From 421af63f20672e59de2b22a3408c15821fc23451 Mon Sep 17 00:00:00 2001
From: xerox <xerox@back.engineering>
Date: Mon, 17 Aug 2020 22:36:58 +0000
Subject: [PATCH] Update README.md

---
 README.md | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 152e2f2..c404657 100644
--- a/README.md
+++ b/README.md
@@ -29,4 +29,13 @@ the handle to the driver we can start sending IOCTL's to BattlEye. The IOCTL dat
 Now that we can ask BEDaisy to read/write for us, what are the limitations? Well first off you cannot use this to read/write the process that battleye is protecting but you can use
 this to read/write any other process you can open a simple handle too. `Rust`, `Valorant`, you name it, just open a `PROCESS_QUERY_LIMITED_INFORMATION` handle and pass it to `BEDaisy`. The reason
 this works is two fold, firstly BattlEye assumes that the handle already has this access, secondly BattlEye only uses the handle to get the `EPROCESS` so they can call `MmCopyVirtualMemory`. You can see
-this in my runtime logs of `BEDaisy`.
\ No newline at end of file
+this in my runtime logs of `BEDaisy`.
+
+```
+01301313	118.65435028	[GoodEye]MmCopyVirtualMemory called from: 0xFFFFF804DEFE2D64	
+01301314	118.65435028	[GoodEye]     - SourceProcess: csrss.exe	
+01301315	118.65435028	[GoodEye]     - SourceAddress: 0x0000005A7B5DEF38	
+01301316	118.65435028	[GoodEye]     - TargetProcess: DiscordHookHel	
+01301317	118.65435028	[GoodEye]     - TargetAddress: 0x00000074452CE308	
+01301318	118.65435028	[GoodEye]     - BufferSize: 0x0000000000000008	
+```
\ No newline at end of file