CVE-2025-60419: Driver-induced Denial of Service via IOCTL handling
CVE-2025-60419 — a null-pointer dereference DoS in RtkIOAC60.sys triggered by sending an empty IRP buffer to IOCTL_NDISPROT_SET_EVENT, with full PoC.
CVE-2025-60419 — a null-pointer dereference DoS in RtkIOAC60.sys triggered by sending an empty IRP buffer to IOCTL_NDISPROT_SET_EVENT, with full PoC.
Exploring Windows RPC interfaces in Winlogon.exe — reviewing security callbacks, tracing dispatch tables through dynamic and static analysis, and documenting denial-of-service research notes.
Lab notes on implementing an IOCTL dispatch wrapper for kernel primitive experiments and a COM-based system information gathering module.
Investigating IOMMU misconfiguration as an avenue to exploit a PCI Configuration Space R/W primitive — dumping ACPI DMAR tables and scanning reserved memory regions.
Development notes on building a structured logging system and a driver-loading module with service management in an isolated lab.
Using RIP register manipulation via an MSR R/W vulnerability to force hidden drivers to expose their devices — methodology, observations, and findings.
Building an API hashing component in C/C++ — using iterative engineering notes from JSON config parsing through stub generation and compilation.