Credit: Mateusz “j00ru” Jurczyk
The original Bochspwn tool, circa 2013, found local privilege escalations based on “double fetch” conditions in kernels by doing memory instrumentation using the Bochs VM. The new Reloaded research was focused on finding infoleak vulnerabilities using a similar mechanism. Using this tool, he found 30 Windows kernel memory disclosure vulnerabilities as well as a handful of Linux kernel infoleaks. We all love tools that find real bugs in real software, and this one comes with cool visuals too. I can’t wait for Bochspwn Revolutions.