For the Win: The Art of the Windows Kernel Fuzzing

Over the year, the Windows kernel has been enhanced through a variety of kernel security additions making it harder for security researchers to find kernel issues, bugs, and exploits.

This talk will cover the art of the kernel fuzzing and a tool I developed to aid security researchers in kernel fuzzing. I will introduce a new method of fuzzing Windows kernels, demonstrate the fuzzing framework and how it works. 

The fuzzer focuses on Windows kernel objects and the relationship with different objects. I will cover GDI objects and some other Windows kernel objects and some crash cases found via the framework. Lastly, I will show an exploit demo that I completed last year.

Location: Track 2 Date: May 9, 2019 Time: 4:30 pm - 5:30 pm Guangming Liu