Security Basics mailing list archives
Re: Windows debugging/vulnerability analysis
From: "Rob klein Gunnewiek" <rob.kleingunnewiek () gmail com>
Date: Mon, 31 Jul 2006 11:41:48 +0200
On 7/27/06, Krpata, Tyler <tkrpata () bjs com> wrote:
Hi, I am looking for some resources on analyzing vulnerabilities in Windows drivers and/or the kernel. Specifically I am interested in the flaw in srv.sys as detailed in MS06-035. I'm really looking for details on how to get useful information out of a debugger at that level, not being a Windows person myself. Can anyone recommend some reading material?
I hope you have experience in userspace vulnerability analysis before you go into the kernel-based stuff. Do you know about SoftICE? It is a Windows debugger capabable of debugging kernel-based code. There should be a lot of information to be found on Google. Good luck. -- Regards, Rob klein Gunnewiek --------------------------------------------------------------------------- This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINEThe NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life.
http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
Current thread:
- Windows debugging/vulnerability analysis Krpata, Tyler (Jul 27)
- Re: Windows debugging/vulnerability analysis Rob klein Gunnewiek (Jul 31)
- <Possible follow-ups>
- RE: Windows debugging/vulnerability analysis Krpata, Tyler (Jul 31)