Device Drivers presented at Blackhat USA 2005

by Johnny cacheDavid Maynor,

Tags: Security Exploitation

Summary : Application level security is getting
better. Basic stack based string overflows have become rare, and even
simple heap overflows are getting hard to find. Despite this fact there
is still a huge avenue of exploitation that has not been tapped yet:
device drivers. Although they don’t sound very interesting, they are
full of simple security programming errors as they are often developed
for performance and in tight time frames. The traditional thinking is
that although the code is bad an attacker can’t really get to it.
Development of reliable off the shelf packet injection techniques
combined with the excessive complexity of the 802.11 protocol creates a
perfect combination for security researchers. Ever seen a laptop owned
remotely because of a device driver? Want to?