[转载]Exploiting Windows Device Drivers

信息来源：http://pb.specialised.info/

To my knowledge, the first windows device driver attack was presented by SEC-LABS team in the "Win32 Device Drivers Communication Vulnerabilities" whitepaper. This publication presented useful technique of drivers exploitation and layed a ground for further research. Second publication surely worth to mention is an article by Barnaby Jack, titled „Remote Windows Kernel Exploitation Step into the Ring 0. Due to lack of technical paper on the discussed subject, I decided to share results of my own research. In this paper I will introduce my device driver exploitation technique, provide detailed description of techniques used and include full exploit code with sample vulnerable driver code for tests.