_g_

IOCTL-Proxy

Rate this Entry
This is a POC of IOCTL fuzzer. It gave surprisingly good results.

IOCTL-Proxy works by hooking NtDeviceIoControlFile, manipulating its' parameters and feeding them to the real function.

Load the driver and simply click around in application you want to test.

You will get a lot of BSODS, be careful.

PreviousMode==KernelMode is ignored, since we are only interested in calls from UserMode to KernelMode, not Kernel->Kernel.

Get it here:
http://www.orange-bat.com

Submit "IOCTL-Proxy" to Digg Submit "IOCTL-Proxy" to del.icio.us Submit "IOCTL-Proxy" to StumbleUpon Submit "IOCTL-Proxy" to Google

Categories
Uncategorized

Comments