English Version, 中文版本 This is a series of research related to Kernel Streaming attack surface. It is recommended to read the following articles first. Streaming vulnerabilities from Windows Kernel - Proxying to Kernel - Part I In the previous research on Proxying to Kernel, we discovered multiple vulnerabilities in Kernel Stearming as well as an overlooked bug Class. We successfully exploited vulnerabilities CVE-2024-35250 and CVE-2024-30084 to compromise Windows 11 at Pwn2Own Vancouv...| DEVCORE 戴夫寇爾
English Version, 中文版本 Over the past few decades, vulnerabilities in the Windows Kernel have emerged frequently. The popular attack surface has gradually shifted from Win32k to CLFS (Common Log File System). Microsoft has continuously patched these vulnerabilities, making these targets increasingly secure. However, which component might become the next attack target? Last year, MSKSSRV (Microsoft Kernel Streaming Service) became a popular target for hackers. However, this driver is tin...| DEVCORE 戴夫寇爾