CONFERENCE MATERIALS HAVE BEEN UPLOADED
http://conference.hitb.org/hitbsecconf2009dubai/materials/
CONFERENCE PHOTOS HAVE BEEN RELEASED
http://photos.hackinthebox.org

Vipin Kumar (Founder, nvLabs.in)

Presentation Title: Vbootkit 2.0: Attacking Windows 7 via Boot Sectors
Presentation Abstract:

This talk will introduce a new tool which allows attacks against Windows 7 via boot sectors. In this talk we will demo Vbootkit 2.0 in action and show how to bypass and circumvent security policies / architecture using customized boot sectors for Windows 7 (x64). The talk will cover:

() Windows 7 Boot architecture
() Vbootkit 2.0 architecture and inner workings
() insight into the Windows 7 minkernel

We will also demonstrate:

() The use of Vbootkit in gaining access to a system without leaving traces
() Leveraging normal programs to escalate system privileges
() Running unsigned code in kernel

All this is done, without having any footprint on the HDD (everything is in memory). It also remains invisible to all existing anti-virus solutions.

About Vipin

Vipin Kumar is an independent security consultant and analyst. He has experience in system and network security as well as programming and project design. He likes to develop specialized software and/or stuffs related to windows kernel. He holds MCSE and a Bachelor of Technology in Computer Science. His previous work consists of bootkit, vbootkit, nvbit - Bitlocker Volume access tools for Linux.

** Note: Presenting with Nitin Kumar