assemblyw0t
assemblyw0t
Hey wbenny! After several years of crawling the hub, this project was the first one that actually inspired me to make an account. Not to beat a dead horse, but...
@DebugBuggin Maybe he wouldn't mind if it was in private? Would you mind helping a fellow out? My email is [email protected]. I would really appreciate it if I could get...
That's what I tried to do. I allocate kernel buffers and pass them through the same way as you did in the usermode example, but it just ends up in...
Maybe I am just dumb. But I don't see what I am doing wrong. pfnIofCallDriver IofCallDriveFn = (pfnIofCallDriver)GetSystemFunctionAddress(L"IofCallDriver"); PVOID OriginalFunction = (PVOID)IofCallDriveFn; PVOID OriginalFunctionAligned = PAGE_ALIGN(OriginalFunction); PVOID OriginalFunctionBackup = KernelAllocateMem(PAGE_SIZE...
Addresses seem fine. Debug output: 13:45:31.395 INF #3 4 32 System OriginalFunctionBackupAligned 77e0a000 13:45:31.395 INF #3 4 32 System OriginalFunctionAligned fc4c9000 But once I try to pass them through, ia32_asm_vmx_vmcall(0xc1,...
@wbenny Sorry to bother you again. I ran into a bit of a dilemma and was hoping to get some insight. I decided to go the HyperPlatform method route you...
That is some crazy fast response time. :) Thank you! I made the changes you suggested. Unfortunately, now I am freezing immediately into an eventual DPC_WATCHDOG_VIOLATION BSOD. But it has...
I ruled out the problem being in the function I'm attempting to detour into. Seems that regardless of what I change the instruction pointer to I just immediately freeze permanently....