Driver Buddy Reloaded
As part of Yarix's continuous security research journey, during this year I’ve spent a good amount of time reverse-engineering Windows drivers and exploiting kernel-mode related vulnerabilities.While in the past there were (as far as I know), at least two good IDA plugins aiding in the reverse engineering process:DriverBuddy of NCC Group.win_driver_plugin of F-Secure.unfortunately, nowadays, they are both rusty, out... Crucial’s MOD Utility LPE – CVE-2021-41285
Crucial Ballistix MOD Utility is a software product that can be used to customize and control gaming systems, specifically LED colours and patterns, memory, temperature, and overclock.During my vulnerability research, I’ve discovered that this software utilizes a driver, MODAPI.sys, containing multiple vulnerabilities and allowing an attacker to achieve local privilege escalation from a low privileged user to NT AUTHORITY\SYSTEM.Advisory... Homemade Fuzzing Platform Recipe
It’s no secret that, since the beginning of the year, I’ve spent a good amount of time learning how to fuzz different Windows software, triaging crashes, filling CVE forms, writing harnesses and custom tools to aid in the process.Today I would like to sneak peek into my high-level process of designing a Homemade Fuzzing Platform, which I’m currently using...