-
A simple PoC demonstrating BYOVD by abusing the Process Hacker driver to terminate other processes, The sample has been sourced from loldrivers
-
The driver checks if the requestor has the SeDebug privilege enabled, We can bypass this check by enabling the SeDebug privilege
-
Then, it copies the handle and other passed parameters, The specific parameters used depend on the IOCTL type
-
list of process hacker IOCTLs Process Hacker IOCTLs List making it easy to abuse
-
Notifications
You must be signed in to change notification settings - Fork 7
ZeroMemoryEx/Overlord
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Folders and files
| Name | Name | Last commit message | Last commit date | |
|---|---|---|---|---|
Repository files navigation
About
abusing Process Hacker driver to terminate other processes (BYOVD)
Resources
Stars
Watchers
Forks
Releases
No releases published
Packages 0
No packages published