TEXT_SIZE

Vbootkit 2.0 - Attacking Windows 7 via Boot Sectors

Speaker : Nitin Kumar & Vipin Kumar, Independent Security Researchers, NVlabs.
Track : ColdFire Session
Length : 50 minutes

This talk will introduce a new tool which allows attacks against Windows 7 via boot sectors. In this talk we will demo Vbootkit 2.0 in action and show how to bypass and circumvent security policies / architecture using customized boot sectors for Windows 7 (x64). The talk will cover:
  1. Windows 7 Boot architecture
  2. Vbootkit 2.0 architecture and inner workings
  3. insight into the Windows 7 minkernel

We will also demonstrate:

  1. The use of Vbootkit in gaining access to a system without leaving traces
  2. Leveraging normal programs to escalate system privileges
  3. Remote control windows 7 using ping packets
  4. Remote key logger
  5. Running unsigned code in kernel

All this is done, without having any footprint on the HDD (everything is in memory). It also remains invisible to all existing anti-virus solutions.

Facebook | Technorati | Mr. Wong | Stumble It! | Diigo | Google | BlinkList | Furl | Ma.gnolia | Reddit | Del.icio.us; | Digg This!

Twitter Updates

Speakers @ Glance

Howard Schmidt

John Bumgarner

John Bumgarner

Roberto Suggi

Roberto Suggi

Charlton Smith

Charlton Smith

Kevvie Fowler

Kevvie Fowler

Nitin Kumar

Nitin Kumar

Vipin Kumar

Vipin Kumar

Aviram Jenik

Aviram Jenik

Cedric Blancher

Cedric Blancher

Mano Paul

Mano Paul

Fyodor Yarochkin

Fyodor Yarochkin

Bryan Fite

Bryan Fite

Shreeraj Shah

Shreeraj Shah

Sumit Siddharth

Sumit Siddharth

Lavakumar Kuppan

Lavakumar Kuppan

Follow Us On

Facebook Group FeedBurner Linked In Group Twitter YouTube