- the `PULONG NumberOfBytesRead` pointer cannot be a kernel address (sorry tried lol)
- you cannot read/write to the process being protected by battleye
- bedaisy has to be loaded for this to work
- you must be inside of lsass.exe
- lsass.exe cannot be a protected process. (some systems protect lsass.exe)
# lsass.exe/csrss.exe
# lsass.exe/csrss.exe
This section will go into detail about what exactly is going on here. csrss.exe/lsass.exe have handles to all processes and since battleye strips the R/W access of the handle that these processes have
This section will go into detail about what exactly is going on here. csrss.exe/lsass.exe have handles to all processes and since battleye strips the R/W access of the handle that these processes have