Documentation on compiling the exploits #60
Comments
|
Hi @0xAtticus the exploit for this is pretty old - Windows 7 x86 and it won't work on Windows 10 or later. There are tons of exploit that works on Windows 10 and 11 x64. It's really hard to keep the exploit working for each version as techniques get killed very often. |
|
Hi @hacksysteam thank you very much for your response. Of course, I understand that we cannot expect exploits to keep working when switching major versions of operating systems. This is why I expected the exploits to also work on Windows 10. Maybe we could change the phrasing to reflect the fact that some exploits will not work on Windows 10 x64 ? Thank you very much, |
|
@0xAtticus Thank you for the suggestion, I will update the text and try to add compilation of the exploit for Windows 7 x86 |
I see that the 3.00 version of the release does not contain compiled Exploit, so I wanted to compile them myself.
I am running on Windows 10 x64, with Visual Studio Code 2022.
I ran the .bat file in
C:\Users\user\Documents\HackSysExtremeVulnerableDriver-master\Builder\Build_HEVD_Exploit.bat.However, when then running
C:\Users\user\Documents\HackSysExtremeVulnerableDriver-master\compile\exploit\HackSysEVDExploit.exe, I get the following output (option was-a -c cmd)[+] Starting Arbitrary Memory Overwrite Exploitation [+] Creating The Exploit Thread [+] Exploit Thread Handle: 0x190 [+] Getting Device Driver Handle [+] Device Name: \\.\HackSysExtremeVulnerableDriver [+] Device Handle: 0x194 [+] Setting Up Vulnerability Stage [+] Allocating Memory For WRITE_WHAT_WHERE Structure [+] Memory Allocated: 0x013E55A8 [+] Allocation Size: 0x8 [+] Gathering Information About Kernel [+] Loaded Kernel: ntoskrnl.exe [+] Kernel Base Address: 0x7CA00000 [-] Failed To Load Kernel: 0x7ELooking the documentation, I see that
0x7EmeansERROR_MOD_NOT_FOUND. However, I can see the fileC:\Windows\System32\ntoskrnl.exe.Edit:
I feel like this is because the application is compiled in 32 bits, but try to load
ntoskrnl.exethat is 64-bit. If I actually Loadntoskrnl.exewithLoadLibraryEx("C:\\Windows\\System32\\ntoskrnl.exe", NULL, LOAD_LIBRARY_AS_DATAFILE);, it loads successfully, but fails to findHalDispatchTableproc address afterwards.However, I could not find a way to compile the exploit in 64 bits for now. Espececially
Payloads.c, because it looks like inline assembly is not supported in 64 bits by Visual Studio ?error C4235: nonstandard extension used: '__asm' keyword not supported on this architectureWhat I am missing to get the exploits running ? (I am in a VirtualBox VM)
Thank you very much,
Atticus
The text was updated successfully, but these errors were encountered: