Content
@
https://warpcast.com/~/channel/itookaselfie
0 reply
0 recast
0 reaction
tiff
@4o
we use a vulnerable driver, through it we find the ETHREAD structure by parsing, in it we patch the Previous Mode parameter, after that with access to read and write to the kernel memory we find SeValidateImageData, patch it, then we can load any driver
0 reply
0 recast
0 reaction
