From ce7d9d4a190b95f0c761f4bab5ceb74a1e938ae0 Mon Sep 17 00:00:00 2001 From: Paolo 'VoidSec' Stagno Date: Fri, 29 Jul 2022 14:34:51 +0200 Subject: [PATCH] added arbirtrary memory read/write funcs --- .../vulnerable_functions_lists/winapi.py | 48 ++++++++++++++++++- 1 file changed, 47 insertions(+), 1 deletion(-) diff --git a/DriverBuddyReloaded/vulnerable_functions_lists/winapi.py b/DriverBuddyReloaded/vulnerable_functions_lists/winapi.py index 22b5656..42ffe6e 100644 --- a/DriverBuddyReloaded/vulnerable_functions_lists/winapi.py +++ b/DriverBuddyReloaded/vulnerable_functions_lists/winapi.py @@ -213,8 +213,54 @@ # OemToCharW ###################################################### # These functions can allow arbitrary memory read/write - "MmMapIoSpace", + "Mm", + # MmAdvanceMdl + # MmAllocateContiguousMemory + # MmAllocateContiguousMemoryEx + # MmAllocateContiguousMemorySpecifyCache + # MmAllocateContiguousMemorySpecifyCacheNode + # MmAllocateContiguousNodeMemory + # MmAllocateMappingAddress + # MmAllocateMappingAddressEx + # MmAllocateMdlForIoSpace + # MmAllocateNodePagesForMdlEx + # MmAllocatePagesForMdl + # MmAllocatePagesForMdlEx + # MmBuildMdlForNonPagedPool + # MmFreeContiguousMemory + # MmFreeContiguousMemorySpecifyCache + # MmFreeMappingAddress + # MmFreePagesFromMdl + # MmGetMdlByteCount + # MmGetMdlPfnArray + # MmGetSystemAddressForMdl + # MmGetSystemRoutineAddress + # MmGetSystemRoutineAddressEx + # MmIsDriverSuspectForVerifier + # MmIsDriverVerifying + # MmIsDriverVerifyingByAddress + # MmLockPagableCodeSection + # MmLockPagableDataSection + # MmMapIoSpace # MmMapIoSpaceEx + # MmMapLockedPages + # MmMapLockedPagesSpecifyCache + # MmMapLockedPagesWithReservedMapping + # MmMapMdl + # MmMapMemoryDumpMdlEx + # MmPageEntireDriver + # MmProbeAndLockPages + # MmProbeAndLockSelectedPages + # MmProtectDriverSection + # MmProtectMdlSystemAddress + # MmQuerySystemSize + # MmResetDriverPaging + # MmSizeOfMdl + # MmUnlockPagableImageSection + # MmUnlockPages + # MmUnmapIoSpace + # MmUnmapLockedPages + # MmUnmapReservedMapping ###################################################### # These functions can throw exceptions when limited memory is available, # resulting in unstable behaviour and potential DoS conditions.