Home

Awesome

image-removebg-preview1

CVE-2023-38817

A PoC and writeup on vulnerabilties discovered in echo.ac's driver.

CVE Info

CERTIFICATE REVOKED

Microsoft has added the Echo Driver to the Vulnerable Driver Blocklist and the certificate has been revoked (even after the Echo team insisted that the exploit wasn't real).

If you still wish to use the exploit, you must enable test signing and disable the Microsoft Vulnerable Driver blocklist.

💕 Credits

Detailed Writeup Link

https://ioctl.fail/echo-ac-writeup/

Driver Download

I have removed the binary from this repo for security.

You may read extra info and download the driver binary from the official loldrivers.io page: https://www.loldrivers.io/drivers/afb8bb46-1d13-407d-9866-1daa7c82ca63/

Background

echo.ac is a commercial "screensharing tool", marketed and developed mostly for the Minecraft PvP community, but also used by some other game communities, such as Rust. A "screensharing tool" is a program developed to "assist" server admins in identifying if someone's using cheats or similar banned external tools ingame - As such, these programs execute numerous intrusive scans on users computer, while being very vague of what they data collect and why.

Echo refused to acknowledge this bug when contact was made.

Thanks for your time 💜.