hv icon indicating copy to clipboard operation
hv copied to clipboard
Published 1 year ago verified publisher icon jonomango

get_physical_address() failing win10 2004/10.0.19041.1

Open VMHolePuncher opened this issue 2 years ago • 3 comments

If the hv is loaded after the system has some runtime on it, the function get_physical_address in the example um project fails. I am unable to check if it is actually get_hv_base that is failing at the moment, but I will update the issue with the results.

VMHolePuncher avatar Jul 20 '23 07:07 VMHolePuncher

Sorry, the example in the um project won't work. It is leftover code from when I was debugging EAC and that virtual address is most likely invalid.

jonomango avatar Jul 20 '23 07:07 jonomango

The hv_size variable is probably wrong then. It should be set to the SizeOfImage for the compiled hv.sys. You can find this with PE-Bear or a similar tool. If the issue still occurs even with the correct size, then I'll re-open the issue.

jonomango avatar Jul 20 '23 07:07 jonomango

I've check with PE-Bear and the SizeOfImage is the same as in the example.

VMHolePuncher avatar Jul 20 '23 08:07 VMHolePuncher