Add how to load untrusted code
warsang opened this issue · 1 comments
warsang commented
Hi!
For a lot of the drivers listed, most of the commands for these drivers are:
sc.exe create ATSZIO64.sys binPath=C:\windows\temp\ATSZIO64.sys type=kernel && sc.exe start ATSZIO64.sys
This doesn't really explain why the driver is vulnerable and what is the issue with it.
For instance, one thing that would be super helpful for red teamers is a link to a what the actual issue with the driver is and how to get it to run attacker/untrusted code in Kernel (if that's the actual reason it's listed as vulnerable)
MHaggis commented
Yes, we agree on this. Many require exploit code. Unfortunately, many of it is not available. We will include a CVE or reference as we come across them. Thank you for the comment!