- Technology
- SEE MORE
- classical
- general
- talk
- News
- Family
- Bürgerfunk
- pop
- Islam
- soul
- jazz
- Comedy
- humor
- wissenschaft
- opera
- baroque
- gesellschaft
- theater
- Local
- alternative
- electro
- rock
- rap
- lifestyle
- Music
- como
- RNE
- ballads
- greek
- Buddhism
- deportes
- christian
- piano
- djs
- Dance
- dutch
- flamenco
- social
- hope
- christian rock
- academia
- afrique
- Business
- musique
- ελληνική-μουσική
- religion
- World radio
- Zarzuela
- travel
- World
- NFL
- media
- Art
- public
- Sports
- Gospel
- st.
- baptist
- Leisure
- Kids & Family
- musical
- club
- Culture
- Health & Fitness
- True Crime
- Fiction
- children
- Society & Culture
- TV & Film
- gold
- kunst
- música
- gay
- Natural
- a
- francais
- bach
- economics
- kultur
- evangelical
- tech
- Opinion
- Government
- gaming
- College
- technik
- History
- Jesus
- Health
- movies
- radio
- services
- Church
- podcast
- Education
- international
- Transportation
- Other
- kids
- podcasts
- philadelphia
- Noticias
- love
- sport
- Salud
- film
- and
- 4chan
- Disco
- Stories
- fashion
- Arts
- interviews
- hardstyle
- entertainment
- humour
- medieval
- literature
- alma
- Cultura
- video
- TV
- Science
- en
Brett Moore, Shoot the Messenger Using Window Messages to Exploit Local win32 Applications
The windows GDI interface uses messages to pass input and events to windows. As there is currently no way of determining who the sender of the message is, it is possible for a low privileged application to send messages to and interact with a process of higher privilege.
This presentation will cover in details some of the flaws exposed through these messages, and demonstrate how they can be exploited to conduct privilege escalation and other attacks. Attendees should be familiar with the shatter attack concept and may want to review the following documents before attending:
* Shatter Attacks How to break Windows, Chris Paget
* Win32 Message Vulnerabilities Redux, Oliver Lavery
* Shattering by Example, Brett Moore
Brett Moore leads the security research and network intrusion teams at security-assessment.com. He has been credited with the discovery of multiple security vulnerabilities in both private and public software vendors" products including Microsoft web products.