HEVD - HackSys Extreme Vulnerable Driver
HackSys Extreme Vulnerable Driver is intentionally vulnerable Windows driver developed for security enthusiasts to learn and polish their exploitation skills at Kernel level.
HackSys Extreme Vulnerable Driver caters wide range of vulnerabilities ranging from simple
Buffer Overflows to complex Use After Frees and Pool Overflows . This allows the researchers to explore the exploitation techniques for every implemented vulnerabilities.Screenshots
Vulnerabilities Implemented
- Pool Overflow
- Use After Free
- Type Confusion
- Stack Overflow
- Integer Overflow
- Stack Overflow GS
- Arbitrary Overwrite
- Null Pointer Dereference
Building Driver
- Install Windows Driver Kit
- Change
%localSymbolServerPath%inBuild_HEVD_Secure.batandBuild_HEVD_Vulnerable.batdriver builder - Run the appropriate driver builder
Build_HEVD_Secure.batorBuild_HEVD_Vulnerable.bat
Installing Driver
Use OSR Driver Loader to install HackSys Extreme Vulnerable Driver
Testing
The HackSys Extreme Vulnerable Driver and the respective exploits have been tested on Windows 7 SP1 x86
Presentations
Presentation will be uploaded
soon . Sessions Conducted
- Windows Kernel Exploitation 1
- Windows Kernel Exploitation 2
- Windows Kernel Exploitation 3
- Windows Kernel Exploitation 4
- Windows Kernel Exploitation 5
Workshops Conducted
TODO
- Test the Driver on Windows 8.1/10 x64
- Add the exploit support for Windows 8.1/10 x64
- Add
Use Of Uninitialized VariableVulnerability - Add
Memory DisclosureVulnerability - Add
Time-Of-Check-To-Time-Of-Use( TOCTTU/Race Condition ) Vulnerability - Refactor and Cleanup the driver and exploit source code
HEVD - HackSys Extreme Vulnerable Driver
Reviewed by Zion3R
on
7:00 PM
Rating:
Reviewed by Zion3R
on
7:00 PM
Rating:
