Home page logo
/

basics logo Security Basics mailing list archives

Re: Windows debugging/vulnerability analysis
From: "Rob klein Gunnewiek" <rob.kleingunnewiek () gmail com>
Date: Mon, 31 Jul 2006 11:41:48 +0200

On 7/27/06, Krpata, Tyler <tkrpata () bjs com> wrote:
Hi,

I am looking for some resources on analyzing vulnerabilities in Windows
drivers and/or the kernel. Specifically I am interested in the flaw in
srv.sys as detailed in MS06-035. I'm really looking for details on how
to get useful information out of a debugger at that level, not being a
Windows person myself. Can anyone recommend some reading material?

I hope you have experience in userspace vulnerability analysis before
you go into the kernel-based stuff. Do you know about SoftICE? It is a
Windows debugger capabable of debugging kernel-based code. There
should be a lot of information to be found on Google.

Good luck.

--
Regards,
Rob klein Gunnewiek

---------------------------------------------------------------------------
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life.

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault