Page cover image

🚩Windows Driver 0-day Research

🚧An English version of the documentation is currently under construction.🚧

πŸ‘ Introduction

Windows Kernel Driver에 λŒ€ν•œ μ•½ 100일 λ™μ•ˆμ˜ 연ꡬ 과정을 μš”μ•½ν•˜κΈ° μœ„ν•΄ μž‘μ„±λœ λ¬Έμ„œμž…λ‹ˆλ‹€.

πŸŽ‰ Our Achievements

  • 100+ Security Bugs

  • 20+ EoP ( Elevation of Privilege )

  • Find 11 security bugs and Get 3 CVE from Microsoft built-in Driver

🎯 Our Goal

Windows Kernel Driver 취약점에 λŒ€ν•΄ κ³΅λΆ€ν•˜κ³  취약점을 μ°Ύμ•„ Windows Kernel Security에 κΈ°μ—¬ν•˜λŠ” 것을 λͺ©ν‘œλ‘œ ν•©λ‹ˆλ‹€.

πŸ’Ž Why?

μ €ν¬λŠ” 취약점 λ°œμƒ μ‹œ OS 전체에 큰 영ν–₯을 끼칠 수 있고 μ‚¬μš©μžκ°€ λ§Žμ€ μ œν’ˆμ—μ„œ ν¬λ¦¬ν‹°μ»¬ν•œ 취약점을 μ°ΎλŠ” 것을 μ›ν–ˆμŠ΅λ‹ˆλ‹€.

λ˜ν•œ Windows OS μ œν’ˆμ΄ μ„Έκ³„μ μœΌλ‘œ λ§Žμ€ μ‚¬μš©μžλ“€μ΄ μ΄μš©ν•˜κ³  있고, λ“œλΌμ΄λ²„μ— λ³΄μ•ˆ 결함이 μžˆλŠ” 경우 μ‚¬μš©μž λͺ¨λ“œ μ‘μš© ν”„λ‘œκ·Έλž¨κ³Ό 달리 SYSTEM κΆŒν•œμ„ μΉ¨ν•΄ λ‹Ήν•  수 μžˆλŠ” μ‹¬κ°ν•œ λ¬Έμ œκ°€ 있기 λ•Œλ¬Έμ— Windows Kernel Driverλ₯Ό νƒ€κ²ŸμœΌλ‘œ μ„ μ •ν–ˆμŠ΅λ‹ˆλ‹€.

λ‹€μŒμ€ In-the-wildμ—μ„œ μ‚¬μš©λœ Windows Kernel Driver Exploitμ‚¬λ‘€μž…λ‹ˆλ‹€.

κ³΅κ²©μžλ“€μ€ 취약점을 μ•…μš©ν•΄ SYSTEM κΆŒν•œμ„ μ–»μ–΄λ‚΄μ–΄ Ransomeware / RootKit / 데이터 유좜 / μ‹œμŠ€ν…œ λͺ¨λ‹ˆν„°λ§ 등을 μˆ˜ν–‰ν•  수 μžˆμŠ΅λ‹ˆλ‹€.

❓ How To

취약점을 μ°ΎκΈ° μœ„ν•œ λ°©λ²•λ‘ μœΌλ‘œ Fuzzing 및 Binary Analysisλ₯Ό 톡해 μ§„ν–‰ν–ˆμŠ΅λ‹ˆλ‹€.