Giter VIP home page Giter VIP logo

hsevd-stackoverflowx64's Introduction

    __  __           __   _____           
   / / / /___ ______/ /__/ ___/__  _______
  / /_/ / __ `/ ___/ //_/\__ \/ / / / ___/
 / __  / /_/ / /__/ ,<  ___/ / /_/ (__  ) 
/_/ /_/\__,_/\___/_/|_|/____/\__, /____/  
                            /____/        
			Extreme Vulnerable Driver
							Exploits

HackSys Extreme Vulnerable Driver - Windows 10 x64 StackOverflow Exploit with SMEP Bypass

Classic StackOverflow exploit, which exploits a vulnerable function within the HEVD Kernel driver.

How does this exploit work:

  • 64 Bit version of the https://github.com/Cn33liz/HSEVD-StackOverflow exploit
  • Works almost the same, but in order to work on Windows 10 x64 we need to Bypass SMEP Kernel protections, which prevents us from jumping to our 64 bit usermode Shellcode.
  • In order to Bypass SMEP after controlling rip, we need to execute a SMEP bypass ROP chain on the stack (rsp = rip) which changes the value of the cr4 register and then jumps to our usermode Shellcode.
  • After running our x64 token stealing shellcode, we restore some registers, jump back to a SMEP enable ROP chain on the stack and return to IrpDeviceIoCtlHandler+0xe2

Runs on:

This exploits has been tested succesfully on Windows 10 x64 v1607 (Version 10.0.14393).

Compile Exploit:

This project is written in C and can be compiled within Visual Studio.

Load Vulnerable Driver:

The HEVD driver can be downloaded from the HackSys Team Github page and loaded with the OSR Driver loader utility.
To run on x64, you need to install the Windows Driver Kit (WDK), Windows SDK and recompile with Visual Studio.

hsevd-stackoverflowx64's People

Contributors

cn33liz avatar

Watchers

avatar avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.