IOCTLpus can be used to make DeviceIoControl requests with arbitrary inputs (with functionality somewhat similar to Burp Repeater).
Here is an example of a communication with a driver:
If no arguments is passed to IOCTLpus, it will run in GUI mode; if the --cli argument is passed it will run in CLI mode.
Example:
--cli --guid \\.\PhysicalDrive0 --ioctl 70000 -i 32 -o 32 --input 0000000000000000000000000000000000000000000000000000000000000000
--cli Run IOCTLpus in CLI mode.
--guid Path/GUID of the driver to interact with.
--ioctl IOCTL code.
-i, --input-size (Default: 32) Input Size (decimal).
-o, --output-size (Default: 32) Output Size (decimal).
--input Input buffer.
-r, --repeat (Default: 0) # of times to repeat the IOCTL request.
--access-mask (Default: 20000000) Access Mask.
--help Display this help screen.
--version Display version information.
- Create handles using Device Interface GUIDs in addition to symbolic links. [GIF]
- Persist requests to SQLite databases.
- Apply filters to request history.
- Integrate Kaitai Struct to define and view buffer structures (inspired by).
- Develop an API to use the tool headlessly (e.g. for fuzzing).
- Design a cool logo.
- Developed in 2017 by Jackson Thuraisamy @Jackson_T
- Updated in 2021 by Paolo Stagno @Void_Sec