Skip to content

LucaBongiorni/HackSysExtremeVulnerableDriver

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits

Driver

Driver

 
 

Exploit

Exploit

 
 

.gitignore

.gitignore

 
 

CONTRIBUTING.md

CONTRIBUTING.md

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

Repository files navigation

HackSys Extreme Vulnerable Driver

           ooooo   ooooo oooooooooooo oooooo     oooo oooooooooo.   
           `888'   `888' `888'     `8  `888.     .8'  `888'   `Y8b  
            888     888   888           `888.   .8'    888      888 
            888ooooo888   888oooo8       `888. .8'     888      888 
            888     888   888    "        `888.8'      888      888 
            888     888   888       o      `888'       888     d88' 
           o888o   o888o o888ooooood8       `8'       o888bood8P'

HackSys Extreme Vulnerable Driver is intentionally vulnerable Windows driver developed for security enthusiasts to learn and polish their exploitation skills at Kernel level.

HackSys Extreme Vulnerable Driver caters wide range of vulnerabilities ranging from simple Buffer Overflows to complex Use After Frees and Pool Overflows. This allows the researchers to explore the exploitation techniques for every implemented vulnerabilities.

Blog Post

http://www.payatu.com/hacksys-extreme-vulnerable-driver/

Screenshots

Driver Banner

Exploitation

Driver Debug Print

Author

Ashfaq Ansari

ashfaq[at]payatu[dot]com

@HackSysTeam | Blog | null

Payatu Technologies

http://www.payatu.com/

Vulnerabilities Implemented

  • Pool Overflow
  • Use After Free
  • Type Confusion
  • Stack Overflow
  • Integer Overflow
  • Stack Overflow GS
  • Arbitrary Overwrite
  • Null Pointer Dereference

Building Driver

  1. Install Windows Driver Kit
  2. Change %localSymbolServerPath% in Build_HEVD_Secure.bat and Build_HEVD_Vulnerable.bat driver builder
  3. Run the appropriate driver builder Build_HEVD_Secure.bat or Build_HEVD_Vulnerable.bat

Installing Driver

Use OSR Driver Loader to install HackSys Extreme Vulnerable Driver

Testing

The HackSys Extreme Vulnerable Driver and the respective exploits have been tested on Windows 7 SP1 x86

Presentations

Presentation will be uploaded soon.

Sessions Conducted

Workshops Conducted

TODO

  1. Test the Driver on Windows 8.1/10 x64
  2. Add the exploit support for Windows 8.1/10 x64
  3. Add Use Of Uninitialized Variable Vulnerability
  4. Add Memory Disclosure Vulnerability
  5. Add Time-Of-Check-To-Time-Of-Use (TOCTTU/Race Condition) Vulnerability
  6. Refactor and Cleanup the driver and exploit source code

License

Please see the file LICENSE for copying permission

Contribution Guidelines

Please see the file CONTRIBUTING.md for contribution guidelines

Bug Report

Please file any bug report via GitHub Issue Tracker at the below given address: https://github.com/hacksysteam/HackSysExtremeVulnerableDriver/issues

http://hacksys.vfreaks.com

HackSys Team

About

HackSys Extreme Vulnerable Windows Driver

Resources

Readme

License

View license
Activity

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • C 93.3%
  • Objective-C 3.9%
  • Batchfile 2.8%