IOCTL fuzzer

IOCTL Fuzzer is a tool designed to automate the task of searching vulnerabilities in Windows kernel drivers by performing fuzz tests on them.

The fuzzer’s own driver hooks ?NtDeviceIoControlFile in order to take control of all IRPs throughout the system.

While processing IRPs, the fuzzer will spoof those IRPs conforming to conditions specified in the configuration file. A spoofed IRP is identical to the original IRP in all respects except the input data, which is changed to randomly generated fuzz.

IOCTL Fuzzer works on Windows XP, 2003 Server, Vista and 2008 Server.


author
eSage lab
author
Alisa Shevchenko
url

http://code.google.com/p/ioctlfuzzer/

appeared
2009-06-22
last update
2009-06-22
c++
2907
license
free


CategoryFuzzer