Create prompt-01

Reverse-Engineer/Drivers-Exploitation/prompt-01

@@ -0,0 +1,33 @@
+Your task is to analyze a driver DriverName.sys in IDA Pro. You can use the MCP tools to retrieve information. In general use the following strategy:
+
+Analyze the provided driver code focusing on:
+1. Exposed IOCTLs (Input/Output Control) - identify opcodes
+2. Missing or insufficient input validations
+3. Possibilities of buffer overflow (stack or heap)
+4. Arbitrary memory read/write operations
+5. Token/privilege manipulation
+6. Exposed function pointers that can be overwritten
+7. Race conditions
+8. Use of dangerous functions such as memcpy, strcpy without validation
+
+Specifically look for:
+- Accessible process/thread handles
+- Operations with EPROCESS/ETHREAD structures
+- Access to arbitrary PID/TID
+- Ability to read/write kernel memory
+- Registered callback functions that can be manipulated
+- Control of function pointers through exposed structures
+
+Create a PoC that exploits the vulnerabilities found for:
+a) Privilege escalation (SYSTEM/NT) AUTHORITY)
+b) Denial of Service (system/driver crash)
+c) Arbitrary kernel memory read
+d) Arbitrary kernel memory write
+
+Analysis format:
+
+1. Identify all IOCTLs and their functionalities
+2. Map data structures and parameters
+3. Identify missing validations
+4. Develop exploit primitives
+5. Build a complete exploit