A PoC for Mhyprot2.sys vulnerable driver that allowing read/write memory in kernel/user via unprivileged user process.
A PoC for Mhyprot2.sys vulnerable driver that allowing read/write memory in kernel/user via unprivileged user process.
What we can do with this CLI is as follows:
PETHREAD
structure in the kernel directly from CLI as well.ZwTerminateProcess
which called in the vulnerable driver context (ring-0).Also:
Tested on:
*.exe <target_process_name> -<options>
following options are available as of now:
t
d
s