xerox
4f46cd8ab3
|
4 years ago | |
|---|---|---|
| Usermode Example | 4 years ago | |
| Voyager-1 | 4 years ago | |
| Voyager-2 | 4 years ago | |
| img | 4 years ago | |
| README.md | 4 years ago | |
| launch.bat | 4 years ago | |
README.md
Voyager - A Hyper-V Hacking Framework For Windows 10 x64 (AMD & Intel)
Voyager is a project designed to offer module injection and vmexit hooking for both AMD & Intel versions of Hyper-V. This project works on all versions of Windows 10-x64 (2004-1511). The project is currently split into two individual projects, one for Intel and another for AMD.
Versions & Support
⭕ -> unknown/not tested. ✔️ -> tested & working. ❌ -> tested & not working.
| Winver | AMD | Intel | VM | Bare Metal |
|---|---|---|---|---|
| 2004 | ✔️ | ✔️ | ✔️ | ✔️ |
| 1909 | ✔️ | ✔️ | ✔️ | ⭕ |
| 1903 | ✔️ | ✔️ | ✔️ | ⭕ |
| 1809 | ✔️ | ✔️ | ✔️ | ⭕ |
| 1807 | ✔️ | ✔️ | ✔️ | ⭕ |
| 1803 | ✔️ | ✔️ | ✔️ | ⭕ |
| 1709 | ✔️ | ✔️ | ✔️ | ⭕ |
| 1703 | ✔️ | ✔️ | ✔️ | ⭕ |
| 1607 | ✔️ | ✔️ | ✔️ | ⭕ |
| 1511 | ✔️ | ✔️ | ✔️ | ⭕ |
Compiling & Deploying
To compile Voyager for your desired Windows 10 version, please change the WINVER macro in both the types.h (found in the PayLoad solution), and WINVER in Utils.h. Then use
HXD to export the payload as a C array. Replace the array found in PayLoad.c with your payload. Next you are going to want to bundle the bootmgfw file with the newly compiled Voyager.efi file. Using the bundler I made: efi-bundler.exe bootmgfw.efi voyager.efi.
To deploy this you must replace bootmgfw inside of your EFI partition. First you are going to mount the partition with mountvol X: /S, X: being the label you want to mount your EFI partition too.
Then rename bootmgfw.efi found in: EFI\Microsoft\Boot to bootmgfw.efi.backup.