Nitin Kumar Iindependent Security Engineer & Researcher)
Presentation Title: Vboot Kit: Compromising Windows Vista Security
Presentation Details:
Vboot kit is first of its kind technology to demonstrate Windows vista kernel subversion using custom boot sector. Vboot Kit shows how custom boot sector code can be used to circumvent the whole protection and security mechanisms of Windows Vista.The booting process of windows Vista is substantially different from the earlier versions of Windows.The talk will give you details and know abouts for the Vista booting process.Then, we will be explaining the vboot kit functionality and how it works.We will also have an insight into the Windows Vista Kernel.We also go through a sample Ring 0 Shell code(for Vista).The sample shellcode effectively raises the privileges of certain programs to SYSTEM.Also, a live demonstration of vboot kit POC will be done. The sample shellcode effectively raises the privileges of certain programs to SYSTEM. Also, a live demonstration of vboot kit POC will be done which will show vbootkit in action from OS selection and later on privilege escalation shell code in action.
About Nitin
Mr. Nitin Kumar is an independent Security Engineer & researcher from the India’s Himalayan Region. He has been involved in Network Security Analysis and Penetration Techniques. He likes reverse engineering, researching OS & Network Security. He is a recent graduate in Bachelor of Technology, Computer Science & holds RHCE certification. His clients include some of most reputed organizations of India. His latest work involves the development of boot kit (a technique to subvert Windows 2000/XP/2003 System using custom boot sector).
** Presenting with Vipin Kumar