Update README.md

merge-requests/1/head
_xeroxz 4 years ago
parent dfbd7833d4
commit 825c4a212b

@ -9,7 +9,7 @@
HMDM is a driver mapper which uses any method to allocate kernel memory and any method to copy kernel memory to map unsigned code into the windows kernel. This project is based off of [physmeme](https://githacks.org/_xeroxz/physmeme) and is what I intended on creating originally, but was unable to. This repo contains two examples of HMDM, one with [VDM](https://githacks.org/_xeroxz/vdm) (Vulnerable Driver Manipulation of drivers exposing arbitrary physical memory read and write), and the other example using [MSREXEC](https://githacks.org/_xeroxz/msrexec) which uses any driver that can write to arbitrary MSR's to elevate to kernel execution. Besides [VDM](https://githacks.org/_xeroxz/vdm) and [MSREXEC](https://githacks.org/_xeroxz/msrexec), one could use any other method of executable kernel memory allocation and arbitrary kernel writes to interface with `drv::hmdm_ctx`. HMDM is a driver mapper which uses any method to allocate kernel memory and any method to copy kernel memory to map unsigned code into the windows kernel. This project is based off of [physmeme](https://githacks.org/_xeroxz/physmeme) and is what I intended on creating originally, but was unable to. This repo contains two examples of HMDM, one with [VDM](https://githacks.org/_xeroxz/vdm) (Vulnerable Driver Manipulation of drivers exposing arbitrary physical memory read and write), and the other example using [MSREXEC](https://githacks.org/_xeroxz/msrexec) which uses any driver that can write to arbitrary MSR's to elevate to kernel execution. Besides [VDM](https://githacks.org/_xeroxz/vdm) and [MSREXEC](https://githacks.org/_xeroxz/msrexec), one could use any other method of executable kernel memory allocation and arbitrary kernel writes to interface with `drv::hmdm_ctx`.
***WARNING:*** Neither demos (VDM or MSREXEC) will work under HVCI systems. ***WARNING:*** Neither demos (VDM or MSREXEC) will work under HVCI systems. Both demos require you to run as admin in order to load the vulnerable driver.
##### Related Work ##### Related Work

Loading…
Cancel
Save