O'Reilly logo

Gray Hat Python by Justin Seitz

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Driver Fuzzing with Immunity Debugger

We can harness Immunity Debugger's hooking prowess to trap valid DeviceIoControl calls before they reach our target driver as a quick-and-dirty mutation-based fuzzer. We will write a simple PyCommand that will trap all DeviceIoControl calls, mutate the buffer that is contained within, log all relevant information to disk, and release control back to the target application. We write the values to disk because a successful fuzzing run when working with drivers means that we will most definitely crash the system; we want a history of our last fuzzing test cases before the crash so we can reproduce our tests.

Warning

Make sure you aren't fuzzing on a production machine! A successful fuzzing run on a driver will ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required