From e50e70a00d7b62f5db1e93830ae696f5bbd8e5b1 Mon Sep 17 00:00:00 2001 From: _xeroxz Date: Tue, 23 Feb 2021 20:51:29 +0000 Subject: [PATCH] Update README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 40adfd4..1631616 100644 --- a/README.md +++ b/README.md @@ -5,7 +5,7 @@ msrexec is a small project that can be used to elevate arbitrary MSR writes to kernel execution on 64 bit Windows-10 systems. This project is part of the VDM (vulnerable driver manipulation) namespace and can be integrated into any prior VDM projects. Although this project falls under the VDM namespace, Voyager and bluepill can be used to provide arbitrary wrmsr writes. -### syscall +# syscall SYSCALL invokes an OS system-call handler at privilege level 0. It does so by loading RIP from the IA32_LSTAR MSR (after saving the address of the instruction following SYSCALL into RCX). (The WRMSR instruction ensures that the IA32_LSTAR MSR always contain a canonical address.)