diff --git a/Voyager/PayLoad (AMD)/types.h b/Voyager/PayLoad (AMD)/types.h index 4ce790a..d715d67 100644 --- a/Voyager/PayLoad (AMD)/types.h +++ b/Voyager/PayLoad (AMD)/types.h @@ -5,7 +5,7 @@ #include #include -#define WINVER 1511 +#define WINVER 1507 #define VMEXIT_KEY 0xDEADBEEFDEADBEEF #define PORT_NUM 0x2F8 @@ -48,6 +48,10 @@ #define offset_vmcb_base 0x82F0 #define offset_vmcb_link 0x90 #define offset_vmcb 0xC40 +#elif WINVER == 1507 +#define offset_vmcb_base 0x82F0 +#define offset_vmcb_link 0x88 +#define offset_vmcb 0xBC0 #endif using u8 = unsigned char; diff --git a/Voyager/PayLoad (Intel)/types.h b/Voyager/PayLoad (Intel)/types.h index e08e4f9..551e4f4 100644 --- a/Voyager/PayLoad (Intel)/types.h +++ b/Voyager/PayLoad (Intel)/types.h @@ -4,7 +4,7 @@ #include #define PORT_NUM 0x2F8 -#define WINVER 1511 +#define WINVER 1507 #define DBG_PRINT(arg) \ __outbytestring(PORT_NUM, (unsigned char*)arg, sizeof arg); diff --git a/Voyager/Voyager/BootMgfw.c b/Voyager/Voyager/BootMgfw.c index 65a9ede..f22d2e2 100644 --- a/Voyager/Voyager/BootMgfw.c +++ b/Voyager/Voyager/BootMgfw.c @@ -186,6 +186,7 @@ EFI_STATUS EFIAPI InstallBootMgfwHooks(EFI_HANDLE ImageHandle) Print(L"BootMgfw Image Base -> 0x%p\n", BootMgfw->ImageBase); Print(L"BootMgfw Image Size -> 0x%x\n", BootMgfw->ImageSize); + VOID* ArchStartBootApplication = FindPattern( BootMgfw->ImageBase, @@ -198,10 +199,10 @@ EFI_STATUS EFIAPI InstallBootMgfwHooks(EFI_HANDLE ImageHandle) return EFI_NOT_FOUND; #if WINVER >= 1703 - Print(L"BootMgfw.ArchStartBootApplication -> 0x%p\n", ArchStartBootApplication); + Print(L"BootMgfw.BlImgStartBootApplication -> 0x%p\n", ArchStartBootApplication); MakeShitHook(&BootMgfwShitHook, ArchStartBootApplication, &ArchStartBootApplicationHook, TRUE); #else - Print(L"BootMgfw.ArchStartBootApplication -> 0x%p\n", RESOLVE_RVA(ArchStartBootApplication, 5, 1)); + Print(L"BootMgfw.BlImgStartBootApplication -> 0x%p\n", RESOLVE_RVA(ArchStartBootApplication, 5, 1)); MakeShitHook(&BootMgfwShitHook, RESOLVE_RVA(ArchStartBootApplication, 5, 1), &ArchStartBootApplicationHook, TRUE); #endif return EFI_SUCCESS; diff --git a/Voyager/Voyager/Hv.h b/Voyager/Voyager/Hv.h index c178027..6d42f54 100644 --- a/Voyager/Voyager/Hv.h +++ b/Voyager/Voyager/Hv.h @@ -16,9 +16,12 @@ #elif WINVER == 1803 #define INTEL_VMEXIT_HANDLER_SIG "\xF2\x80\x3D\xFC\x12\x46\x00\x00\x0F\x84\x00\x00\x00\x00\x48\x8B\x54\x24\x00\xE8\x00\x00\x00\x00\xE9" #define INTEL_VMEXIT_HANDLER_MASK "xxxxxxx?xx????xxxx?x????x" -#elif WINVER <= 1709 +#elif WINVER <= 1709 && WINVER != 1507 #define INTEL_VMEXIT_HANDLER_SIG "\xD0\x80\x00\x00\x00\x00\x00\x00\x0F\x84\x00\x00\x00\x00\x48\x8B\x54\x24\x00\xE8\x00\x00\x00\x00\xE9" #define INTEL_VMEXIT_HANDLER_MASK "xx????x?xx????xxxx?x????x" +#elif WINVER == 1507 +#define INTEL_VMEXIT_HANDLER_SIG "\x60\xC0\x0F\x29\x68\xD0\x80\x3D\x7E\xAF\x49\x00\x01\x0F\x84\x00\x00\x00\x00\xE8\x00\x00\x00\x00\xE9" +#define INTEL_VMEXIT_HANDLER_MASK "xxxxxxxxxxxxxxx????x????x" #endif #define AMD_VMEXIT_HANDLER_SIG "\xE8\x00\x00\x00\x00\x48\x89\x04\x24\xE9" diff --git a/Voyager/Voyager/Utils.h b/Voyager/Voyager/Utils.h index ef51a28..9037f58 100644 --- a/Voyager/Voyager/Utils.h +++ b/Voyager/Voyager/Utils.h @@ -1,7 +1,7 @@ #pragma once #include "ShitHook.h" -#define WINVER 1511 +#define WINVER 1507 #define PORT_NUM 0x2F8 #define BL_MEMORY_ATTRIBUTE_RWX 0x424000 #define SEC_TO_MS(seconds) seconds * 1000000 diff --git a/Voyager/Voyager/WinLoad.c b/Voyager/Voyager/WinLoad.c index 2cfc743..b419f71 100644 --- a/Voyager/Voyager/WinLoad.c +++ b/Voyager/Voyager/WinLoad.c @@ -161,7 +161,6 @@ EFI_STATUS EFIAPI BlImgLoadPEImageEx HV_LOAD_PE_IMG_FROM_BUFFER_SIG, HV_LOAD_PE_IMG_FROM_BUFFER_MASK ); - #elif WINVER <= 1607 VOID* LoadImage = FindPattern( @@ -171,7 +170,6 @@ EFI_STATUS EFIAPI BlImgLoadPEImageEx HV_LOAD_PE_IMG_MASK ); #endif - VOID* AllocImage = FindPattern( *ImageBasePtr,