Double free bugfix.
This commit is contained in:
hfiref0x 2017-12-18 19:58:24 +07:00
parent b9bace6da6
commit 959919bb01
6 changed files with 1591 additions and 100 deletions

Binary file not shown.

View File

@ -4,9 +4,9 @@
* *
* TITLE: MAIN.C * TITLE: MAIN.C
* *
* VERSION: 1.11 * VERSION: 1.12
* *
* DATE: 20 Apr 2017 * DATE: 01 Dec 2017
* *
* Furutaka entry point. * Furutaka entry point.
* *
@ -41,11 +41,11 @@ ULONG g_NtBuildNumber = 0;
#define supImageHandle 0x1a000 #define supImageHandle 0x1a000
#define PAGE_SIZE 0x1000 #define PAGE_SIZE 0x1000
#define T_LOADERTITLE TEXT("Turla Driver Loader v1.1.1 (20/04/17)") #define T_LOADERTITLE TEXT("Turla Driver Loader v1.1.2 (01/12/17)")
#define T_LOADERUNSUP TEXT("Unsupported WinNT version\r\n") #define T_LOADERUNSUP TEXT("Unsupported WinNT version\r\n")
#define T_LOADERRUN TEXT("Another instance running, close it before\r\n") #define T_LOADERRUN TEXT("Another instance running, close it before\r\n")
#define T_LOADERUSAGE TEXT("Usage: loader drivertoload\n\re.g. loader mydrv.sys\r\n") #define T_LOADERUSAGE TEXT("Usage: loader drivertoload\n\re.g. loader mydrv.sys\r\n")
#define T_LOADERINTRO TEXT("Turla Driver Loader v1.1.1 started\r\n(c) 2016 - 2017 TDL Project\r\nSupported x64 OS : 7 and above\r\n") #define T_LOADERINTRO TEXT("Turla Driver Loader v1.1.2 started\r\n(c) 2016 - 2017 TDL Project\r\nSupported x64 OS : 7 and above\r\n")
/* /*
* TDLVBoxInstalled * TDLVBoxInstalled

File diff suppressed because it is too large Load Diff

Binary file not shown.

View File

@ -4,9 +4,9 @@
* *
* TITLE: SUP.C * TITLE: SUP.C
* *
* VERSION: 1.10 * VERSION: 1.12
* *
* DATE: 17 Apr 2017 * DATE: 01 Dec 2017
* *
* THIS CODE AND INFORMATION IS PROVIDED "AS IS" WITHOUT WARRANTY OF * THIS CODE AND INFORMATION IS PROVIDED "AS IS" WITHOUT WARRANTY OF
* ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED * ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED
@ -45,6 +45,7 @@ PVOID supGetSystemInfo(
} }
if (status == STATUS_INFO_LENGTH_MISMATCH) { if (status == STATUS_INFO_LENGTH_MISMATCH) {
RtlFreeHeap(hHeap, 0, Buffer); RtlFreeHeap(hHeap, 0, Buffer);
Buffer = NULL;
Size *= 2; Size *= 2;
c++; c++;
if (c > 100) { if (c > 100) {

View File

@ -1,6 +1,6 @@
a761bbb4a1b7813132dc8d8ed526d24289dc603bc706da238e1f23d75dbd66aa *Compiled\dummy.sys a761bbb4a1b7813132dc8d8ed526d24289dc603bc706da238e1f23d75dbd66aa *Compiled\dummy.sys
f6610691bc3b9f96dad8bfc00b3ceb939ebcb17844d1ca5ee26f8364944ca110 *Compiled\dummy2.sys f6610691bc3b9f96dad8bfc00b3ceb939ebcb17844d1ca5ee26f8364944ca110 *Compiled\dummy2.sys
bef3056b55e2f29525817e3e44753dcf32152460028d27b28e54cce3a7d1eb0f *Compiled\Furutaka.exe a7b38ab63ccdca7dc1a677974a7b4e325e195a233ae4a70dc14ab957aef5975c *Compiled\Furutaka.exe
14eec2753d0e9b432c54c4a70fc59e3be75674313b6308a7a820e6682f775eb9 *Source\DummyDrv\dummy.sln 14eec2753d0e9b432c54c4a70fc59e3be75674313b6308a7a820e6682f775eb9 *Source\DummyDrv\dummy.sln
d61ebda2674d2db05a235478f89fed02c2de049b00ac5648fcebd4c4e638f71c *Source\DummyDrv\dummy\dummy.vcxproj d61ebda2674d2db05a235478f89fed02c2de049b00ac5648fcebd4c4e638f71c *Source\DummyDrv\dummy\dummy.vcxproj
2d469aafdb7e37a2d58d4e7875abbfd27599762333cba8e28376c16fa7446e9c *Source\DummyDrv\dummy\dummy.vcxproj.filters 2d469aafdb7e37a2d58d4e7875abbfd27599762333cba8e28376c16fa7446e9c *Source\DummyDrv\dummy\dummy.vcxproj.filters
@ -22,12 +22,12 @@ b4d5fe6532f439d6c1161b06dfe90a6bee063c003645204d31b678efd033ae51 *Source\Furutak
9b9f412b442a3a328693af6f6be5bc3f00b0723e49012e6395d3d5eb9184b078 *Source\Furutaka\global.h 9b9f412b442a3a328693af6f6be5bc3f00b0723e49012e6395d3d5eb9184b078 *Source\Furutaka\global.h
94cbbb81022dbd0205a3e7ede89775b43f9f45e934a3079fdb7f5217d8794fe0 *Source\Furutaka\instdrv.c 94cbbb81022dbd0205a3e7ede89775b43f9f45e934a3079fdb7f5217d8794fe0 *Source\Furutaka\instdrv.c
33b8666748f027ff93707e6e2a1b52303c3664399000ff18b4a8fe864b731640 *Source\Furutaka\instdrv.h 33b8666748f027ff93707e6e2a1b52303c3664399000ff18b4a8fe864b731640 *Source\Furutaka\instdrv.h
2e0ae7d721d15facb6a63af2df430ce5a1d6250fdb78fc7511e24c23a2d73a9a *Source\Furutaka\main.c 3a7e165f891de48c942af84c9424c3f264e735d8d759fa4b694b6108686c0f05 *Source\Furutaka\main.c
8ad5fc39c371439f2d53028e660b2d84f9238651e6311b4b28c1b714da1ee7fc *Source\Furutaka\ntos.h b29970b67a406364e4a8fef971e48383de176229a9333168bd03caa474d19e3b *Source\Furutaka\ntos.h
fe6f865af4e22a2f7e1349891e935d7825caf08a06993d4e24d1596dab77963e *Source\Furutaka\resource.h fe6f865af4e22a2f7e1349891e935d7825caf08a06993d4e24d1596dab77963e *Source\Furutaka\resource.h
2ae545acec81745467b20da56f88a31df07de2021456d82dc16dbbe9ce0b3103 *Source\Furutaka\resource.rc a2ceea364b0cc637a441649c48b23ade244b45838f7cc0289338ff854ec4ed00 *Source\Furutaka\resource.rc
6f8ae02b3a6da025d5f918080e70245760d472dd5eb23fcc3964d425bee41336 *Source\Furutaka\shellcode.h 6f8ae02b3a6da025d5f918080e70245760d472dd5eb23fcc3964d425bee41336 *Source\Furutaka\shellcode.h
fd0fc26c051a852fe3eaf9cb44615543b92e642274fc1eb58b53f23457fd4e89 *Source\Furutaka\sup.c 6ae8ca2192e5277e85a625c772092988592248dbaa444f385446202ea9e42eb5 *Source\Furutaka\sup.c
059014233efa8963d28b21f77aa37ae1c0ed3e152a9737ae8ec45338dee1d860 *Source\Furutaka\sup.h 059014233efa8963d28b21f77aa37ae1c0ed3e152a9737ae8ec45338dee1d860 *Source\Furutaka\sup.h
12a9c986e4589a613e4d8e0e30a7bfa41191283a53b2eafab3483b0884a93d82 *Source\Furutaka\vbox.h 12a9c986e4589a613e4d8e0e30a7bfa41191283a53b2eafab3483b0884a93d82 *Source\Furutaka\vbox.h
cf3a7d4285d65bf8688215407bce1b51d7c6b22497f09021f0fce31cbeb78986 *Source\Furutaka\drv\vboxdrv_exploitable.sys cf3a7d4285d65bf8688215407bce1b51d7c6b22497f09021f0fce31cbeb78986 *Source\Furutaka\drv\vboxdrv_exploitable.sys