A simple syscall wrapper that requires no handles to perform operations with PROCESS_ALL_ACCESS
privilege.
This branch is the modified version that uses no SEH, but still does safe operations (results in slower execution). This branch also utilizes a different syscall hook for communication via a .data
section modification in the kernel.
- Load the driver.
- Load the DLL (wrapper) into a program that needs to open a handle to a protected process.
- The program can now perform privileged operations without creating a real handle.
- note to the last dev i push some comments for you
- The wrapper is designed to be loaded in a x64 process and only implements the syscalls that pertain to my workflow.
- Only tested on Windows 10 1903, 1809, and 1803.
we are going to update this soon
not today, patch note fn with go alone
i am going to find a way to make some noie gate for this app
ok lets go today i need some people for help