This blog post describes an unchecked return value vulnerability found and exploited in September 2021 by Alex Plaskett, Cedric Halbronn and Aaron Adams working at the Exploit Development Group (EDG) of NCC Group. We successfully exploited it at Pwn2Own 2021 competition in November 2021 when targeting the Western Digital PR4100.
Author: Alex Plaskett
BrokenPrint: A Netgear stack overflow
This blog post describes a stack-based overflow vulnerability found and exploited in September 2021 in the Netgear R6700v3
POC2021 – Pwning the Windows 10 Kernel with NTFS and WNF Slides
Slides Alex Plaskett presented "Pwning the Windows 10 Kernel with NTFS and WNF" at Power Of Community (POC) on the 11th of November 2021
CVE-2021-31956 Exploiting the Windows Kernel (NTFS with WNF) – Part 2
We look at exploitation without the CVE-2021-31955 information disclosure, enabling better exploit primitives through PreviousMode, reliability, stability and exploit clean-up and well as thoughts on detection
CVE-2021-31956 Exploiting the Windows Kernel (NTFS with WNF) – Part 1
NCC Group's Exploit Development Group look at exploiting CVE-2021-31956 - the Windows Kernel (NTFS with WNF)