added 1507 support

merge-requests/1/merge
xerox 4 years ago
parent 9c82ec58be
commit 1791b95bc1

@ -5,7 +5,7 @@
#include <ntstatus.h> #include <ntstatus.h>
#include <basetsd.h> #include <basetsd.h>
#define WINVER 1511 #define WINVER 1507
#define VMEXIT_KEY 0xDEADBEEFDEADBEEF #define VMEXIT_KEY 0xDEADBEEFDEADBEEF
#define PORT_NUM 0x2F8 #define PORT_NUM 0x2F8
@ -48,6 +48,10 @@
#define offset_vmcb_base 0x82F0 #define offset_vmcb_base 0x82F0
#define offset_vmcb_link 0x90 #define offset_vmcb_link 0x90
#define offset_vmcb 0xC40 #define offset_vmcb 0xC40
#elif WINVER == 1507
#define offset_vmcb_base 0x82F0
#define offset_vmcb_link 0x88
#define offset_vmcb 0xBC0
#endif #endif
using u8 = unsigned char; using u8 = unsigned char;

@ -4,7 +4,7 @@
#include <cstddef> #include <cstddef>
#define PORT_NUM 0x2F8 #define PORT_NUM 0x2F8
#define WINVER 1511 #define WINVER 1507
#define DBG_PRINT(arg) \ #define DBG_PRINT(arg) \
__outbytestring(PORT_NUM, (unsigned char*)arg, sizeof arg); __outbytestring(PORT_NUM, (unsigned char*)arg, sizeof arg);

@ -186,6 +186,7 @@ EFI_STATUS EFIAPI InstallBootMgfwHooks(EFI_HANDLE ImageHandle)
Print(L"BootMgfw Image Base -> 0x%p\n", BootMgfw->ImageBase); Print(L"BootMgfw Image Base -> 0x%p\n", BootMgfw->ImageBase);
Print(L"BootMgfw Image Size -> 0x%x\n", BootMgfw->ImageSize); Print(L"BootMgfw Image Size -> 0x%x\n", BootMgfw->ImageSize);
VOID* ArchStartBootApplication = VOID* ArchStartBootApplication =
FindPattern( FindPattern(
BootMgfw->ImageBase, BootMgfw->ImageBase,
@ -198,10 +199,10 @@ EFI_STATUS EFIAPI InstallBootMgfwHooks(EFI_HANDLE ImageHandle)
return EFI_NOT_FOUND; return EFI_NOT_FOUND;
#if WINVER >= 1703 #if WINVER >= 1703
Print(L"BootMgfw.ArchStartBootApplication -> 0x%p\n", ArchStartBootApplication); Print(L"BootMgfw.BlImgStartBootApplication -> 0x%p\n", ArchStartBootApplication);
MakeShitHook(&BootMgfwShitHook, ArchStartBootApplication, &ArchStartBootApplicationHook, TRUE); MakeShitHook(&BootMgfwShitHook, ArchStartBootApplication, &ArchStartBootApplicationHook, TRUE);
#else #else
Print(L"BootMgfw.ArchStartBootApplication -> 0x%p\n", RESOLVE_RVA(ArchStartBootApplication, 5, 1)); Print(L"BootMgfw.BlImgStartBootApplication -> 0x%p\n", RESOLVE_RVA(ArchStartBootApplication, 5, 1));
MakeShitHook(&BootMgfwShitHook, RESOLVE_RVA(ArchStartBootApplication, 5, 1), &ArchStartBootApplicationHook, TRUE); MakeShitHook(&BootMgfwShitHook, RESOLVE_RVA(ArchStartBootApplication, 5, 1), &ArchStartBootApplicationHook, TRUE);
#endif #endif
return EFI_SUCCESS; return EFI_SUCCESS;

@ -16,9 +16,12 @@
#elif WINVER == 1803 #elif WINVER == 1803
#define INTEL_VMEXIT_HANDLER_SIG "\xF2\x80\x3D\xFC\x12\x46\x00\x00\x0F\x84\x00\x00\x00\x00\x48\x8B\x54\x24\x00\xE8\x00\x00\x00\x00\xE9" #define INTEL_VMEXIT_HANDLER_SIG "\xF2\x80\x3D\xFC\x12\x46\x00\x00\x0F\x84\x00\x00\x00\x00\x48\x8B\x54\x24\x00\xE8\x00\x00\x00\x00\xE9"
#define INTEL_VMEXIT_HANDLER_MASK "xxxxxxx?xx????xxxx?x????x" #define INTEL_VMEXIT_HANDLER_MASK "xxxxxxx?xx????xxxx?x????x"
#elif WINVER <= 1709 #elif WINVER <= 1709 && WINVER != 1507
#define INTEL_VMEXIT_HANDLER_SIG "\xD0\x80\x00\x00\x00\x00\x00\x00\x0F\x84\x00\x00\x00\x00\x48\x8B\x54\x24\x00\xE8\x00\x00\x00\x00\xE9" #define INTEL_VMEXIT_HANDLER_SIG "\xD0\x80\x00\x00\x00\x00\x00\x00\x0F\x84\x00\x00\x00\x00\x48\x8B\x54\x24\x00\xE8\x00\x00\x00\x00\xE9"
#define INTEL_VMEXIT_HANDLER_MASK "xx????x?xx????xxxx?x????x" #define INTEL_VMEXIT_HANDLER_MASK "xx????x?xx????xxxx?x????x"
#elif WINVER == 1507
#define INTEL_VMEXIT_HANDLER_SIG "\x60\xC0\x0F\x29\x68\xD0\x80\x3D\x7E\xAF\x49\x00\x01\x0F\x84\x00\x00\x00\x00\xE8\x00\x00\x00\x00\xE9"
#define INTEL_VMEXIT_HANDLER_MASK "xxxxxxxxxxxxxxx????x????x"
#endif #endif
#define AMD_VMEXIT_HANDLER_SIG "\xE8\x00\x00\x00\x00\x48\x89\x04\x24\xE9" #define AMD_VMEXIT_HANDLER_SIG "\xE8\x00\x00\x00\x00\x48\x89\x04\x24\xE9"

@ -1,7 +1,7 @@
#pragma once #pragma once
#include "ShitHook.h" #include "ShitHook.h"
#define WINVER 1511 #define WINVER 1507
#define PORT_NUM 0x2F8 #define PORT_NUM 0x2F8
#define BL_MEMORY_ATTRIBUTE_RWX 0x424000 #define BL_MEMORY_ATTRIBUTE_RWX 0x424000
#define SEC_TO_MS(seconds) seconds * 1000000 #define SEC_TO_MS(seconds) seconds * 1000000

@ -161,7 +161,6 @@ EFI_STATUS EFIAPI BlImgLoadPEImageEx
HV_LOAD_PE_IMG_FROM_BUFFER_SIG, HV_LOAD_PE_IMG_FROM_BUFFER_SIG,
HV_LOAD_PE_IMG_FROM_BUFFER_MASK HV_LOAD_PE_IMG_FROM_BUFFER_MASK
); );
#elif WINVER <= 1607 #elif WINVER <= 1607
VOID* LoadImage = VOID* LoadImage =
FindPattern( FindPattern(
@ -171,7 +170,6 @@ EFI_STATUS EFIAPI BlImgLoadPEImageEx
HV_LOAD_PE_IMG_MASK HV_LOAD_PE_IMG_MASK
); );
#endif #endif
VOID* AllocImage = VOID* AllocImage =
FindPattern( FindPattern(
*ImageBasePtr, *ImageBasePtr,

Loading…
Cancel
Save