Ori Damari

icon indicating a website link repnz.github.io

icon location 0x7c00 icon location windows kernel research & development

Results 18 issues of Ori Damari

Multiple bugs in the driver's implementation

I know it's a POC, but I thought it would be good to fix this anyway - 1) There is a stack buffer overflow reading the 'pid' from user mode....

Probably a bug

https://github.com/repnz/ReversingMinesweeper/blob/9981360f1ee543ad487185ffddcc6a24f9aa09d2/Minesweeper/game.c#L361 Why are you chancing nearBombsCount?

Download and Index Symbols Of Executables

1 comment

- It would be cool if you could search for anything and would look in symbols

Allow resolving ordinals

Automatically resolve ordinals for the user (Ordinals of imports)

Reduce memory by using a string table

- Memory is high on disk and in RAM when loading

Check if it's NULL

https://github.com/repnz/windows-inspector/blob/a6387eeeae215a2b85f669fe95b151207a29091c/WindowsInspector.Kernel/Ioctl.c#L49

Fix StartAddress Issue: Replace PsGetCurrentThread() with the actual thread

https://github.com/repnz/windows-inspector/blob/a6387eeeae215a2b85f669fe95b151207a29091c/WindowsInspector.Kernel/Providers/ThreadProvider.c#L51

If Statements without a space after the 'If'

Seperate parser class from keyword instance

Implement "Stop" functionality

1 comment

Event listening: - The listen() function is called when the user mode code asks. - The stop() function is called when the user mode process exits. - When the driver...