Added patch signature sethc.exe -> cmd.exe for all Windows versions

ufrisk / pcileech

Direct Memory Access (DMA) Attack Software

GNU Affero General Public License v3.0

4.87k stars 718 forks source link

Added patch signature sethc.exe -> cmd.exe for all Windows versions #5

Closed signal-5 closed 8 years ago

signal-5 commented 8 years ago

Just wanted to make a pull request for one file (stickykeys_cmd_win.sig). //Sigtrap

ufrisk commented 8 years ago

Very nice pull request =)

Will wait to take action until after next weeks SEC-T talk though. Will release pcileech 1.1 then - which will support wildcard signature offsets. This will enable the possibility to specify almost all possible offsets in one signature line. (only almost since signatures crossing 4k page boundaries are unsupported).

signal-5 commented 8 years ago

I'll update the signatures for PCILeech 1.1