![]() windows-圆4 - kernel infoleak detection for 64-bit WIndows.windows-x86 - kernel infoleak detection for 32-bit Windows.linux-x86 - kernel infoleak detection for 32-bit Linux.The repository contains four directories, each comprising a separate Bochs instrumentation module: Specifically, Chapter 3 covers the fundamental ideas behind it and the implementation details of the software. We highly recommend the read before diving right into the source code, as it may answer many potential questions that may arise while experimenting with the tool. The paper includes a comprehensive description of the general kernel infoleak bug class, as well as an in-depth study of Bochspwn Reloaded and its inner workings. The tool was discussed at the REcon Montreal, Black Hat USA, and INFILTRATE conferences, as well as in theĭetecting Kernel Memory Disclosure with x86 Emulation and Taint Tracking white paper. It helped us identify over 70 bugs in the Windows kernel, and more than 10 lesser bugs in Linux in 2017 and early 2018. It performs taint tracking of the kernel address space of the guest operating systems, to detect the disclosure of uninitialized kernel stack/heap memory to user-mode and other data sinks. Bochspwn Reloaded is an instrumentation module for the Bochs IA-32 emulator, similar to the original Bochspwn project from 2013.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |