In-Memory Kernel Driver(IOCTL)Fuzzing using Python

I'm sharing one of my Kernel Driver IOCTL Fuzzer which operates completely from user land. To run this script you should know at least one process which sends IOCTL to your target device you are fuzzing.


This script is very simple and straight forward. It basically operate in two modes. One is in-memory fuzzing mode and another is logging mode.

In fuzzing mode it attaches it self to given user mode process and hooks DeviceIoControl!Kernel32. After that when DeviceIoControl is get called by theprocess it fuzzes the input/output buffer length, input buffer content etc inside memory and at the same time logs actual buffer and mutated buffer length / content in a xml log file. Which can be helpful while reproducing os crashes.

When running in logging mode it tries to dump all I/O Control code I/O Buffer pointer, I/O buffer length that given process is sending to Kernel mode device. This XML log can be used to fuzz any driver further.

Download:


This tool can be downloaded from my github page : iofuzz

Source Code:



Comments

  1. Private Toto is an online company that offers sports betting on the Internet. Various betting items will be provided to Toto users and the winner will be refunded according to the set dividend rate. And among the Toto sites, private Toto sites with excellent capital are called safety playgrounds. 토토사이트 안전놀이터 안전놀이터

    ReplyDelete

Post a Comment