Skip to content
This repository has been archived by the owner on Aug 21, 2023. It is now read-only.
/ DataCommunication Public archive

A kernelmode driver swapping a .data pointer in the kernel to perform communication between the kernel and usermode.

License

MIT license
139 stars 31 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Sinclairq/DataCommunication

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
driver
driver
 
 
usermode
usermode
 
 
DataCommunication.sln
DataCommunication.sln
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

DataCommunication

A kernelmode driver swapping a .data pointer in the kernel to perform communication between the kernel and usermode.

Information

DISCLAIMER! This will trigger PG (PatchGuard) on 2004 (untested on others.) If you try to use this raw project your system will crash after a while.

The driver will take care of the hook on the .data function residing in ntoskrnl.exe, so the driver must be loaded first. Once the driver is loaded, run the program with the correct arguments to see if the communication has been setup correctly.

Features

  • Pattern Scanner
  • Fast communication to perform r/w operations and else.
  • Get the base of any process relative to it's process ID.
  • etc...

Usage

Example This PoC has only been tested on 2004, but may work on 1909, and 1903.

About

A kernelmode driver swapping a .data pointer in the kernel to perform communication between the kernel and usermode.

Resources

Readme

License

MIT license
Activity

Stars

139 stars

Watchers

4 watching

Forks

31 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages