Exploiting Windows DRIVERS: Double-fetch Race Condition Vulnerability

mak

Соломенные сандалии
Администратор
Сообщения
410
Реакции
167
Статья - https://resources.infosecinstitute....rs-double-fetch-race-condition-vulnerability/

A race condition occurs when two or multiple running threads manipulate the same resources without any synchronization mechanism regulating access to these resources. The presence of race conditions often leads to undesirable behavior ranging from erroneous results to a complete crash of the program. In this article, we will be looking into a special type of race condition vulnerabilities: the double-fetch vulnerability and using it to escalate privileges on the system.

In contrast to typical race condition vulnerabilities where the program itself is the one creating the threads and running them, double-fetch race condition exploitation requires the attacker himself to create the competing threads. To understand the reason behind this, we need to know what causes this specific bug, and how an attacker might approach it.

References
Driver and Exploit Source code:
https://github.com/SouhailHammou/Drivers/tree/master/double-fetch-racecondition

Cesar Cerrudo’s Blackhat US 2012 slides:
https://media.blackhat.com/bh-us-12/Briefings/Cerrudo/BH_US_12_Cerrudo_Windows_Kernal_Slides.pdf
 
Верх Низ