[DriverJack] Loading a vulnerable Driver on Win11
ฝัง
- เผยแพร่เมื่อ 7 ส.ค. 2024
- This video illustrates the DriverJack technique, which involves the exploit of a CDFS read-only bypass and an NT Object Manager symlink hijack to load a vulnerable driver on Windows. The driver is not blocked by the MS Vulnerable Blocklist and loads successfully. Additionally, it appears to be legitimate in the Sysmon NtLoadDriver event (event 6).