Overview

After disclosing two vulnerabilities in HitmanPro.Alert on Thursday, will show you the process of developing an exploit for one of these bugs. We will take a into TALOS-2018-0636/CVE-2018-3971 to show you the exploitation process.

Sophos HitmanPro.Alert is a threat-protection solution based on heuristic algorithms that detect and block malicious activity. Some of these algorithms need kernel-level access to gather the appropriate information they need. The ’s core functionality has been implemented in the `hmpalert.sys` kernel driver by Sophos. This blog will show how an attacker could leverage TALOS-2018-0636 to build a stable exploit to gain SYSTEM rights on the local machine.

<< READ MORE >>

Tags:



Source link

LEAVE A REPLY

Please enter your comment!
Please enter your name here