hacksysteam
commented
1 year ago Hi @w4fz5uck5 this IOCTL itself is not vulnerable. This is used by win10-klfh branch to exploit pool buffer overflow to gain arbitrary read write primitives. Checkout win10-klfh branch of HEVD repo
w4fz5uck5
Hi, is that possible to exploit this IOCTL ArbitraryReadWriteHelperNonPagedPoolNx with somehow technique? i'm actually trying to exploit it but there so many filters that i can't. I guess it only works for ArbitraryWrite challenge or i'm missing something?
Thanks!