From 7e51f4f4271c3d594d0f11eb7a7cc3d566f1b4d2 Mon Sep 17 00:00:00 2001 From: _xeroxz Date: Wed, 7 Oct 2020 22:41:39 +0000 Subject: [PATCH] Update README.md --- README.md | 14 -------------- 1 file changed, 14 deletions(-) diff --git a/README.md b/README.md index 08806b2..407b3ec 100644 --- a/README.md +++ b/README.md @@ -18,20 +18,6 @@ Voyager is a project designed to offer module injection and vmexit hooking for both AMD & Intel versions of Hyper-V. This project works on all versions of Windows 10-x64 (2004-1511). The project is currently split into two individual projects, one for Intel and another for AMD. -# Voyager 1 - Intel - -Voyager 1 contains all the code associated with the Intel part of this project. Since intel has vmread/vmwrite instructions all that is needed is a simple hook on the vmexit handler -and interception can commence. - -The payload solution contains a small CPUID interception example. I plan on expanding my examples to include EPT hooking and module injection/module shadowing. I also -need to locate the self referencing pml4e in hyper-v's pml4 :|.... - -# Voyager 2 - AMD - -Voyager 2 contains all the code associated with the AMD part of this project. Since AMD has no vmread/vmwrite operation, only vmsave/vmload I had to locate -the linear virtual address of the VMCB for every version of windows. GS register contains a pointer to a structure defined by MS, this structure contains alot of stuff. -Deep in this structure is a linear virtual address to the current cores VMCB. - # Versions & Support :o: -> unknown/not tested.