0x12 Dark Development

Abusing a vulnerable driver BYOVD to gain arbitrary kernel R/W and bypass PPL protection New Medium post. In this one, we will explore a technique used in offensive security that allows us to bypass PPL by abusing a vulnerable driver with R/W kernel vuln @s12deff/abusing-a-vulnerable-driver-byovd-to-gain-arbitrary-kernel-r-w-and-bypass-ppl-protection-571552c7efc8" target="_blank" rel="nofollow noopener">medium.com/@s12deff/abusi…

Starting to test the new version of Syswhispers github.com/JoasASantos/Sy…

Just finished the PPL disable from R/W Kernel BYOVD Soon on Medium, what do you think? Still need some help with PatchGuard. One dirty trick could be to disable PPL, do the malicious stuff, and then re-enable it right away

@assemblydevyt For the second one I think it's ok to use 32 because of the PID size, maybe I'm wrong idk

@Salsa12__ No worries, also isn't the return a DWORD64? If I got the sense right you should return the address in the kernel mem, and the address should be 64 not 32 (normal windows DWORD should be 32)

Funny sunny tuesday

@assemblydevyt Your right! I fixed after the screenshot and I forgot to change it. Thank u

@Salsa12__ Anyway, thx for sharing, it's an interesting code

Reversing a Vulnerable Driver: Discovering a Process Termination Primitive New Medium post, in this one see the reversing process of a vulnerable Windows kernel driver to understand how it can be abused to terminate arbitrary processes from kernel @s12deff/reversing-a-vulnerable-driver-discovering-a-process-termination-primitive-34aea14b9563" target="_blank" rel="nofollow noopener">medium.com/@s12deff/rever…

@od8m_ @cvewhen I will take a look

@cvewhen @Salsa12__ I love OA labs

Starting my driver reverse engineering journey Any advice?

Trying to organize the primitives into a single context...

Classic Process Injection youtu.be/cazByfR21J8

@junglegeek Wym?

@Salsa12__ need a study buddy?

@0xmadumere Great! All the steps will be covered in Medium!

@Salsa12__ Just finished reading you're medium post about exploiting vulnerable drivers, I love your work, Im just starting my driver creation and reverse engineering journey

@mihomoparty Something similar Im thinking of

@Salsa12__ i use python scan about 20,000 drivers' imports and success find some bvyods and cves

@Bad_Jubies 🫠👍👍

@Salsa12__ eversinc33.com/categories/Rev… wetw0rk.github.io/posts/0x00-int… exploitreversing.com/2023/04/11/exp… github.com/hacksysteam/Ha… leanpub.com/windowskernelp… connormcgarr.github.io/Kernel-Exploit…

@cvewhen Best communities?

@Salsa12__ Join communities and ask for help there are kind people everywhere.

@RtlInitThread Great🤗

@Salsa12__ Keep reversing, never give up. You should look up into reverse engineering blogs, it will help you a lot. As to reverse engineer drivers, you need to understand how they are engineered, so i would recommend watching youtube videos or reading blogs that explains how they are made.

@shitstromm Just tried Detours, it worked for me in all cases

@Salsa12__ which library do u like detour or minhook?

RDP Credential Stealer🤗