# First Kernel Exploit - [A Kernel Exploit](/open-advanced-windows-exploitation/first-kernel-exploit/a-kernel-exploit.md): Finally, we reach the crucial section where we explore the intricacies of kernel driver exploits. This section will provide a walkthrough of a well-known privilege escalation exploit. - [CVE 2020-17382](/open-advanced-windows-exploitation/first-kernel-exploit/a-kernel-exploit/cve-2020-17382.md): In this section, we'll install and activate the vulnerable driver, laying the foundation for exploring its potential exploits. Let's get started! - [IDA Free](/open-advanced-windows-exploitation/first-kernel-exploit/a-kernel-exploit/ida-free.md): The symbolic link provides a handle to the driver, and major functions define the driver's supported operations. We can use the I/O Control codes to uncover potential vulnerabilities. - [Writing A Basic Fuzzer](/open-advanced-windows-exploitation/first-kernel-exploit/a-kernel-exploit/writing-a-basic-fuzzer.md): In our fuzzing process, we aim to uncover vulnerabilities by subjecting a vulnerable driver to various inputs and observing its behaviour. - [Controlling RIP](/open-advanced-windows-exploitation/first-kernel-exploit/a-kernel-exploit/controlling-rip.md): In order to find the saved return address offset in a driver for exploitation, we follow a similar approach as with user mode stack-based overflows by submitting a pattern and observing the overwrite. - [Meet SMEP](/open-advanced-windows-exploitation/first-kernel-exploit/a-kernel-exploit/meet-smep.md): SMEP (Supervisor Mode Execution Prevention) is an exploit mitigation technique that prevents execution of user-mode code in the kernel context. Let's see it in action! - [ROP to the Rescue](/open-advanced-windows-exploitation/first-kernel-exploit/a-kernel-exploit/rop-to-the-rescue.md): In the last section we discovered that SMEP prevented us from calling user mode code from the kernel. To defeat this we need to disable it using ROP. - [kASLR](/open-advanced-windows-exploitation/first-kernel-exploit/a-kernel-exploit/kaslr.md): kASLR (Kernel Address Space Layout Randomization) is a security feature that randomises the kernel's memory layout to try and mitigate exploitation techniques. - [Priv Esc Shellcode](/open-advanced-windows-exploitation/first-kernel-exploit/a-kernel-exploit/priv-esc-shellcode.md): Privilege escalation refers to gaining higher levels of access or permissions beyond what is originally granted, often to exploit vulnerabilities or perform unauthorised actions. - [Exploit Code](/open-advanced-windows-exploitation/first-kernel-exploit/exploit-code.md)