├── .gitignore ├── BlinkLib ├── BlinkLib.cpp ├── BlinkLib.h ├── BlinkLib.vcxproj ├── BlinkLib.vcxproj.filters ├── ImpersonateUtils.cpp ├── ImpersonateUtils.h ├── ReparseLib.cpp ├── ReparseLib.h └── SymLink.cpp ├── DLEdit ├── DLEdit.cpp ├── DLEdit.vcxproj └── DLEdit.vcxproj.filters ├── DarkLoadDriver.sln ├── DarkLoadDriver ├── BYOVDKit.h ├── DarkLoadDriver.vcxproj ├── DarkLoadDriver.vcxproj.filters ├── DriveUtils.cpp ├── DriveUtils.h ├── DriverJack.cpp ├── DriverJack.h ├── ImpersonateUtils.cpp ├── ImpersonateUtils.h ├── ServiceUtils.cpp ├── ServiceUtils.h ├── Threading.cpp ├── Threading.h └── stringutils.h ├── DaveLib ├── DaveLib.cpp ├── DaveLib.h ├── DaveLib.vcxproj ├── DaveLib.vcxproj.filters └── main.cpp ├── DriverJack ├── .gitattributes ├── .gitignore ├── ChangeSymlink.cpp ├── DriveSwap.cpp ├── DriveSwap.h ├── DriverJack.rc ├── DriverJack.sln ├── DriverJack.vcxproj ├── DriverJack.vcxproj.filters ├── Error.cpp ├── FindPID.cpp ├── GetFirstThreadID.cpp ├── GetSymbolicLinkTarget.cpp ├── GetSystem.cpp ├── IoCdfsLib.h ├── Main.cpp ├── RAII_Handle.cpp ├── RAII_Hmodule.cpp ├── RAII_Resource.cpp ├── RAII_ScHandle.cpp ├── RestartDriverService.cpp ├── SetPrivilege.cpp ├── SvcLib.h ├── UnpackResources.cpp ├── common.h ├── raii.h ├── res │ ├── Windows.dat │ ├── drv64.dat │ ├── drvx.dat │ └── kdu.dat ├── resource.h ├── resources.cpp └── utils.h ├── IoCdfsLib ├── IoCdfsLib.cpp ├── IoCdfsLib.h ├── IoCdfsLib.vcxproj ├── IoCdfsLib.vcxproj.filters ├── crypt.cpp ├── crypt.h ├── stringutils.cpp └── stringutils.h ├── LICENSE ├── README.md ├── RedirectServiceTest ├── ImpersonateUtils.h ├── RedirectServiceTest.cpp ├── RedirectServiceTest.vcxproj └── RedirectServiceTest.vcxproj.filters ├── SvcLib ├── SvcLib.cpp ├── SvcLib.h ├── SvcLib.vcxproj └── SvcLib.vcxproj.filters └── [Whitepaper] DriverJack - Abusing Emulated Read-Only Filesystems and NTFS Glitches for Infection and Persistence.pdf /.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/klezVirus/DriverJack/HEAD/.gitignore -------------------------------------------------------------------------------- /BlinkLib/BlinkLib.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/klezVirus/DriverJack/HEAD/BlinkLib/BlinkLib.cpp -------------------------------------------------------------------------------- /BlinkLib/BlinkLib.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/klezVirus/DriverJack/HEAD/BlinkLib/BlinkLib.h -------------------------------------------------------------------------------- /BlinkLib/BlinkLib.vcxproj: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/klezVirus/DriverJack/HEAD/BlinkLib/BlinkLib.vcxproj -------------------------------------------------------------------------------- /BlinkLib/BlinkLib.vcxproj.filters: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/klezVirus/DriverJack/HEAD/BlinkLib/BlinkLib.vcxproj.filters -------------------------------------------------------------------------------- /BlinkLib/ImpersonateUtils.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/klezVirus/DriverJack/HEAD/BlinkLib/ImpersonateUtils.cpp -------------------------------------------------------------------------------- /BlinkLib/ImpersonateUtils.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/klezVirus/DriverJack/HEAD/BlinkLib/ImpersonateUtils.h -------------------------------------------------------------------------------- /BlinkLib/ReparseLib.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/klezVirus/DriverJack/HEAD/BlinkLib/ReparseLib.cpp -------------------------------------------------------------------------------- /BlinkLib/ReparseLib.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/klezVirus/DriverJack/HEAD/BlinkLib/ReparseLib.h -------------------------------------------------------------------------------- /BlinkLib/SymLink.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/klezVirus/DriverJack/HEAD/BlinkLib/SymLink.cpp -------------------------------------------------------------------------------- /DLEdit/DLEdit.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/klezVirus/DriverJack/HEAD/DLEdit/DLEdit.cpp -------------------------------------------------------------------------------- /DLEdit/DLEdit.vcxproj: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/klezVirus/DriverJack/HEAD/DLEdit/DLEdit.vcxproj -------------------------------------------------------------------------------- /DLEdit/DLEdit.vcxproj.filters: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/klezVirus/DriverJack/HEAD/DLEdit/DLEdit.vcxproj.filters -------------------------------------------------------------------------------- /DarkLoadDriver.sln: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/klezVirus/DriverJack/HEAD/DarkLoadDriver.sln -------------------------------------------------------------------------------- /DarkLoadDriver/BYOVDKit.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/klezVirus/DriverJack/HEAD/DarkLoadDriver/BYOVDKit.h -------------------------------------------------------------------------------- /DarkLoadDriver/DarkLoadDriver.vcxproj: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/klezVirus/DriverJack/HEAD/DarkLoadDriver/DarkLoadDriver.vcxproj -------------------------------------------------------------------------------- /DarkLoadDriver/DarkLoadDriver.vcxproj.filters: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/klezVirus/DriverJack/HEAD/DarkLoadDriver/DarkLoadDriver.vcxproj.filters -------------------------------------------------------------------------------- /DarkLoadDriver/DriveUtils.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/klezVirus/DriverJack/HEAD/DarkLoadDriver/DriveUtils.cpp -------------------------------------------------------------------------------- /DarkLoadDriver/DriveUtils.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/klezVirus/DriverJack/HEAD/DarkLoadDriver/DriveUtils.h -------------------------------------------------------------------------------- /DarkLoadDriver/DriverJack.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/klezVirus/DriverJack/HEAD/DarkLoadDriver/DriverJack.cpp -------------------------------------------------------------------------------- /DarkLoadDriver/DriverJack.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/klezVirus/DriverJack/HEAD/DarkLoadDriver/DriverJack.h -------------------------------------------------------------------------------- /DarkLoadDriver/ImpersonateUtils.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/klezVirus/DriverJack/HEAD/DarkLoadDriver/ImpersonateUtils.cpp -------------------------------------------------------------------------------- /DarkLoadDriver/ImpersonateUtils.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/klezVirus/DriverJack/HEAD/DarkLoadDriver/ImpersonateUtils.h -------------------------------------------------------------------------------- /DarkLoadDriver/ServiceUtils.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/klezVirus/DriverJack/HEAD/DarkLoadDriver/ServiceUtils.cpp -------------------------------------------------------------------------------- /DarkLoadDriver/ServiceUtils.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/klezVirus/DriverJack/HEAD/DarkLoadDriver/ServiceUtils.h -------------------------------------------------------------------------------- /DarkLoadDriver/Threading.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/klezVirus/DriverJack/HEAD/DarkLoadDriver/Threading.cpp -------------------------------------------------------------------------------- /DarkLoadDriver/Threading.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/klezVirus/DriverJack/HEAD/DarkLoadDriver/Threading.h -------------------------------------------------------------------------------- /DarkLoadDriver/stringutils.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/klezVirus/DriverJack/HEAD/DarkLoadDriver/stringutils.h -------------------------------------------------------------------------------- /DaveLib/DaveLib.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/klezVirus/DriverJack/HEAD/DaveLib/DaveLib.cpp -------------------------------------------------------------------------------- /DaveLib/DaveLib.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/klezVirus/DriverJack/HEAD/DaveLib/DaveLib.h -------------------------------------------------------------------------------- /DaveLib/DaveLib.vcxproj: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/klezVirus/DriverJack/HEAD/DaveLib/DaveLib.vcxproj -------------------------------------------------------------------------------- /DaveLib/DaveLib.vcxproj.filters: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/klezVirus/DriverJack/HEAD/DaveLib/DaveLib.vcxproj.filters -------------------------------------------------------------------------------- /DaveLib/main.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/klezVirus/DriverJack/HEAD/DaveLib/main.cpp -------------------------------------------------------------------------------- /DriverJack/.gitattributes: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/klezVirus/DriverJack/HEAD/DriverJack/.gitattributes -------------------------------------------------------------------------------- /DriverJack/.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/klezVirus/DriverJack/HEAD/DriverJack/.gitignore -------------------------------------------------------------------------------- /DriverJack/ChangeSymlink.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/klezVirus/DriverJack/HEAD/DriverJack/ChangeSymlink.cpp -------------------------------------------------------------------------------- /DriverJack/DriveSwap.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/klezVirus/DriverJack/HEAD/DriverJack/DriveSwap.cpp -------------------------------------------------------------------------------- /DriverJack/DriveSwap.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/klezVirus/DriverJack/HEAD/DriverJack/DriveSwap.h -------------------------------------------------------------------------------- /DriverJack/DriverJack.rc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/klezVirus/DriverJack/HEAD/DriverJack/DriverJack.rc -------------------------------------------------------------------------------- /DriverJack/DriverJack.sln: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/klezVirus/DriverJack/HEAD/DriverJack/DriverJack.sln -------------------------------------------------------------------------------- /DriverJack/DriverJack.vcxproj: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/klezVirus/DriverJack/HEAD/DriverJack/DriverJack.vcxproj -------------------------------------------------------------------------------- /DriverJack/DriverJack.vcxproj.filters: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/klezVirus/DriverJack/HEAD/DriverJack/DriverJack.vcxproj.filters -------------------------------------------------------------------------------- /DriverJack/Error.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/klezVirus/DriverJack/HEAD/DriverJack/Error.cpp -------------------------------------------------------------------------------- /DriverJack/FindPID.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/klezVirus/DriverJack/HEAD/DriverJack/FindPID.cpp -------------------------------------------------------------------------------- /DriverJack/GetFirstThreadID.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/klezVirus/DriverJack/HEAD/DriverJack/GetFirstThreadID.cpp -------------------------------------------------------------------------------- /DriverJack/GetSymbolicLinkTarget.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/klezVirus/DriverJack/HEAD/DriverJack/GetSymbolicLinkTarget.cpp -------------------------------------------------------------------------------- /DriverJack/GetSystem.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/klezVirus/DriverJack/HEAD/DriverJack/GetSystem.cpp -------------------------------------------------------------------------------- /DriverJack/IoCdfsLib.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/klezVirus/DriverJack/HEAD/DriverJack/IoCdfsLib.h -------------------------------------------------------------------------------- /DriverJack/Main.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/klezVirus/DriverJack/HEAD/DriverJack/Main.cpp -------------------------------------------------------------------------------- /DriverJack/RAII_Handle.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/klezVirus/DriverJack/HEAD/DriverJack/RAII_Handle.cpp -------------------------------------------------------------------------------- /DriverJack/RAII_Hmodule.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/klezVirus/DriverJack/HEAD/DriverJack/RAII_Hmodule.cpp -------------------------------------------------------------------------------- /DriverJack/RAII_Resource.cpp: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /DriverJack/RAII_ScHandle.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/klezVirus/DriverJack/HEAD/DriverJack/RAII_ScHandle.cpp -------------------------------------------------------------------------------- /DriverJack/RestartDriverService.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/klezVirus/DriverJack/HEAD/DriverJack/RestartDriverService.cpp -------------------------------------------------------------------------------- /DriverJack/SetPrivilege.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/klezVirus/DriverJack/HEAD/DriverJack/SetPrivilege.cpp -------------------------------------------------------------------------------- /DriverJack/SvcLib.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/klezVirus/DriverJack/HEAD/DriverJack/SvcLib.h -------------------------------------------------------------------------------- /DriverJack/UnpackResources.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/klezVirus/DriverJack/HEAD/DriverJack/UnpackResources.cpp -------------------------------------------------------------------------------- /DriverJack/common.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/klezVirus/DriverJack/HEAD/DriverJack/common.h -------------------------------------------------------------------------------- /DriverJack/raii.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/klezVirus/DriverJack/HEAD/DriverJack/raii.h -------------------------------------------------------------------------------- /DriverJack/res/Windows.dat: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/klezVirus/DriverJack/HEAD/DriverJack/res/Windows.dat -------------------------------------------------------------------------------- /DriverJack/res/drv64.dat: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/klezVirus/DriverJack/HEAD/DriverJack/res/drv64.dat -------------------------------------------------------------------------------- /DriverJack/res/drvx.dat: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/klezVirus/DriverJack/HEAD/DriverJack/res/drvx.dat -------------------------------------------------------------------------------- /DriverJack/res/kdu.dat: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/klezVirus/DriverJack/HEAD/DriverJack/res/kdu.dat -------------------------------------------------------------------------------- /DriverJack/resource.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/klezVirus/DriverJack/HEAD/DriverJack/resource.h -------------------------------------------------------------------------------- /DriverJack/resources.cpp: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /DriverJack/utils.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/klezVirus/DriverJack/HEAD/DriverJack/utils.h -------------------------------------------------------------------------------- /IoCdfsLib/IoCdfsLib.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/klezVirus/DriverJack/HEAD/IoCdfsLib/IoCdfsLib.cpp -------------------------------------------------------------------------------- /IoCdfsLib/IoCdfsLib.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/klezVirus/DriverJack/HEAD/IoCdfsLib/IoCdfsLib.h -------------------------------------------------------------------------------- /IoCdfsLib/IoCdfsLib.vcxproj: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/klezVirus/DriverJack/HEAD/IoCdfsLib/IoCdfsLib.vcxproj -------------------------------------------------------------------------------- /IoCdfsLib/IoCdfsLib.vcxproj.filters: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/klezVirus/DriverJack/HEAD/IoCdfsLib/IoCdfsLib.vcxproj.filters -------------------------------------------------------------------------------- /IoCdfsLib/crypt.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/klezVirus/DriverJack/HEAD/IoCdfsLib/crypt.cpp -------------------------------------------------------------------------------- /IoCdfsLib/crypt.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/klezVirus/DriverJack/HEAD/IoCdfsLib/crypt.h -------------------------------------------------------------------------------- /IoCdfsLib/stringutils.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/klezVirus/DriverJack/HEAD/IoCdfsLib/stringutils.cpp -------------------------------------------------------------------------------- /IoCdfsLib/stringutils.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/klezVirus/DriverJack/HEAD/IoCdfsLib/stringutils.h -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/klezVirus/DriverJack/HEAD/LICENSE -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/klezVirus/DriverJack/HEAD/README.md -------------------------------------------------------------------------------- /RedirectServiceTest/ImpersonateUtils.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/klezVirus/DriverJack/HEAD/RedirectServiceTest/ImpersonateUtils.h -------------------------------------------------------------------------------- /RedirectServiceTest/RedirectServiceTest.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/klezVirus/DriverJack/HEAD/RedirectServiceTest/RedirectServiceTest.cpp -------------------------------------------------------------------------------- /RedirectServiceTest/RedirectServiceTest.vcxproj: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/klezVirus/DriverJack/HEAD/RedirectServiceTest/RedirectServiceTest.vcxproj -------------------------------------------------------------------------------- /RedirectServiceTest/RedirectServiceTest.vcxproj.filters: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/klezVirus/DriverJack/HEAD/RedirectServiceTest/RedirectServiceTest.vcxproj.filters -------------------------------------------------------------------------------- /SvcLib/SvcLib.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/klezVirus/DriverJack/HEAD/SvcLib/SvcLib.cpp -------------------------------------------------------------------------------- /SvcLib/SvcLib.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/klezVirus/DriverJack/HEAD/SvcLib/SvcLib.h -------------------------------------------------------------------------------- /SvcLib/SvcLib.vcxproj: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/klezVirus/DriverJack/HEAD/SvcLib/SvcLib.vcxproj -------------------------------------------------------------------------------- /SvcLib/SvcLib.vcxproj.filters: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/klezVirus/DriverJack/HEAD/SvcLib/SvcLib.vcxproj.filters -------------------------------------------------------------------------------- /[Whitepaper] DriverJack - Abusing Emulated Read-Only Filesystems and NTFS Glitches for Infection and Persistence.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/klezVirus/DriverJack/HEAD/[Whitepaper] DriverJack - Abusing Emulated Read-Only Filesystems and NTFS Glitches for Infection and Persistence.pdf --------------------------------------------------------------------------------