8000 GitHub - luukjp/shadow_map_cr3: resolve user directory base via shadow mapping · GitHub
[go: up one dir, main page]
Skip to content

luukjp/shadow_map_cr3

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
shadow_map_cr3
shadow_map_cr3
 
 
.gitattributes
.gitattributes
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 

Repository files navigation

Shadow map CR3

PoC to retrieve the user CR3 for a process using the ShadowMapping field in the _EPROCESS struct. This approach relies on hardcoded offsets, valid for systems running Windows 10 2004 through Windows 11 23H2.

KVAS must be enabled. If KVAS is disabled, the ShadowMapping field in _EPROCESS is will be invalid and the CR3 cannot be extracted.

About

resolve user directory base via shadow mapping

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages
0