Reverse Engineering Simple Windows Driver

Подписаться 44 тыс.

Просмотров 7 тыс.

50% 1

In this video I will demonstrate how you can reverse engineer a simple "Hello, World" driver on Windows 10.
Dependencies:
- Cutter: winget install Rizin.Cutter
- Windows Debugger (windbg): winget install Microsoft.WinDbg
Docs:
- DbgPrint: learn.microsoft.com/en-us/win...
- COM Port Kernel Debugging: learn.microsoft.com/en-us/win...

Наука

Опубликовано:

16 мар 2024

Ссылка:

Скачать:

Готовим ссылку...

Добавить в:

Мой плейлист

Посмотреть позже

Комментарии : 27

@michaeletzkorn 3 месяца назад

I didn't vote for this video, but I'm glad it won! As someone who develops hardware that needs to interact with Windows drivers, the kernel debugger seems very useful for figuring out what the driver's "quirks" (bugs) are to workaround them.

@KimTiger777 3 месяца назад

Just tested Cutter with simple win32 program although I don't understand much of the disassembly it generated. Thank you for the amazing video. Keep it up 👍👍

@p-ql7by 3 месяца назад

Never fail to excite us! Keep up the good work!

@mono9613 3 месяца назад

I'm really learning a crazy lot from your videos. Always looking forward to any new content!

@justinnamilee 3 месяца назад

I know I put 'neat' on most of your videos, and here it comes again: Neat. x)

@nonoroberto8219 3 месяца назад

So cool, please keep doing that stuff

@john_says_hi 21 день назад

love your channel

@isaacsong-so5um 3 месяца назад

amazing video👍

@legigatrain216 3 месяца назад

Thank you!

@BesmirZanaj 3 месяца назад

This was very cool.

@alexandrohdez3982 3 месяца назад

Great video again 👏👏👏💪💪💪💪

@madghostek3026 3 месяца назад

Interesting video!

@user-lg2hl7hr3j 3 месяца назад

Sir, The uttmost respect to your work you have made malware reverse engg onboarding very easy with this video this is how MicroSoft must make their docs not some tedious legthy cryptic docs. In the next Video please try to run windows on raspberry pi so that we can learn the same way to reverse windows arm64 drivers

@homework8969 3 месяца назад

It would be cool if you could do this with some off the shelf drivers, although Im pretty sure that youtube wouldn’t like that.

@jannatgaoshiqqalb3598 3 месяца назад

Bro, how to read the contents of a dll file, and change it in a windows machine? And thank you for your prominent efforts to improve your channel to give us valueable knowledge about low level stuff

@nirlichtman 3 месяца назад

You can use cutter for that :)

@shad578 3 месяца назад

Can you create a video for installing the visual studio build tools on Ubuntu 22.04 pls?

@alargeboat 3 месяца назад

hey Nir, as a possible video idea, could you maybe make a video on making a simple TUI app using ncurses/curses in C?

@nirlichtman 3 месяца назад

I have a video on making snake with curses, but its a good idea, ill consider also making a vid dedicated to making a simple tui visual editor or something like that using curses

@alargeboat 3 месяца назад

@@nirlichtmanawesome, thank you!

@isyankarmakarna9865 3 месяца назад

Please help me, how to simulate keyboard with kernel mode driver. Thank you.

@nirlichtman 3 месяца назад

You want to send keystrokes? Why not do that from user mode using for example SendInput? learn.microsoft.com/en-us/windows/win32/api/winuser/nf-winuser-sendinput

@isyankarmakarna9865 3 месяца назад

@@nirlichtman because the game cancel the user mode keysend. please help about this rhank you.

@nirlichtman 3 месяца назад

@@isyankarmakarna9865sorry can't help since I don't know how to do this in the kernel, good luck!

@isyankarmakarna9865 3 месяца назад

@@nirlichtman u r writing kernel driver u don t know how to do it?