Re: Windows debugging/vulnerability analysis

["Rob klein Gunnewiek" <rob.kleingunnewiek () gmail com>]

On 7/27/06, Krpata, Tyler <tkrpata () bjs com> wrote:
> Hi,
>
> I am looking for some resources on analyzing vulnerabilities in Windows
> drivers and/or the kernel. Specifically I am interested in the flaw in
> srv.sys as detailed in MS06-035. I'm really looking for details on how
> to get useful information out of a debugger at that level, not being a
> Windows person myself. Can anyone recommend some reading material?

I hope you have experience in userspace vulnerability analysis before
you go into the kernel-based stuff. Do you know about SoftICE? It is a
Windows debugger capabable of debugging kernel-based code. There
should be a lot of information to be found on Google.

Good luck.

--
Regards,
Rob klein Gunnewiek

---------------------------------------------------------------------------
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence 
in Information Security. Our program offers unparalleled Infosec management 
education and the case study affords you unmatched consulting experience. 
Using interactive e-Learning technology, you can earn this esteemed degree, 
without disrupting your career or home life.

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------