From cb4e604d70c5198cd41d0fde338ab8eced28591d Mon Sep 17 00:00:00 2001 From: xerox Date: Wed, 4 Nov 2020 21:42:27 -0800 Subject: [PATCH] updated nasa-tables in this project --- nasa-injector/injector_ctx/injector_ctx.cpp | 4 +++- nasa-injector/main.cpp | 13 +++++++------ nasa-injector/mem_ctx/mem_ctx.cpp | 5 ++--- 3 files changed, 12 insertions(+), 10 deletions(-) diff --git a/nasa-injector/injector_ctx/injector_ctx.cpp b/nasa-injector/injector_ctx/injector_ctx.cpp index 3d87872..b126c3f 100644 --- a/nasa-injector/injector_ctx/injector_ctx.cpp +++ b/nasa-injector/injector_ctx/injector_ctx.cpp @@ -16,7 +16,9 @@ namespace nasa // zero inserted pml4e's... for (const auto [real_idx, inserted_idx] : this->pml4_index_map) - pml4[inserted_idx] = {}; + pml4[inserted_idx] = pml4e{ NULL }; + + while (!SwitchToThread()); } bool injector_ctx::init() const diff --git a/nasa-injector/main.cpp b/nasa-injector/main.cpp index 588fd69..8edcad6 100644 --- a/nasa-injector/main.cpp +++ b/nasa-injector/main.cpp @@ -16,6 +16,13 @@ int __cdecl main(int argc, char** argv) nasa::mem_ctx notepad_proc(vdm, util::get_pid("notepad.exe")); nasa::injector_ctx injector(&my_proc, ¬epad_proc); + // driver no longer needs to be loaded since paging tables are all setup :^) + if (!vdm::unload_drv(drv_handle, drv_key)) + { + std::printf("[!] unable to unload vulnerable driver...\n"); + return -1; + } + if (!injector.init()) { std::printf("[!] failed to init injector_ctx...\n"); @@ -31,12 +38,6 @@ int __cdecl main(int argc, char** argv) std::printf("[+] ntdll reverse inject address -> 0x%p\n", ntdll_inject_addr); std::printf("[+] ntdll MZ -> 0x%x\n", *(short*)ntdll_inject_addr); - if (!vdm::unload_drv(drv_handle, drv_key)) - { - std::printf("[!] unable to unload vulnerable driver...\n"); - return -1; - } - std::printf("[+] press any key to close...\n"); std::getchar(); } \ No newline at end of file diff --git a/nasa-injector/mem_ctx/mem_ctx.cpp b/nasa-injector/mem_ctx/mem_ctx.cpp index 2c5f10a..ac71fc8 100644 --- a/nasa-injector/mem_ctx/mem_ctx.cpp +++ b/nasa-injector/mem_ctx/mem_ctx.cpp @@ -76,9 +76,8 @@ namespace nasa mem_ctx::~mem_ctx() { - // remove pml4e - pml4e null_value{ NULL }; - set_pml4e(reinterpret_cast<::ppml4e>(get_dirbase()) + this->pml4e_index, null_value, true); + set_pml4e(reinterpret_cast<::ppml4e>(get_dirbase()) + this->pml4e_index, pml4e{NULL}); + while (!SwitchToThread()); } void* mem_ctx::set_page(void* addr)