Hacking Team attack code analysis Part5 Adobe Font Driver kernel privilege elevation vulnerability the second bomb+Win32k KALSR bypass vulnerability-vulnerability warning-the black bar safety net
0x01 vulnerability principle analysis: By simply browsing attack code, we know the attack code used a Win32k. sys in the KASLR bypass vulnerability get the Win32k base, and organize the ROP chain, at the same time, load a font filefont-data. binto use the font driver vulnerability, trigger the RO...