Security Basics mailing list archives
RE: Windows debugging/vulnerability analysis
From: "Krpata, Tyler" <tkrpata () bjs com>
Date: Mon, 31 Jul 2006 10:37:52 -0400
Thanks for the reply. Since my original post, I did a little more research and read up on remote kernel debugging using Windbg and MS Virtual PC (both free), and emulating the serial connection through a named pipe. It seems to give me pretty much what I was looking for. Does SoftICE give me any advantages over this setup? -----Original Message----- From: Rob klein Gunnewiek [mailto:rob.kleingunnewiek () gmail com] Sent: Monday, July 31, 2006 5:42 AM To: Krpata, Tyler Cc: security-basics () securityfocus com Subject: Re: Windows debugging/vulnerability analysis On 7/27/06, Krpata, Tyler <tkrpata () bjs com> wrote:
Hi, I am looking for some resources on analyzing vulnerabilities in Windows drivers and/or the kernel. Specifically I am interested in the
flaw in srv.sys as detailed in MS06-035. I'm really looking for details on how to get useful information out of a debugger at that level, not being a Windows person myself. Can anyone recommend some
reading material? I hope you have experience in userspace vulnerability analysis before you go into the kernel-based stuff. Do you know about SoftICE? It is a Windows debugger capabable of debugging kernel-based code. There should be a lot of information to be found on Google. Good luck. -- Regards, Rob klein Gunnewiek --------------------------------------------------------------------------- This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life. http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
Current thread:
- Windows debugging/vulnerability analysis Krpata, Tyler (Jul 27)
- Re: Windows debugging/vulnerability analysis Rob klein Gunnewiek (Jul 31)
- <Possible follow-ups>
- RE: Windows debugging/vulnerability analysis Krpata, Tyler (Jul 31)