Reverse Engineering Simple Windows Driver

Рет қаралды 7,166

3 ай бұрын

In this video I will demonstrate how you can reverse engineer a simple "Hello, World" driver on Windows 10.
Dependencies:
- Cutter: winget install Rizin.Cutter
- Windows Debugger (windbg): winget install Microsoft.WinDbg
Docs:
- DbgPrint: learn.microsoft.com/en-us/win...
- COM Port Kernel Debugging: learn.microsoft.com/en-us/win...

Пікірлер: 27

@michaeletzkorn 3 ай бұрын

I didn't vote for this video, but I'm glad it won! As someone who develops hardware that needs to interact with Windows drivers, the kernel debugger seems very useful for figuring out what the driver's "quirks" (bugs) are to workaround them.

@KimTiger777 3 ай бұрын

Just tested Cutter with simple win32 program although I don't understand much of the disassembly it generated. Thank you for the amazing video. Keep it up 👍👍

@p-ql7by 3 ай бұрын

Never fail to excite us! Keep up the good work!

@mono9613 3 ай бұрын

I'm really learning a crazy lot from your videos. Always looking forward to any new content!

@justinnamilee 3 ай бұрын

I know I put 'neat' on most of your videos, and here it comes again: Neat. x)

@nonoroberto8219 3 ай бұрын

So cool, please keep doing that stuff

@john_says_hi 23 күн бұрын

love your channel

@isaacsong-so5um 3 ай бұрын

amazing video👍

@legigatrain216 3 ай бұрын

Thank you!

@BesmirZanaj 3 ай бұрын

This was very cool.

@alexandrohdez3982 3 ай бұрын

Great video again 👏👏👏💪💪💪💪

@madghostek3026 3 ай бұрын

Interesting video!

@user-lg2hl7hr3j 3 ай бұрын

Sir, The uttmost respect to your work you have made malware reverse engg onboarding very easy with this video this is how MicroSoft must make their docs not some tedious legthy cryptic docs. In the next Video please try to run windows on raspberry pi so that we can learn the same way to reverse windows arm64 drivers

@homework8969 3 ай бұрын

It would be cool if you could do this with some off the shelf drivers, although Im pretty sure that youtube wouldn’t like that.

@jannatgaoshiqqalb3598 3 ай бұрын

Bro, how to read the contents of a dll file, and change it in a windows machine? And thank you for your prominent efforts to improve your channel to give us valueable knowledge about low level stuff

@nirlichtman 3 ай бұрын

You can use cutter for that :)

@shad578 3 ай бұрын

Can you create a video for installing the visual studio build tools on Ubuntu 22.04 pls?

@alargeboat 3 ай бұрын

hey Nir, as a possible video idea, could you maybe make a video on making a simple TUI app using ncurses/curses in C?

@nirlichtman 3 ай бұрын

I have a video on making snake with curses, but its a good idea, ill consider also making a vid dedicated to making a simple tui visual editor or something like that using curses

@alargeboat 3 ай бұрын

@@nirlichtmanawesome, thank you!

@isyankarmakarna9865 3 ай бұрын

Please help me, how to simulate keyboard with kernel mode driver. Thank you.

@nirlichtman 3 ай бұрын

You want to send keystrokes? Why not do that from user mode using for example SendInput? learn.microsoft.com/en-us/windows/win32/api/winuser/nf-winuser-sendinput

@isyankarmakarna9865 3 ай бұрын

@@nirlichtman because the game cancel the user mode keysend. please help about this rhank you.

@nirlichtman 3 ай бұрын

@@isyankarmakarna9865sorry can't help since I don't know how to do this in the kernel, good luck!

@isyankarmakarna9865 3 ай бұрын

@@nirlichtman u r writing kernel driver u don t know how to do it?