FuzzySecurity/HackSysTeam-PSKernelPwn

PowerShell

PowerShell-KernelPwn

Accompanying blog posts on using PowerShell to exploit the @HackSysTeam Extreme Vulnerable Driver (HEVD).

Win7 x32

Vulnerability	Status	Link
Stack Overflow	Done	http://www.fuzzysecurity.com/tutorials/expDev/14.html
Arbitrary Overwrite	Done	http://www.fuzzysecurity.com/tutorials/expDev/15.html
Null Pointer Dereference	Done	http://www.fuzzysecurity.com/tutorials/expDev/16.html
Uninitialized Stack Variable	Done	http://www.fuzzysecurity.com/tutorials/expDev/17.html
Integer Overflow	Done	http://www.fuzzysecurity.com/tutorials/expDev/18.html
Type Confusion	Exploit Only	N/A
Use After Free	Done	http://www.fuzzysecurity.com/tutorials/expDev/19.html
Pool Overflow	Done	http://www.fuzzysecurity.com/tutorials/expDev/20.html
Stack Overflow GS	To Do
Uninitialized Heap Variable	Done	To do

Win10 x64 (v1511)

Vulnerability	Status	Link
Arbitrary Overwrite	Done	http://www.fuzzysecurity.com/tutorials/expDev/21.html

Win10 x64 (v1607)

Vulnerability	Status	Link
Double Fetch	Done	To Do

Win10 x64 (v1703)

Vulnerability	Status	Link
Arbitrary Overwrite	Done	To Do