I was wondering if its possible to do some sort of validation from usermode requests,
lets say i have a dll injected into explorer.exe, this dll sends ioctl's to the device.
Is there some kind of method to block requests that doesnt come from explorer.exe ?
Thanks in advance
It looks like you're new here. If you want to get involved, click one of these buttons!
|Upcoming OSR Seminars|
|Writing WDF Drivers||21 Oct 2019||OSR Seminar Space & ONLINE|
|Internals & Software Drivers||18 Nov 2019||Dulles, VA|
|Kernel Debugging||30 Mar 2020||OSR Seminar Space|
|Developing Minifilters||27 Apr 2020||OSR Seminar Space & ONLINE|