Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Duplicates within the data #166

Open
Itsredd opened this issue Dec 28, 2023 · 2 comments
Open

Duplicates within the data #166

Itsredd opened this issue Dec 28, 2023 · 2 comments
Assignees
@nasbench

Comments

@Itsredd
Copy link

Itsredd commented Dec 28, 2023

While investigating the repository, I found a few things that need to be cleaned up.
Based on the data displayed on loldrivers.io:

Duplicate hashes

Tag SHA256 Category
ATSZIO.sys 01e024cb14b34b6d525c642a710bfa14497ea20fd287c39ba404b10a8b143ece Vulnerable driver
ATSZIO64.sys 01e024cb14b34b6d525c642a710bfa14497ea20fd287c39ba404b10a8b143ece Vulnerable driver
iqvw64e.sys 4429f32db1cc70567919d7d47b844a91cf1329a6cd116f582305f3b7b60cd60b Vulnerable driver
NalDrv.sys 4429f32db1cc70567919d7d47b844a91cf1329a6cd116f582305f3b7b60cd60b Vulnerable driver
mhyprot.sys 509628b6d16d2428031311d7bd2add8d5f5160e9ecc0cd909f1e82bbbb3234d6 Vulnerable driver
Mhyprot2.sys 509628b6d16d2428031311d7bd2add8d5f5160e9ecc0cd909f1e82bbbb3234d6 Vulnerable driver
BS_I2c64.sys 55fee54c0d0d873724864dc0b2a10b38b7f40300ee9cae4d9baaf8a202c4049a Vulnerable driver
BS_I2cIo.sys 55fee54c0d0d873724864dc0b2a10b38b7f40300ee9cae4d9baaf8a202c4049a Vulnerable driver
viragt64.sys 58a74dceb2022cd8a358b92acd1b48a5e01c524c3b0195d7033e4bd55eff4495 Vulnerable driver
viraglt64.sys 58a74dceb2022cd8a358b92acd1b48a5e01c524c3b0195d7033e4bd55eff4495 Vulnerable driver
BSMI.sys 59626cac380d8fe0b80a6d4c4406d62ba0683a2f0f68d50ad506ca1b1cf25347 Vulnerable driver
BSMIXP64.sys 59626cac380d8fe0b80a6d4c4406d62ba0683a2f0f68d50ad506ca1b1cf25347 Vulnerable driver
iscflashx64.sys ce0a4430d090ba2f1b46abeaae0cb5fd176ac39a236888fa363bf6f9fd6036d9 Vulnerable driver
iscflashx64.sys ce0a4430d090ba2f1b46abeaae0cb5fd176ac39a236888fa363bf6f9fd6036d9 Vulnerable driver

The listed drivers have the same hash.
In the case of Mhyprot2.sys, the driver is from mhyprot.sys. I have not checked the other examples.

Duplicate tags

In some cases, I found tags that were duplicated, and upon examination, found that they should be listed under "Known Vulnerable Samples" rather than as a single entry. This does not account for all the drivers listed, but I found that sharing them all might be more useful.

Tag SHA256
amifldrv64.sys 20f11a64bc4548f4edb47e3d3418da0f6d54a83158224b71662a6292bf45b5fb
amifldrv64.sys 5e238d351e16d4909ca394f1db0326a60d33c9ac7b4d78aefcf17a6d9cc72be9
asio.sys 0ee5067ce48883701824c5b1ad91695998916a3702cf8086962fbe58af74b2d6
AsIO.sys 2da330a2088409efc351118445a824f11edbe51cf3d653b298053785097fe40e
asio64.sys 2d36642135166bbb296624dca878925963c7da785e42e940f02d01beb7c477d5
AsIO64.sys b48a309ee0960da3caaaaf1e794e8c409993aeb3a2b64809f36b97aac8a1e62a
AsUpIO.sys 8f23313adb35782adb0ba97fefbfbb8bbc5fc40ae272e07f6d4629a5305a3fa2
AsUpIO.sys b9a4e40a5d80fedd1037eaed958f9f9efed41eb01ada73d51b5dcd86e27e0cbf
aswArPot.sys 0b2ad05939b0aabbdc011082fad7960baa0c459ec16a2b29f37c1fa31795a46d
aswArPot.sys 4b5229b3250c8c08b98cb710d6c056144271de099a57ae09f5d2097fc41bd4f1
atillk64.sys 38bb9751a3a1f072d518afe6921a66ee6d5cf6d25bc50af49e1925f20d75d4d7
atillk64.sys 5c04c274a708c9a7d993e33be3ea9e6119dc29527a767410dbaf93996f87369a
ATSZIO.sys 01e024cb14b34b6d525c642a710bfa14497ea20fd287c39ba404b10a8b143ece
ATSZIO.sys 0da746e49fd662be910d0e366934a7e02898714eaaa577e261ab40eb44222b5c
BS_HWMIo64.sys 60c6f4f34c7319cb3f9ca682e59d92711a05a2688badbae4891b1303cd384813
bs_hwmio64.sys 6dafd15ee2fbce87fef1279312660fc399c4168f55b6e6d463bf680f1979adcf
BS_I2cIo.sys 42e170a7ab1d2c160d60abfc906872f9cfd0c2ee169ed76f6acb3f83b3eeefdb
BS_I2cIo.sys 55fee54c0d0d873724864dc0b2a10b38b7f40300ee9cae4d9baaf8a202c4049a
bs_rcio64.sys 73327429c505d8c5fd690a8ec019ed4fd5a726b607cabe71509111c7bfe9fc7e
BS_RCIO64.sys d205286bffdf09bc033c09e95c519c1c267b40c2ee8bab703c6a2d86741ccd3e
CorsairLLAccess64.sys 000547560fea0dd4b477eb28bf781ea67bf83c748945ce8923f90fdd14eb7a4b
CorsairLLAccess64.sys 29a90ae1dcee66335ece4287a06482716530509912be863c85a2a03a6450a5b6
cpuz.sys 0d3790af5f8e5c945410929e31d06144a471ac82f828afe89a4758a5bbeb7f9f
cpuz.sys eaa5dae373553024d7294105e4e07d996f3a8bd47c770cdf8df79bf57619a8cd
DirectIo.sys 2b186926ed815d87eaf72759a69095a11274f5d13c33b8cc2b8700a1f020be1d
DirectIo.sys 4422851a0a102f654e95d3b79c357ae3af1b096d7d1576663c027cfbc04abaf9
directio.sys e6a7a497010579fde69cd52bed8de28db610c33bbc5ce0774459dcf64657b802
directio64.sys 092349aebdac28294dbad1656759d8461f362d1a36b01054dccf861d97beadf0
directio64.sys d84e3e250a86227c64a96f6d5ac2b447674ba93d399160850acb2339da43eae5
ElbyCDIO.sys 238046cfe126a1f8ab96d8b62f6aa5ec97bab830e2bae5b1b6ab2d31894c79e4
elbycdio.sys eea53103e7a5a55dc1df79797395a2a3e96123ebd71cdd2db4b1be80e7b3f02b
eneio64.sys 38c18db050b0b2b07f657c03db1c9595febae0319c746c3eede677e21cd238b0
EneIo64.sys 9fc29480407e5179aa8ea41682409b4ea33f1a42026277613d6484e5419de374
GameTerSafe.sys 3e9b62d2ea2be50a2da670746c4dbe807db9601980af3a1014bcd72d0248d84c
gametersafe.sys e2ec3b2a93c473d88bfdf2deb1969d15ab61737acc1ee8e08234bc5513ee87ea
gdrv.sys 092d04284fdeb6762e65e6ac5b813920d6c69a5e99d110769c5c1a78e11c5ba0
gdrv.sys 31f4cfb4c71da44120752721103a16512444c13c2ac2d857a7e6f13cb679b427
GLCKIO2.sys 3a5ec83fe670e5e23aef3afa0a7241053f5b6be5e6ca01766d6b5f9177183c25
GLCKIO2.sys e5b0772be02e2bc807804874cf669e97aa36f5aff1f12fa0a631a3c7b4dd0dc8
GVCIDrv64.sys 42f0b036687cbd7717c9efed6991c00d4e3e7b032dc965a2556c02177dfdad0f
gvcidrv64.sys a2353030d4ea3ad9e874a0f7ff35bbfa10562c98c949d88cabab27102bbb8e48
HpPortIox64.sys a4680fabf606d6580893434e81c130ff7ec9467a15e6534692443465f264d3c9
HpPortIox64.sys c5050a2017490fff7aa53c73755982b339ddb0fd7cef2cde32c81bc9834331c5
hw.sys 4880f40f2e557cff38100620b9aa1a3a753cb693af16cd3d95841583edcb57a8
HW.sys fd388cf1df06d419b14dedbeb24c6f4dff37bea26018775f09d56b3067f0de2c
iobitunlocker.sys 7a1feb8649a5c0679e1073e6d8a02c8a6ebc5825f02999f16c9459284f1b198b
IObitUnlocker.sys f85cca4badff17d1aa90752153ccec77a68ad282b69e3985fdc4743eaea85004
iscflashx64.sys ce0a4430d090ba2f1b46abeaae0cb5fd176ac39a236888fa363bf6f9fd6036d9
iscflashx64.sys ce0a4430d090ba2f1b46abeaae0cb5fd176ac39a236888fa363bf6f9fd6036d9
kEvP64.sys 09b0e07af8b17db1d896b78da4dd3f55db76738ee1f4ced083a97d737334a184
kEvP64.sys 7462b7ae48ae9469474222d4df2f0c4f72cdef7f3a69a524d4fccc5ed0fd343f
LHA.sys 23ba19352b1e71a965260bf4d5120f0200709ee8657ed381043bec9a938a1ade
LHA.sys e75714f8e0ff45605f6fc7689a1a89c7dcd34aab66c6131c63fefaca584539cf
libnicm.sys 00c02901472d74e8276743c847b8148be3799b0e3037c1dfdca21fa81ad4b922
libnicm.sys ab0925398f3fa69a67eacee2bbb7b34ac395bb309df7fc7a9a9b8103ef41ed7a
mhyprot.sys 0c512b615eac374d4d494e3c36838d8e788b3dc2691bf27916f7f42694b14467
mhyprot.sys 509628b6d16d2428031311d7bd2add8d5f5160e9ecc0cd909f1e82bbbb3234d6
mhyprot2.sys 342cf884840fc2b48c96398f690a1801ed8ac1ea59305af9e3d070d13ef85601
Mhyprot2.sys 509628b6d16d2428031311d7bd2add8d5f5160e9ecc0cd909f1e82bbbb3234d6
mhyprotrpg.sys 8bf84bed9b5fa4576182c84d2f31679dc472acd0f83c9813498e9f71ed9fef3e
mhyprotrpg.Sys f7d72d22cd4ad3e44fd617bdb4c90b9a884f4eb045688c0e3fb64dd33e033eaa
MsIo32.sys 525d9b51a80ca0cd4c5889a96f857e73f3a80da1ffbae59851e0f51bdfb0b6cd
msio32.sys c7d4943ddac34e1a38692c624d799e634ad4c4e3ae7e3bb2ae4cf0d8eb8985bc
MsIo64.sys 0f035948848432bc243704041739e49b528f35c82a5be922d9e3b8a4c44398ff
MsIo64.sys 43ba8d96d5e8e54cab59d82d495eeca730eeb16e4743ed134cdd495c51a4fc89
netflt.sys cf16a2218fc8a3b6fa5aa4a0bc6205792798078c380ccc7e5041476e0f1bc53d
NetFlt.sys f8886a9c759e0426e08d55e410b02c5b05af3c287b15970175e4874316ffaf13
NICM.SYS 3a65d14fd3b1b5981084cdbd293dc6f4558911ea18dd80177d1e5b54d85bcaa0
nicm.sys 7a2cd1dc110d014165c001ce65578da0c0c8d7d41cc1fa44f974e8a82296fc25
NICM.sys dd4fedd5662122cbfe046a12e2137294ef1cb7822238d9e24eacc78f22f8e93d
nscm.sys 28999af32b55ddb7dcfc26376a244aa2fe297233ce7abe4919a1aef2f7e2cee7
nscm.sys 76660e91f1ff3cb89630df5af4fe09de6098d09baa66b1a130c89c3c5edd5b22
NTIOLib.sys 09bedbf7a41e0f8dabe4f41d331db58373ce15b2e9204540873a1884f38bdde1
NTIOLib.sys 18776682fcc0c6863147143759a8d4050a4115a8ede0136e49a7cf885c8a4805
nvflash.sys 9368e51ec98e2ad20893a5fc21e6a8b20c5bee158d5c49ca58649cff84db9d68
nvflash.sys afdd66562dea51001c3a9de300f91fc3eb965d6848dfce92ccb9b75853e02508
PCHunter.sys 1b7fb154a7b7903a3c81f12f4b094f24a3c60a6a8cffca894c67c264ab7545fa
pchunter.sys 3f20ac5dac9171857fc5791865458fdb6eac4fab837d7eabc42cb0a83cb522fc
RTCore64.sys 01aa278b07b58dc46c84bd0b1b5c8e9ee4e62ea0bf7a695862444af32e87f1fd
RTCore64.sys 03e0581432f5c8cc727a8aa387f5b69ff84d38d0df6f1226c19c6e960a81e1e9
RwDrv.sys 1e0eb0811a7cf1bdaf29d3d2cab373ca51eb8d8b58889ab7728e2d3aed244abe
rwdrv.sys ea0b9eecf4ad5ec8c14aec13de7d661e7615018b1a3c65464bf5eca9bbf6ded3
sandra.sys 1aaf4c1e3cb6774857e2eef27c17e68dc1ae577112e4769665f516c2e8c4e27b
SANDRA.sys 3e274df646f191d2705c0beaa35eeea84808593c3b333809f13632782e27ad75
sfdrvx32.sys 1e94d4e6d903e98f60c240dc841dcace5f9e8bbb0802e6648a49ab80c23318cb
sfdrvx32.sys ad23d77a38655acb71216824e363df8ac41a48a1a0080f35a0d23aa14b54460b
TmComm.sys 0909005d625866ef8ccd8ae8af5745a469f4f70561b644d6e38b80bccb53eb06
TmComm.sys cc687fe3741bbde1dd142eac0ef59fd1d4457daee43cdde23bb162ef28d04e64
VBoxDrv.sys 26f41e4268be59f5de07552b51fa52d18d88be94f8895eb4a16de0f3940cf712
vboxdrv.sys 78827fa00ea48d96ac9af8d1c1e317d02ce11793e7f7f6e4c7aac7b5d7dd490f
VBoxUSB.Sys 6071db01b50c658cf78665c24f1d21f21b4a12d16bfcfaa6813bf6bbc4d0a1e8
VBoxUSB.Sys c509935f3812ad9b363754216561e0a529fc2d5b8e86bfa7302b8d149b7d04aa
viragt64.sys 18deed37f60b6aa8634dda2565a0485452487d7bce88afb49301a7352db4e506
viragt64.sys 58a74dceb2022cd8a358b92acd1b48a5e01c524c3b0195d7033e4bd55eff4495
vmdrv.sys 32cccc4f249499061c0afa18f534c825d01034a1f6815f5506bf4c4ff55d1351
vmdrv.sys 5c0b429e5935814457934fa9c10ac7a88e19068fa1bd152879e4e9b89c103921
windbg.sys 139f8412a7c6fdc43dcfbbcdba256ee55654eb36a40f338249d5162a1f69b988
windbg.sys e1cb86386757b947b39086cc8639da988f6e8018ca9995dd669bdc03c8d39d7d
WinFlash64.sys 316a27e2bdb86222bc7c8af4e5472166b02aec7f3f526901ce939094e5861f6d
WinFlash64.sys 677c0b1add3990fad51f492553d3533115c50a242a919437ccb145943011d2bf
winio64.sys 15fb486b6b8c2a2f1b067f48fba10c2f164638fe5e6cee618fb84463578ecac9
winio64.sys e1980c6592e6d2d92c1a65acad8f1071b6a404097bb6fcce494f3c8ac31385cf

Tags

The last thing to mention is the "Category" column.
Here drivers are marked as either: "Malicious, Vulnerable driver, Vulnerable driver". In some cases the singular displays multiple known vulnerable samples, while in other cases the plural contains only one known vulnerable sample.

Question

As for this issue, I'd like to submit some of these changes, but being new to this, the question is where to start.
Would it be enough to edit the corresponding .yml files, or would it be necessary to edit the .md as well? Or what would be the recommended way (besides forking and so on)?
@MHaggis
Copy link
Contributor

MHaggis commented Jan 2, 2024

Hey thank you for this! We've been trying to battle dupes for a while. If you have the moment, editing the yaml's directly and submit the PR/Fork that way. @nasbench and I can help as things progress. We really appreciate your time and putting this all together.

@nasbench nasbench mentioned this issue Jun 27, 2024
Merged
@nasbench
Copy link
Collaborator

Still cleaning up the rest so reopening this for now

@nasbench nasbench reopened this Jul 13, 2024
@nasbench nasbench self-assigned this Aug 15, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@nasbench nasbench

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@MHaggis @nasbench @Itsredd