You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
15 lines
817 B
15 lines
817 B
# Old code from 6/xx/2020.
|
|
### luna-1 (AMD)
|
|
|
|
Driver gets allocated inside of the kernel using a normal pool. The Nt headers of the driver are zero'ed. Communication with this driver happens via a process specific
|
|
syscall hook (meaning the hook cannot be seen in any other context). Detected on EAC, should be fine for BattlEye.
|
|
|
|
|
|
### luna-1 (INTEL)
|
|
|
|
Driver gets allocated inside of the current process (not the kernel itself) and makes a process specific syscall hook to communicate (just like the AMD one). The AMD luna-1
|
|
also works for intel. This project is using a super old version of PSKDM which is not stable, its also using an old version of PTM and its using physmeme instead of VDM.
|
|
|
|
Not sure if EAC is enumorating all processes PML4's yet, when they do this will be detected. Should be fine for BattlEye.
|
|
|