Skip to content

Commit

Permalink
v 1.1.2
Browse files Browse the repository at this point in the history 
Added Dell dbutil_2_3 driver as provider 16
  • Loading branch information
@hfiref0x
hfiref0x committed Jan 26, 2022
1 parent 6255330 commit a1a4f5f
Show file tree
Hide file tree
Showing 35 changed files with 331 additions and 41 deletions.
63 changes: 33 additions & 30 deletions KDU.sha256
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,18 +29,18 @@ d45cf40c855a135898e4b35d0b5b2d00e3ad251a97d3f47990248116f22ff45e *Source\Example
10b9fe09b9357cb3c35a00a8b09ae24141ec5941a37c461c2a296d822aa2b512 *Source\Examples\DummyDrv2\dummy\r3request.c
cdfccae79b68bc7e66063d9a625caf32ef834e9e050b658b2bfa180b806290f8 *Source\Hamakaze\compress.cpp
09fa3cdaa1416b81ba5ee304cf24897726902b9d33a76d879f604b7fe26b4dcc *Source\Hamakaze\compress.h
b30853575b186c4099dde4fce936d27d2834a1019765840460159439d1bc090b *Source\Hamakaze\consts.h
86afb10ba8a7084ff696c82bc24e3c55dc206d254812d7c54d96bcfac6447392 *Source\Hamakaze\consts.h
405d06a619c3f8194af6ed4953f4facbcd1b9cf839ab085a64825131b44e9533 *Source\Hamakaze\drvmap.cpp
bf441b39bc025f2222b1e40fd1afde4fe997b251bce19423cc02b462c5ca929e *Source\Hamakaze\drvmap.h
bbe92082740904e98938dbf615ca5c90fecc436eba56b4de01a50e4879bd1b3e *Source\Hamakaze\dsefix.cpp
c8b1ae58b617d925bf2a19fd5c0a21071f653458d175482c2f2e74b55ecb6066 *Source\Hamakaze\dsefix.h
bea7c37207b9160e562bbe04e4a0b804467634ce6d114fee52a87c6b352c73e9 *Source\Hamakaze\global.h
d6d1e1a916e54a41b73b6740e5cd17e8ed725042b42afe4e24e96bc459acce55 *Source\Hamakaze\KDU.vcxproj
f24019144307507c2a4fa3db848a23d6ca89944b74e2680dc8b79bec61dcec15 *Source\Hamakaze\KDU.vcxproj.filters
f9d0075b42116ff8331bd56e43769bfb30da0af069a513fd8e9e5bedfacfe965 *Source\Hamakaze\KDU.vcxproj.user
d5f54cef36de5009beecc81f2ef44cd2009fd6e3a382fe66bae847d37e18e158 *Source\Hamakaze\kduplist.h
d117758bfc6a038b8f5af4556c893a2e9616007daca8f62ee13460ea75772d56 *Source\Hamakaze\kduprov.cpp
7ccdee6ecf37bcccb7a029f020d66528ad26b32d4b036501371e4ffb3219daa5 *Source\Hamakaze\kduprov.h
de7f5d11ae1790b00907a4bc6384c8cbdedb20292f10628307f421f153c3909c *Source\Hamakaze\KDU.vcxproj
27e4c97365a3e159daf3e647ef0638ad1bde3f1a8a1c0de1a6fc347b3b99d5c8 *Source\Hamakaze\KDU.vcxproj.filters
b7b1235cb84a7754401acde239646dd2b4e86452e7758e6ea8527b9978bd6ae7 *Source\Hamakaze\KDU.vcxproj.user
0ac4d7bbc700ba7bc9dd4cd52c8b74742960f9ad3244d1d91b306b856984ae76 *Source\Hamakaze\kduplist.h
06bb890b75d1a70c8a60b6449370020b62e7206ede03de53931a443c7feabad8 *Source\Hamakaze\kduprov.cpp
9e450c9ff2916acb17ce411e422a2579c9b422d6c5b270fa1cc0fbfefecebc58 *Source\Hamakaze\kduprov.h
87e503a96c3e3cd978658b604ef3944854670d2d1bc870a481db66a0a2daec38 *Source\Hamakaze\main.cpp
e1a8de39e2d3d0bae5d9bbe1b18e849f5d070feb1d37f838176ede5a401f35ec *Source\Hamakaze\pagewalk.cpp
545ecf7e669b6b28753a02e33fae6f503750d26cf0bf9089701f401fd24e0dd1 *Source\Hamakaze\pagewalk.h
Expand All @@ -52,7 +52,7 @@ fbeefc07c581f2c75233f36878d1e345e9d4916853eb6bcadccdfa9c5fe894bf *Source\Hamakaz
47f83ecc1674a80151a89994af0242e41a1638eea3fe61b9aceaa0ac437f2b13 *Source\Hamakaze\shellcode.h
41a98d55095b3873b8d3057e223f440a34f992850436efd21024dc491d33a1d5 *Source\Hamakaze\sup.cpp
0d9c39f3b13871c096318adee651f89cd11ba9cab0d81644e3fb8f5ada3a8a85 *Source\Hamakaze\sup.h
d07e9217e8b4a0f23d2cd1d859def31e350d6784471137c482647c6a79ca1ebf *Source\Hamakaze\tests.cpp
9cfa6e8825aeacba88805cf36d95c1f42a5074638c87cf3ecbdf670ad0ded452 *Source\Hamakaze\tests.cpp
ad77ae168188a9748713ab5f7532447ca50a539fa8ebbec5ac86b273696b028e *Source\Hamakaze\tests.h
e0564204976bd689d0dfb07be5f511c9f778848afb67cd62b56a01492f03bf7f *Source\Hamakaze\victim.cpp
57f9d6b92de51d66e43f12e9caceb2229a0aa4e84a43081d50cb632256c771a0 *Source\Hamakaze\victim.h
Expand All @@ -63,9 +63,11 @@ fd5b39e2865e12b9525ebda8fd9e9658b341ead5932d1bcb412a189f81ca42ca *Source\Hamakaz
0b6c69ad498e67907e0c574ab06123aee4ec30c99fa181099ea929a8d820bfc1 *Source\Hamakaze\hde\table64.h
b060200c94e87f7264dbc670f79d8c692211cca292b4889a893c21c951ededc1 *Source\Hamakaze\idrv\atszio.cpp
015a6aff991174a881650c61fe1b28c5bfe3116a02a32abe5295ff389c5b7099 *Source\Hamakaze\idrv\atszio.h
ddfd650552905c29e5e5e4730e4a9e797543975cc6d91d9f632cda2cec74371b *Source\Hamakaze\idrv\dbutil23.cpp
a0a0379f23b15c83e9e331dcbee75a0fd10af07fe5cfda34df8cd3a356360dba *Source\Hamakaze\idrv\dbutil23.h
1fb270ea167913df0fbc8785fadf108bc102fdf527570d81ca003f3f6ff1a6d1 *Source\Hamakaze\idrv\directio64.cpp
73a97fa34df9c0733981536f2079d1eab89bfaf36b4c5d0003cb87d504764ec3 *Source\Hamakaze\idrv\directio64.h
4147930f8df8b76108bfba6f28974f684d0abf13ac69234ebecde60f7209c213 *Source\Hamakaze\idrv\gmer.cpp
fd8a96c13cb33dfaf06f6029d15c062430c9bfd9cf49241651e5fcf62e505034 *Source\Hamakaze\idrv\gmer.cpp
d14a2c9433dd4e5b765c7fef2910e12b251783a3805227ab1f6e1cd0e563e956 *Source\Hamakaze\idrv\gmer.h
8bcc062ab27f293c35df032340e761f18013d978fd3df33fbaca3a30a2726b5f *Source\Hamakaze\idrv\lha.cpp
dcb5da7acb4997abbde8372a8daf74dae5727ca5cbf80b26876fdb4cb2a0bc08 *Source\Hamakaze\idrv\lha.h
Expand Down Expand Up @@ -112,28 +114,29 @@ f66c8a7d577c5daad5ccb9d7b1269b2ef274914cf0ed9bb9c8ca3f1755ed26df *Source\Taigei\
8b14163e1cf7ca090fe44dcf2342eb8a9eac03821b5ff20fd51a16966061d4a7 *Source\Taigei\Taigei.vcxproj
c06a15e597a68a248263c0e417b21b4b5f32fbd6685871d10e8cc5a22db2cfc3 *Source\Taigei\Taigei.vcxproj.filters
c06a75b13f855a94d46616796e024c52b499f8f92cf00ccb571ddbc6ff574676 *Source\Taigei\Taigei.vcxproj.user
394e8627124e6981b1677decb00aa1b85870dab268d1c17d33cc5729b4788641 *Source\Tanikaze\resource.h
8b2be45db06e2f213b8d58e440d47b37805ba9ddf41a604f0750a7a58c0cb807 *Source\Tanikaze\resource.rc
006c60e22679fe3246e6f6a525ca214d9c29ed712ba6efa81d96f69ecc9d57c1 *Source\Tanikaze\Tanikaze.vcxproj
5a39fc12ff3bbefec23cd546cb3161728acd812dc41a6cbc5951724896273767 *Source\Tanikaze\Tanikaze.vcxproj.filters
276d982c42eeb1e7cf297cf14c8d505b304611b7f125f291177c3def83aa9826 *Source\Tanikaze\resource.h
546ccc6cc3e4c4fa0ddedd156812b96138123f2c3778d41ed28c49d9decdea63 *Source\Tanikaze\resource.rc
424c52b37168318da1386f46768fcb723335c9e59f3fc9b45defbbb5ff20ee00 *Source\Tanikaze\Tanikaze.vcxproj
e96e987e413cbc3ed3babc49fd6872b5a7241abc8dd4df585cf33f59a97a748d *Source\Tanikaze\Tanikaze.vcxproj.filters
c06a75b13f855a94d46616796e024c52b499f8f92cf00ccb571ddbc6ff574676 *Source\Tanikaze\Tanikaze.vcxproj.user
1804750bbfcaefc0b55c4ee122c09d6d5e125b47c9f2fa8d00a176df43010362 *Source\Tanikaze\drv\asio2.bin
ebf8c858ba2a170f13b418a6e75610df657c6a5ce2f0e1c88c24b60278bf272c *Source\Tanikaze\drv\ATSZIO64.bin
15296a3dc039d797c6e7c1548bc506d66998464fd1b2d8e90498e205a2c8d4a0 *Source\Tanikaze\drv\DirectIo64.bin
348eccb3a74d142e74f287e1cbf914903663ee058a9703ccbe458954a35e652b *Source\Tanikaze\drv\ene2.bin
f694b0a354a38f70eb3c41464d473b0bfcce8185fb40b3f3b0453e6df07e4740 *Source\Tanikaze\drv\EneIo64.bin
4197847938cff5c226f8938b1d8a6894a0997fb337a1809177e80ebc5fcb6e9c *Source\Tanikaze\drv\EneTechIo64.bin
e07ceced20bac934215adbb55049dd767e64af682bc0185c951d7325936f50fe *Source\Tanikaze\drv\gdrv.bin
87aec07c2c10f012533af6269c2fc2e721a1169ecf1bd8a05fed15cc56b72810 *Source\Tanikaze\drv\GLCKIO2.bin
17ea8cdc987b627a7ba3da878bc21a53ca4c324bc915d378cf446b331e00b43a *Source\Tanikaze\drv\gmerdrv.bin
7ce346b04193979301f3d7068e8e5454691a21ce10e69d453ac86abb09647536 *Source\Tanikaze\drv\iQVM64.bin
53ae700dde27ba24b23c9793061bf12d1bfd5bf33e7ace06cbfd89ca7f556485 *Source\Tanikaze\drv\lha.bin
44aa2a3bedea40e9aac07d3917abcf2d2c0bfb08eeac4dea8c3a989ffe1c6a88 *Source\Tanikaze\drv\MsIo64.bin
ab70b038f8d302390b8457de01e1ba38d749b8184f2ec848dce0911de53b8d76 *Source\Tanikaze\drv\Phymemx64.bin
0e87f9a95d029a26870470e0286a7acd4ead7061310e597201367cc4a7e83f22 *Source\Tanikaze\drv\procexp.bin
5a17fa828e625ec605f590935ad7f50c9bbf23ea5c7e598da68d4284fed60e5f *Source\Tanikaze\drv\RTCore64.bin
cfca1ba801bff91a085a6a41281f392416efb3efd5b5d93f089a9ae4982faac4 *Source\Tanikaze\drv\rtkio64.bin
ae6f6b491f369b94ef1b0402ce62f4e0108a6ec3820a9c12cb7ef050fa13762c *Source\Tanikaze\drv\WinRing0x64.bin
502deb8b46d9a3504bd6b28fdd430c3374eeb20087352ab20efac04e39fcf1f7 *Source\Tanikaze\drv\asio2.bin
8f19c5e57e5c1b07fa9dfdd87a21ca7fce2316ca6430ddc38d189364ad36d45b *Source\Tanikaze\drv\ATSZIO64.bin
5072a4397ebb018a364c32b520a6a511dec14af5ed10715d5dfb0fb6bc053a13 *Source\Tanikaze\drv\DbUtil2_3.bin
81289d1be53fc82c59224047e19e39ea6a46c135230a92bc28f80cf616b578c0 *Source\Tanikaze\drv\DirectIo64.bin
73db7d386cde3f27f71d8cc3b8ded43a32f4ee7a1df4e348c4bdab509ed66a81 *Source\Tanikaze\drv\ene2.bin
88feedd2654bc89700fb2a8e2198799b43f9d9c18b63af34045ff71896e7a342 *Source\Tanikaze\drv\EneIo64.bin
350e2fbee96f8574fdbde8f07c3713f91ec6fef1589feb94ca19c4d50b62cfdc *Source\Tanikaze\drv\EneTechIo64.bin
0685b2359a3177797e87e5a6183d8c0f9a681bfb1a293636eab4b41c7862690a *Source\Tanikaze\drv\gdrv.bin
b5a9114336db72677e1756c3b4e7a7ae81929bd31fa288706d148da261c0ef02 *Source\Tanikaze\drv\GLCKIO2.bin
9939cbd32c333a2ff8aea72558663db8bdc83d276b24253e1e5cca8108be418c *Source\Tanikaze\drv\gmerdrv.bin
6e03c350685045764b5701e09be8ed8c79bbbc6c8c5902f6c881461eddae7e1d *Source\Tanikaze\drv\iQVM64.bin
099dc2a6b2122861188fbfe68d74028f0e10bdcf2da26d3df3b7c150df4276fd *Source\Tanikaze\drv\lha.bin
8cb8a1ccf064fd7db79acd2d1009ba1bcb4f583fa43c572e9ff9e18dc8317b9d *Source\Tanikaze\drv\MsIo64.bin
ef8daf6ccdfd87a2684943e9545b7f7aafad8c16ebdb008fc3fbbf6092faef19 *Source\Tanikaze\drv\Phymemx64.bin
5cdbc99a70d09103394546d4f86e3defbe0296719c2b9828bc38eeec4d038303 *Source\Tanikaze\drv\procexp.bin
625c1b032bcffa1596db11a82d39a797bb26e80c38f2a6a380a9f8442658f431 *Source\Tanikaze\drv\RTCore64.bin
e9e824dbb097e29b599ca1d0da197fa5df9a117f7753a04c988c7c9d11c2a00a *Source\Tanikaze\drv\rtkio64.bin
03f82bc73c588f136e33fecb8ff4c42d151e0973717087411cea99a5d44fc1a2 *Source\Tanikaze\drv\WinRing0x64.bin
bf86c929ee9ee2bb88187e1d82bcddfe83375c73e6787b83a7e414dff691e35b *Source\Utils\readme.txt
c776bc97ee2fbe48d3e148bb37c887862e6de212d4391d6df9b5f149e40ed223 *Source\Utils\GenAsIo2Unlock\GenAsIo2Unlock.sln
c4a28bc43a63a40ff2d8699fa261ee1ced6783d199043484ea7921e8d078ea08 *Source\Utils\GenAsIo2Unlock\GenAsIo2Unlock.vcxproj
Expand Down
2 changes: 2 additions & 0 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -113,6 +113,7 @@ You use it at your own risk. Some lazy AV may flag this tool as hacktool/malware
| 13 | ASUSTeK | AsIO2 | ASUS GPU Tweak | WINIO | 2.1.7.1 and below |
| 14 | PassMark | DirectIo64 | PassMark Performance Test | Original | 10.1 and below |
| 15 | GMER | GmerDrv | Gmer "Antirootkit" | Original | 2.2 and below |
| 16 | Dell | DBUtil_2_3 | Dell BIOS Utility | Original | 2.3 and below |

More providers maybe added in the future.

Expand Down Expand Up @@ -155,6 +156,7 @@ Using this program might crash your computer with BSOD. Compiled binary and sour
* CVE-2019-18845, https://www.activecyber.us/activelabs/viper-rgb-driver-local-privilege-escalation-cve-2019-18845
* DEFCON27: Get off the kernel if you cant drive, https://eclypsium.com/wp-content/uploads/2019/08/EXTERNAL-Get-off-the-kernel-if-you-cant-drive-DEFCON27.pdf
* CVE-2019-8372: Local Privilege Elevation in LG Kernel Driver, http://www.jackson-t.ca/lg-driver-lpe.html
* CVE-2021-21551, https://attackerkb.com/topics/zAHZGAFaQX/cve-2021-21551

# Wormhole drivers code

Expand Down
2 changes: 2 additions & 0 deletions Source/Hamakaze/KDU.vcxproj
View file
Original file line number Diff line number Diff line change
Expand Up @@ -126,6 +126,7 @@
<ClCompile Include="dsefix.cpp" />
<ClCompile Include="hde\hde64.c" />
<ClCompile Include="idrv\atszio.cpp" />
<ClCompile Include="idrv\dbutil23.cpp" />
<ClCompile Include="idrv\directio64.cpp" />
<ClCompile Include="idrv\gmer.cpp" />
<ClCompile Include="idrv\lha.cpp" />
Expand Down Expand Up @@ -160,6 +161,7 @@
<ClInclude Include="global.h" />
<ClInclude Include="hde\hde64.h" />
<ClInclude Include="idrv\atszio.h" />
<ClInclude Include="idrv\dbutil23.h" />
<ClInclude Include="idrv\directio64.h" />
<ClInclude Include="idrv\gmer.h" />
<ClInclude Include="idrv\lha.h" />
Expand Down
6 changes: 6 additions & 0 deletions Source/Hamakaze/KDU.vcxproj.filters
View file
Original file line number Diff line number Diff line change
Expand Up @@ -135,6 +135,9 @@
<ClCompile Include="idrv\gmer.cpp">
<Filter>Source Files\idrv</Filter>
</ClCompile>
<ClCompile Include="idrv\dbutil23.cpp">
<Filter>Source Files\idrv</Filter>
</ClCompile>
</ItemGroup>
<ItemGroup>
<ClInclude Include="global.h">
Expand Down Expand Up @@ -239,6 +242,9 @@
<ClInclude Include="idrv\gmer.h">
<Filter>Source Files\idrv</Filter>
</ClInclude>
<ClInclude Include="idrv\dbutil23.h">
<Filter>Source Files\idrv</Filter>
</ClInclude>
</ItemGroup>
<ItemGroup>
<ResourceCompile Include="resource.rc">
Expand Down
5 changes: 2 additions & 3 deletions Source/Hamakaze/KDU.vcxproj.user
View file
Original file line number Diff line number Diff line change
@@ -1,12 +1,11 @@
<?xml version="1.0" encoding="utf-8"?>
<Project ToolsVersion="Current" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
<LocalDebuggerCommandArguments>
</LocalDebuggerCommandArguments>
<LocalDebuggerCommandArguments>-test</LocalDebuggerCommandArguments>
<DebuggerFlavor>WindowsLocalDebugger</DebuggerFlavor>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
<LocalDebuggerCommandArguments>-prv 15 -map c:\makeexe\kdu\bin\dummy2.sys</LocalDebuggerCommandArguments>
<LocalDebuggerCommandArguments>-prv 16 -map c:\makeexe\kdu\bin\dummy.sys</LocalDebuggerCommandArguments>
<DebuggerFlavor>WindowsLocalDebugger</DebuggerFlavor>
</PropertyGroup>
</Project>
1 change: 1 addition & 0 deletions Source/Hamakaze/consts.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -59,3 +59,4 @@
#define IDR_ASUSIO2 117
#define IDR_DIRECTIO64 118
#define IDR_GMERDRV 119
#define IDR_DBUTIL23 120
140 changes: 140 additions & 0 deletions Source/Hamakaze/idrv/dbutil23.cpp
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,140 @@
/*******************************************************************************
*
* (C) COPYRIGHT AUTHORS, 2022
*
* TITLE: DBUTIL23.CPP
*
* VERSION: 1.12
*
* DATE: 25 Jan 2022
*
* Dell BIOS Utility 2.3 driver routines.
*
* THIS CODE AND INFORMATION IS PROVIDED "AS IS" WITHOUT WARRANTY OF
* ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED
* TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND/OR FITNESS FOR A
* PARTICULAR PURPOSE.
*
*******************************************************************************/

#include "global.h"
#include "idrv/dbutil23.h"

/*
* DbUtilReadVirtualMemory
*
* Purpose:
*
* Read virtual memory via Dell DbUtil driver.
*
*/
_Success_(return != FALSE)
BOOL WINAPI DbUtilReadVirtualMemory(
_In_ HANDLE DeviceHandle,
_In_ ULONG_PTR VirtualAddress,
_In_reads_bytes_(NumberOfBytes) PVOID Buffer,
_In_ ULONG NumberOfBytes)
{
BOOL bResult = FALSE;

SIZE_T size;
ULONG value;
DWORD dwError = ERROR_SUCCESS;
DBUTIL_READWRITE_REQUEST* pRequest;

value = FIELD_OFFSET(DBUTIL_READWRITE_REQUEST, Data) + NumberOfBytes;
size = ALIGN_UP_BY(value, PAGE_SIZE);

pRequest = (DBUTIL_READWRITE_REQUEST*)VirtualAlloc(NULL, size,
MEM_COMMIT | MEM_RESERVE, PAGE_READWRITE);

if (pRequest) {

if (VirtualLock(pRequest, size)) {

pRequest->Unused = 0xDEADBEEF;
pRequest->VirtualAddress = VirtualAddress;
pRequest->Offset = 0;

bResult = supCallDriver(DeviceHandle,
IOCTL_DBUTIL23_READVM,
pRequest,
(ULONG)size,
pRequest,
(ULONG)size);

if (!bResult) {
dwError = GetLastError();
}
else {
RtlCopyMemory(Buffer, pRequest->Data, NumberOfBytes);
}

VirtualUnlock(pRequest, size);
}

VirtualFree(pRequest, 0, MEM_RELEASE);
}

SetLastError(dwError);
return bResult;

}

/*
* DbUtilWriteVirtualMemory
*
* Purpose:
*
* Write virtual memory via Dell DbUtil driver.
*
*/
_Success_(return != FALSE)
BOOL WINAPI DbUtilWriteVirtualMemory(
_In_ HANDLE DeviceHandle,
_In_ ULONG_PTR VirtualAddress,
_In_reads_bytes_(NumberOfBytes) PVOID Buffer,
_In_ ULONG NumberOfBytes)
{
BOOL bResult = FALSE;

SIZE_T size;
ULONG value;
DWORD dwError = ERROR_SUCCESS;

DBUTIL_READWRITE_REQUEST* pRequest;

value = FIELD_OFFSET(DBUTIL_READWRITE_REQUEST, Data) + NumberOfBytes;
size = ALIGN_UP_BY(value, PAGE_SIZE);

pRequest = (DBUTIL_READWRITE_REQUEST*)VirtualAlloc(NULL, size,
MEM_COMMIT | MEM_RESERVE, PAGE_READWRITE);

if (pRequest) {

if (VirtualLock(pRequest, size)) {

pRequest->Unused = 0xDEADBEEF;
pRequest->VirtualAddress = VirtualAddress;
pRequest->Offset = 0;
RtlCopyMemory(&pRequest->Data, Buffer, NumberOfBytes);

bResult = supCallDriver(DeviceHandle,
IOCTL_DBUTIL23_WRITEVM,
pRequest,
(ULONG)size,
pRequest,
(ULONG)size);

if (!bResult)
dwError = GetLastError();

VirtualUnlock(pRequest, size);
}

VirtualFree(pRequest, 0, MEM_RELEASE);
}

SetLastError(dwError);
return bResult;
}
65 changes: 65 additions & 0 deletions Source/Hamakaze/idrv/dbutil23.h
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,65 @@
/*******************************************************************************
*
* (C) COPYRIGHT AUTHORS, 2022
*
* TITLE: DBUTIL23.H
*
* VERSION: 1.12
*
* DATE: 25 Jan 2022
*
* Dell BIOS Utility 2.3 driver interface header.
*
* THIS CODE AND INFORMATION IS PROVIDED "AS IS" WITHOUT WARRANTY OF
* ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED
* TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND/OR FITNESS FOR A
* PARTICULAR PURPOSE.
*
*******************************************************************************/

#pragma once

//
// Dell driver interface.
//

#define DBUTIL23_DEVICE_TYPE (DWORD)0x9B0C

#define DBUTIL23_FUNCTION_READVM (DWORD)0x7B1
#define DBUTIL23_FUNCTION_WRITEVM (DWORD)0x7B2

#define IOCTL_DBUTIL23_READVM \
CTL_CODE(DBUTIL23_DEVICE_TYPE, DBUTIL23_FUNCTION_READVM, METHOD_BUFFERED, FILE_ANY_ACCESS) //0x9B0C1EC4

#define IOCTL_DBUTIL23_WRITEVM \
CTL_CODE(DBUTIL23_DEVICE_TYPE, DBUTIL23_FUNCTION_WRITEVM, METHOD_BUFFERED, FILE_ANY_ACCESS) //0x9B0C1EC8

//
// Virtual memory read/write
//
typedef struct _DBUTIL_READWRITE_REQUEST {
ULONG_PTR Unused;
ULONG_PTR VirtualAddress;
ULONG_PTR Offset;
UCHAR Data[1];
} DBUTIL_READWRITE_REQUEST, * PDBUTIL_READWRITE_REQUEST;

//
// Size of data to read/write calculated as:
//
// InputBufferSize - sizeof packet header 0x18 bytes length
//

_Success_(return != FALSE)
BOOL WINAPI DbUtilReadVirtualMemory(
_In_ HANDLE DeviceHandle,
_In_ ULONG_PTR VirtualAddress,
_In_reads_bytes_(NumberOfBytes) PVOID Buffer,
_In_ ULONG NumberOfBytes);

_Success_(return != FALSE)
BOOL WINAPI DbUtilWriteVirtualMemory(
_In_ HANDLE DeviceHandle,
_In_ ULONG_PTR VirtualAddress,
_In_reads_bytes_(NumberOfBytes) PVOID Buffer,
_In_ ULONG NumberOfBytes);
1 change: 0 additions & 1 deletion Source/Hamakaze/idrv/gmer.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -131,5 +131,4 @@ BOOL WINAPI GmerWriteVirtualMemory(

SetLastError(dwError);
return bResult;

}
Loading

0 comments on commit a1a4f5f

Please sign in to comment.