a154c71f9b
Run rustfmt
2020-07-02 02:47:15 +07:00
0350ec46d9
Scan unloaded module/driver
...
By reversing MmLocateUnloadedDriver, we can know the algorithm
to extract name/start/end of unloaded drivers
2020-06-22 22:30:35 +07:00
5619048a4a
Update lpus feature
...
Traverse scan
- PsActiveProcessHead
- PsLoadedModuleList
- KiProcessListHead
- HandleTableList
pdb_store has dt(struct) to display struct
2020-06-22 17:45:06 +07:00
060f222c0a
Introducing Address type
...
Use address type to represent address
Decompose address with ease using DriverState.decompose
2020-06-11 01:27:26 +07:00
7be3b2fc05
General updates
...
Driver is renamed to lpus.sys
Pdb will be downloaded ino %APPDATA%/nganhkhoa/lpus
And some little fixes
2020-05-20 15:02:09 +07:00
ff53a1a31c
Fix runtime BOSD
...
Chunk size and tag is check before handle.
Check if heuristics search is not correct, and the try_ptr goes of the bound,
making dereference an invalid address.
2020-05-20 00:42:24 +07:00
dae10a5312
multiple binary and code refactor
2020-05-19 03:52:18 +07:00
3214e79d63
code renew build ok
2020-05-18 04:04:40 +07:00
ebeea02962
remove warnings
2020-02-24 00:32:53 +07:00
f872b8e14a
moved functions to modules
2020-02-24 00:10:00 +07:00
