其他
Overview
IOCTLbf is just a small tool (Proof of Concept) that can be used to search vulnerabilities in Windows kernel drivers by performing two tasks: * Scanning for valid IOCTL codes supported by drivers, * Generation-based IOCTL fuzzing
```
_ _ _ ___
(_) _ | || | / __)
_ ___ ____ | || || |__ | |
| |/ _ \ / | _) || _ (_ __)
| | || ( ( | || || |) )| |
||\_/ ____) _)\_)/ || Proof of Concept
```
**An advantage of this tool is that it does not rely on captured IOCTLs. Therefore, it is able to detect valid IOCTL codes supported by drivers and that are not often, or even never, used by applications from user land**. For example, it may be the case for: * IOCTLs called in very specific conditions (not easy to discover and/or to reproduce). * IOCTLs used for debugging p
windows
ioctl
驱动程序
扫描
模糊
内核
暂无评论