can1357
commented
6 years ago This exploit does not work on VMware, that's your problem. You can only simulate it on VMware by loading an unsigned kernel driver, setting gsbase yourself and raising a #DB.
Closed adauish closed 6 years ago
can1357
commented
6 years ago This exploit does not work on VMware, that's your problem. You can only simulate it on VMware by loading an unsigned kernel driver, setting gsbase yourself and raising a #DB.
adauish
commented
6 years ago You say that I can only simulate it on VMware by loading an unsigned kernel driver, setting gsbase myself and raising a #DB. Can u explain more in details?
can1357
commented
6 years ago 1) Load unsigned kernel driver 2) Allocate memory for new GS 3) Set debug registers using __writedr 4) swapgs 5) Set gs base 6) Access the breakpointed memory and raise a #DB 7) Debug and profit.
Hi, bro! I'm a new guy to kernel exploit. I set up the kernel debug environment with Virtual KD and WinDbg. After that, I run the exp, but it can't perform privilege escalation successfully. I tested this on Windows 10 1709 in the Vmware with kernel debug mode. I don't know whether the KernelShellcode is executed or not. So I want to debug it. But I dont know how to do. It always stoped on int 3, and then I dont know how to simulate #DB event as you said, so I just type command 'g' in WinDbg. I'm so confused. Can you help me solve this?
