Skip to content

Latest commit

 

History

History
70 lines (61 loc) · 7.42 KB

DRIVERS.md

File metadata and controls

70 lines (61 loc) · 7.42 KB

Internals

Link Title
https://www.codeproject.com/articles/9504/driver-development-part-introduction-to-drivers Driver Development Part 1: Introduction to Drivers
https://www.codeproject.com/Articles/9575/Driver-Development-Part-Introduction-to-Implemen Driver Development Part 2: Introduction to Implementing IOCTLs
https://www.codeproject.com/Articles/9636/Driver-Development-Part-Introduction-to-driver-c Driver Development Part 3: Introduction to driver contexts
https://www.codeproject.com/Articles/9766/Driver-Development-Part-Introduction-to-device-s Driver Development Part 4: Introduction to device stacks
https://www.codeproject.com/Articles/9974/Driver-Development-Part-Introduction-to-the-Tran Driver Development Part 5: Introduction to the Transport Device Interface
https://www.codeproject.com/Articles/12878/Driver-Development-Part-Introduction-to-Display Driver Development Part 6: Introduction to Display Drivers
http://web.archive.org/web/20140822184652/http://support.microsoft.com/default.aspx?scid=KB;EN-US;Q186775& Tips for Windows NT Driver Developers -- Things to Avoid
https://codeinsecurity.wordpress.com/2015/09/03/wx-policy-violation-affecting-all-windows-drivers-compiled-in-visual-studio-2013-and-previous/ W^X policy violation affecting all Windows drivers compiled in Visual Studio 2013 and previous
http://www.triplefault.io/2017/09/enumerating-process-thread-and-image.html
http://x64dbg.com/blog/2017/06/08/kernel-driver-unpacking.html Kernel driver unpacking

Driver Signing

2010

Link Title
http://j00ru.vexillium.org/?p=377 A quick insight into the Driver Signature Enforcement

2012

Link Title
http://www.powerofcommunity.net/poc2012/mj0011.pdf Using a Patched Vulnerability to Bypass Windows 8 x64 Driver Signature Enforcement

2015

Link Title
http://www.sekoia.fr/blog/windows-driver-signing-bypass-by-derusbi/ WINDOWS DRIVER SIGNING BYPASS BY DERUSBI

2016

Link Title
https://artemonsecurity.blogspot.co.uk/2016/10/remsec-driver-analysis.html Remsec driver analysis

Bug Hunting & Exploitation

2008

Link Title
https://www.immunityinc.com/downloads/DriverImpersonationAttack_i2omgmt.pdf I2OMGMT Driver Impersonation Attack
https://blogs.technet.microsoft.com/srd/2008/10/14/ms08-066-catching-and-fixing-a-probeforread-probeforwrite-bypass/ MS08-066 : Catching and fixing a ProbeForRead / ProbeForWrite bypass

2014

Link Title
http://blog.quarkslab.com/usb-fuzzing-basics-from-fuzzing-to-bug-reporting.html USB Fuzzing Basics: From fuzzing to bug reporting

2015

Link Title
https://www.coresecurity.com/blog/analysis-of-windows-usb-descriptor-vulnerability-ms13-081-cve-2013-3200 Analysis of Windows USB Descriptor Vulnerability - MS13-081 (CVE-2013-3200)

2016

Link Title
https://codeinsecurity.wordpress.com/2016/06/12/asus-uefi-update-driver-physical-memory-readwrite/ ASUS UEFI Update Driver Physical Memory Read/Write
http://blog.rewolf.pl/blog/?p=1630 MSI ntiolib.sys/winio.sys local privilege escalation

2017

Link Title
https://googleprojectzero.blogspot.co.uk/2017/02/attacking-windows-nvidia-driver.html Attacking the Windows NVIDIA Driver
http://blog.rewolf.pl/blog/?p=1778 PCAUSA Rawether for Windows local privilege escalation
https://landave.io/2017/06/avast-antivirus-remote-stack-buffer-overflow-with-magic-numbers/#fn:3 Avast Antivirus: Remote Stack Buffer Overflow with Magic Numbers

2018

Link Title
https://www.fidusinfosec.com/jungo-windriver-code-execution-cve-2018-5189/ RUMBLE IN THE JUNGO – A CODE EXECUTION WALKTHROUGH – CVE-2018-5189
https://securelist.com/elevation-of-privileges-in-namco-driver/83707/ A vulnerable driver: lesson almost learned
https://www.fidusinfosec.com/nomachine-road-code-execution-without-fuzzing-cve-2018-6947/ NOMACHINE UN-INITIALISED VARIABLE PRIVILEGE ESCALATION – A FUZZ-LESS EXPLOIT TUTORIAL – CVE-2018-6947