Techlord Posted April 23, 2018 Share Posted April 23, 2018 Full Article here: Quote https://blog.xpnsec.com/total-meltdown-cve-2018-1038/ An excerpt from the post: Quote Back in March, a vulnerability was disclosed by Ulf Frisk in Windows 7 and Server 2008 R2. The vulnerability is pretty awesome, a patch released by Microsoft to mitigate the Meltdown vulnerability inadvertently opened up a hole on versions of Windows, allowing any process to access and modify page table entries. The writeup of the vulnerability can be found over on Ulf's blog here, and is well worth a read. This week I had some free time, so I decided to dig into the vulnerability and see just how the issue manifested itself. The aim was to create a quick exploit which could be used to elevate privileges during an assessment. I ended up delving into Windows memory management more than I had before, so this post was created to walk through just how an exploit can be crafted for this kind of vulnerability. As always, this post is for people looking to learn about exploitation techniques rather than simply providing a ready to fire exploit. With that said, let's start with some paging fundamentals. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now