Tuesday, December 14, 2010

IOCTL Fuzzer v1.2 Released

Free tool to locate IOCTL vulnerabilities in Windows drivers.

IOCTL Fuzzer is a tool designed to automate the task of searching vulnerabilities in Windows kernel drivers by performing fuzz tests on them.The fuzzer’s own driver hooks NtDeviceIoControlFile in order to take control of all IOCTL requests throughout the system.
While processing IOCTLs, the fuzzer will spoof those IOCTLs conforming to conditions specified in the configuration file. A spoofed IOCTL is identical to the original in all respects except the input data, which is changed to randomly generated fuzz.

New in 1.2 version:
Windows 7 support
Full support of 64-bit versions of Windows
Exceptions monitoring
"Fair Fuzzing" feature
Different data generation modes
Boot fuzzing (during OS initialization)

Download: http://ioctlfuzzer.googlecode.com

No comments: