Add Write NULL Where Vulnerability

hacksysteam / HackSysExtremeVulnerableDriver

HackSys Extreme Vulnerable Driver (HEVD) - Windows & Linux

https://hacksys.io

GNU General Public License v3.0

2.43k stars 527 forks source link

Add Write NULL Where Vulnerability #6

Closed hacksysteam closed 6 years ago

hacksysteam commented 8 years ago

Implement Write NULL Where Vulnerability in HackSys Extreme Vulnerable Driver.

sam-b commented 8 years ago

A nice variation of this is writing an uncontrolled kernel pointer where as in https://labs.bluefrostsecurity.de/publications/2016/01/07/exploiting-cve-2014-4113-on-windows-8.1/

hacksysteam commented 8 years ago

@sam-b, could you elaborate it. The idea is the attacker has an opportunity to write NULL at arbitrary memory location. This is same as Write What Where in which Where = NULL

hacksysteam commented 8 years ago

@sam-b, correction, What = NULL

sam-b commented 8 years ago

@hacksysteam so this was a similar issue but the Where value was an unknown pointer to kernel memory, since the first two bytes of a kernel pointer will always be 0xFF it can be used to priv esc.