Not working on Windows 10 Pro x64 Build 1903

eddeeh / kdmapper

driver manual mapper (outdated/for educational purposes)

MIT License

92 stars 36 forks source link

Not working on Windows 10 Pro x64 Build 1903 #1

Open hy3nA opened 5 years ago

hy3nA commented 5 years ago

[<] Loading vulnerable driver [-] Failed to get export gdi32full.NtGdiDdDDIReclaimAllocations2 [-] Failed to allocate remote image in kernel [-] Failed to map Driver.sys [<] Unloading vulnerable driver

Jerem584 commented 5 years ago

Maybe you have a ac running in the background (faceit auto run itself on windows start)

BerkanYildiz commented 5 years ago

Like the CONSOLE OUTPUT fucking says, it can't find the "NtGdiDdDDIReclaimAllocations2" function. Use another one, it's an easy fix.

ghost commented 4 years ago

cringe alert

chickentuna commented 4 years ago

NtGdiDdDDIReclaimAllocations2 is in win32u.dll, the function wrapper in gdi32full.dll has been removed. Also, lower down NtGdiDdDDIReclaimAllocations2 is in dxgkrnl.sys.

So you should replace

const auto NtGdiDdDDIReclaimAllocations2 = reinterpret_cast<void*>(GetProcAddress(LoadLibrary("gdi32full.dll"), "NtGdiDdDDIReclaimAllocations2"));

with

const auto NtGdiDdDDIReclaimAllocations2 = reinterpret_cast<void*>(GetProcAddress(LoadLibrary("win32u.dll"), "NtGdiDdDDIReclaimAllocations2"));

and

const uint64_t kernel_NtGdiDdDDIReclaimAllocations2 = GetKernelModuleExport(device_handle, utils::GetKernelModuleAddress("win32kbase.sys"), "NtGdiDdDDIReclaimAllocations2");

with

const uint64_t kernel_NtGdiDdDDIReclaimAllocations2 = GetKernelModuleExport(device_handle, utils::GetKernelModuleAddress("dxgkrnl.sys"), "NtGdiDdDDIReclaimAllocations2");

Not sure if that'll be enough to make this work again though.

sysenter0 commented 4 years ago

I did a test. win10 1904, But bsod occurs.

BerkanYildiz commented 4 years ago

Maybe bother understanding the code properly first, jesus fucking christ.

chickentuna commented 4 years ago

I tried and also got a BSOD. Sorry, there's more going on than what I expected. BerkanYildiz has all the answers of course but has decided to help by motivating us through abuse, rather than the more traditional hints and/or explanations.

BerkanYildiz commented 4 years ago

You're most likely mapping a driver with invalid project settings and/or non-manualmap designed.

chickentuna commented 4 years ago

Ok, I'm pretty sure this is what you need KoreaHck: https://github.com/sunriseiscool/kdmapper/commit/f7c4d3bf40046be873792ee85fab8710ff7ef52e

Really, you can just clone that fork and try building again => https://github.com/sunriseiscool/kdmapper

sysenter0 commented 4 years ago

I have already changed win32u, dxg and test yesterday but intel driver was occurs bsod. Today your project will test and notify result. thx

Imba6 commented 2 years ago

Does it still has any options with this issue? github profile @chickentuna wrote doesn't work.