Hacksys Extreme Vulnerable Driver(HEVD) Windows Driver Exploitation - Stack Buffer Overflow
11 January 2023 at 00:00
Table of Contents Brief Vulnerability Exploitation and Stabilization Case I: Intel OS Guard/SMEP not present, KVA Shadow/KPTI disabled Patch Analysis Honourable Mention Brief The vulnerability class in question that we are going to hunt for and exploit is a Stack Buffer Overflow in HEVD.sys Windows driver compiled without stack cookie/canary(/GS Buffer Security Check) or StackGuard mitigation. We are also going to look at productization and stabilization of the exploit later on.