Home

Awesome

ROCALL

ReactOS x86-32 syscall fuzzer.

System Requirements

Usage

ROCALL [-win32k] [-logn | logv ] [-pc Value] [-wt Value] [-sc Value] [-s]

When used without parameters RoCall will start fuzzing system service table.

Example:

Note: make sure to configure virtual machine COM1 port settings before trying this tool.

How it work

It brute-force through system services and call them multiple times with input parameters randomly taken from predefined "bad arguments" list.

Configuration

By using blacklist.ini configuration file you can blacklist certain services. To do this - add service name (case sensitive) to the corresponding section of the blacklist.ini, e.g. if you want to blacklist services from KiServiceTable then use [ntos] section.

Example of blacklist.ini (default config shipped with program)

<pre>[ntos] NtClose NtShutdownSystem NtSuspendProcess NtSuspendThread NtTerminateProcess NtTerminateThread [win32k] NtUserSwitchDesktop NtUserLockWorkStation </pre>

Warning

This program may crash the operation system, affect it stability, which may result in data lost or program crash itself. You use it at your own risk.

Build

ROCALL comes with full source code written in C with tiny assembler usage. In order to build from source you need Microsoft Visual Studio 2015 and later versions.

Instructions

Bugs found with ROCALL

Authors

(c) 2018 - 2019 ROCALL Project