We can harness Immunity Debugger's hooking prowess to trap valid
DeviceIoControl calls before they reach our target
driver as a quick-and-dirty mutation-based fuzzer. We will write a
simple PyCommand that will trap all
calls, mutate the buffer that is contained within, log all relevant
information to disk, and release control back to the target application.
We write the values to disk because a successful fuzzing run when
working with drivers means that we will most definitely crash the
system; we want a history of our last fuzzing test cases before the
crash so we can reproduce our tests.
Make sure you aren't fuzzing on a production machine! A successful fuzzing run on a driver will ...