Cyber security

HackSys Extreme Vulnerable Driver – A Deep Dive into HEVD Exploitation

The HackSys Extreme Vulnerable Driver (HEVD) is a Windows Kernel driver that is intentionally vulnerable. It has been developed for security researchers and enthusiasts to improve their skills in kernel-level exploitation.

HEVD offers a range of vulnerabilities, from simple stack buffer overflows to more complex issues such as use-after-freepool buffer overflows, and race conditions. This allows researchers to explore exploitation techniques for each implemented vulnerability.

           ooooo   ooooo oooooooooooo oooooo     oooo oooooooooo.   
           `888'   `888' `888'     `8  `888.     .8'  `888'   `Y8b  
            888     888   888           `888.   .8'    888      888 
            888ooooo888   888oooo8       `888. .8'     888      888 
            888     888   888    "        `888.8'      888      888 
            888     888   888       o      `888'       888     d88' 
           o888o   o888o o888ooooood8       `8'       o888bood8P'

Screenshots

Vulnerabilities Implemented

  • Write NULL
  • Double Fetch
  • Buffer Overflow
    • Stack
    • Stack GS
    • NonPagedPool
    • NonPagedPoolNx
    • PagedPoolSession
  • Use After Free
    • NonPagedPool
    • NonPagedPoolNx
  • Type Confusion
  • Integer Overflow
    • Arithmetic Overflow
  • Memory Disclosure
    • NonPagedPool
    • NonPagedPoolNx
  • Arbitrary Increment
  • Arbitrary Overwrite
  • Null Pointer Dereference
  • Uninitialized Memory
    • Stack
    • NonPagedPool
  • Insecure Kernel Resource Access

Building The Driver

  1. Install Visual Studio 2017
  2. Install Windows Driver Kit
  3. Run the appropriate driver builder Build_HEVD_Vulnerable_x86.bat or Build_HEVD_Vulnerable_x64.bat

Download

If you do not want to build HackSys Extreme Vulnerable Driver from source, you could download pre-built executables for the latest release:

Installing The Driver

Use OSR Driver Loader to install HackSys Extreme Vulnerable Driver

Testing

The HackSys Extreme Vulnerable Driver and the respective exploits have been tested on Windows 7 SP1 x86 and Windows 10 x64

Tamil S

Tamil has a great interest in the fields of Cyber Security, OSINT, and CTF projects. Currently, he is deeply involved in researching and publishing various security tools with Kali Linux Tutorials, which is quite fascinating.

Leave a Comment
Share
Published by
Tamil S
Tags: cybersecurityHEVDinformationsecuritykalilinuxkalilinuxtools
7 months ago

Recent Posts

AutoExif – Simplifying Image Metadata Editing With Bash

AutoExif is a powerful Bash script designed to streamline the process of editing image metadata…

1 day ago

SimpleImager V4.3 : A Step-by-Step Guide To Efficient System Imaging

SimpleImager V4.3, your go-to tool for streamlined system imaging and data acquisition. Designed to simplify…

1 day ago

MetaOSINT – Revolutionizing OSINT Investigations With Top Tools And Resources

MetaOSINT enables open source intelligence ("OSINT") practitioners to jumpstart their investigations by quickly identifying relevant,…

1 day ago

ThreatPinch Lookup – Enhancing Cybersecurity Investigations Through Automated Tooltips

ThreatPinch Lookup creates informational tooltips when hovering oven an item of interest on any website.…

1 day ago

Oh Shint! Navigating The Depths Of Cyber-Intelligence With Donvito

Myself and any other potential contributors to this website are NOT in any way affiliated…

1 day ago

M.E.A.T. – Pioneering Mobile Forensics With The Mobile Evidence Acquisition Toolkit

The Mobile Evidence Acquisition Toolkit designed by BlackStone Discovery. Developed to enhance digital forensics, this…

2 days ago