2019 Seattle will be realeased here.
https://github.com/ga1ois/bluehat-2019-seattle

Last synced: about 2 months ago
JSON representation

All the materials in BlueHat 2019 Seattle will be realeased here.

Host: GitHub
URL: https://github.com/ga1ois/bluehat-2019-seattle
Owner: ga1ois
Created: 2019-12-02T19:17:27.000Z (about 5 years ago)
Default Branch: master
Last Pushed: 2019-12-02T20:21:10.000Z (about 5 years ago)
Last Synced: 2024-08-04T23:10:56.458Z (5 months ago)
Size: 13.8 MB
Stars: 66
Watchers: 7
Forks: 15
Open Issues: 0
Metadata Files:
- Readme: README.md

Awesome Lists containing this project

awesome-security-collection - **62**星

README

# BlueHat-2019-Seattle
All the materials in BlueHat 2019 Seattle will be realeased here.

Pool Fengshui in Windows RDP Vulnerability Exploitation

Abstract:

Heap Fengshui is one of the most important techniques in userland vulnerability exploitations under modern mitigations, seemingly Pool Fengshui plays the same role in Windows RDP vulnerability exploitations. In this topic, we will not only introduce three inovative methods for Pool Fengshui with RDP PDUs, but also introduce the idea about how to find those Pool-Fengshui-Friendly PDUs in tons of legitimate PDUs from massive RDP documents. Details from how to construct three different PDUs in the RDP client to how to parse these PDUs and what these PDUs looks like in the kernel memory in the RDP server will all be discussed. Besides, we will also use BlueKeep (CVE-2019-0708) as an example to show how useful and universal these techniques are in Windows RDP vulnerability exploitations. At last, we will show the BlueKeep exploit demo.