├── .gitignore ├── DescriptorTables ├── DescriptorTables.sln └── DescriptorTables │ ├── DescriptorTables.cpp │ ├── DescriptorTables.vcxproj │ ├── DescriptorTables.vcxproj.filters │ ├── ReadMe.txt │ ├── stdafx.cpp │ ├── stdafx.h │ └── targetver.h ├── DesktopHeap ├── DesktopHeap.sln └── DesktopHeap │ ├── DesktopHeap.cpp │ ├── DesktopHeap.vcxproj │ ├── DesktopHeap.vcxproj.filters │ ├── ReadMe.txt │ ├── stdafx.cpp │ ├── stdafx.h │ └── targetver.h ├── GdiSharedHandleTable ├── GdiSharedHandleTable.sln └── GdiSharedHandleTable │ ├── GdiSharedHandleTable.cpp │ ├── GdiSharedHandleTable.vcxproj │ ├── GdiSharedHandleTable.vcxproj.filters │ ├── ReadMe.txt │ ├── stdafx.cpp │ ├── stdafx.h │ └── targetver.h ├── HMValidateHandle ├── HMValidateHandle.sln └── HMValidateHandle │ ├── HMValidateHandle.cpp │ ├── HMValidateHandle.vcxproj │ ├── HMValidateHandle.vcxproj.filters │ ├── ReadMe.txt │ ├── stdafx.cpp │ ├── stdafx.h │ └── targetver.h ├── LICENSE ├── NtQuerySysInfo_SystemBigPoolInformation ├── NtQuerySysInfo_SystemBigPoolInformation.sln └── NtQuerySysInfo_SystemBigPoolInformation │ ├── NtQuerySysInfo_SystemBigPoolInformation.cpp │ ├── NtQuerySysInfo_SystemBigPoolInformation.vcxproj │ ├── NtQuerySysInfo_SystemBigPoolInformation.vcxproj.filters │ ├── ReadMe.txt │ ├── stdafx.cpp │ ├── stdafx.h │ └── targetver.h ├── NtQuerySysInfo_SystemFirmwareTableInfo ├── NtQuerySysInfo_SystemFirmwareTableInfo.sln └── NtQuerySysInfo_SystemFirmwareTableInfo │ ├── NtQuerySysInfo_SystemFirmwareTableInfo.cpp │ ├── NtQuerySysInfo_SystemFirmwareTableInfo.vcxproj │ ├── NtQuerySysInfo_SystemFirmwareTableInfo.vcxproj.filters │ ├── ReadMe.txt │ ├── stdafx.cpp │ ├── stdafx.h │ └── targetver.h ├── NtQuerySysInfo_SystemHandleInformation ├── NtQuerySysInfo_SystemHandleInformation.sln └── NtQuerySysInfo_SystemHandleInformation │ ├── NtQuerySysInfo_SystemHandleInformation.cpp │ ├── NtQuerySysInfo_SystemHandleInformation.vcxproj │ ├── NtQuerySysInfo_SystemHandleInformation.vcxproj.filters │ ├── ReadMe.txt │ ├── stdafx.cpp │ ├── stdafx.h │ └── targetver.h ├── NtQuerySysInfo_SystemLockInformation ├── NtQuerySysInfo_SystemLockInformation.sln └── NtQuerySysInfo_SystemLockInformation │ ├── NtQuerySysInfo_SystemLockInformation.cpp │ ├── NtQuerySysInfo_SystemLockInformation.vcxproj │ ├── NtQuerySysInfo_SystemLockInformation.vcxproj.filters │ ├── ReadMe.txt │ ├── stdafx.cpp │ ├── stdafx.h │ └── targetver.h ├── NtQuerySysInfo_SystemModuleInformation ├── NtQuerySysInfo_SystemModuleInformation.sln └── NtQuerySysInfo_SystemModuleInformation │ ├── NtQuerySysInfo_SystemModuleInformation.cpp │ ├── NtQuerySysInfo_SystemModuleInformation.vcxproj │ ├── NtQuerySysInfo_SystemModuleInformation.vcxproj.filters │ ├── ReadMe.txt │ ├── stdafx.cpp │ ├── stdafx.h │ └── targetver.h ├── NtQuerySysInfo_SystemProcessInformation ├── NtQuerySysInfo_SystemProcessInformation.sln └── NtQuerySysInfo_SystemProcessInformation │ ├── NtQuerySysInfo_SystemProcessInformation.cpp │ ├── NtQuerySysInfo_SystemProcessInformation.vcxproj │ ├── NtQuerySysInfo_SystemProcessInformation.vcxproj.filters │ ├── ReadMe.txt │ ├── stdafx.cpp │ ├── stdafx.h │ └── targetver.h ├── NtSystemDebugControl_SysDbgGetTriageDump ├── NtSystemDebugControl_SysDbgGetTriageDump.sln └── NtSystemDebugControl_SysDbgGetTriageDump │ ├── NtSystemDebugControl_SysDbgGetTriageDump.cpp │ ├── NtSystemDebugControl_SysDbgGetTriageDump.vcxproj │ ├── NtSystemDebugControl_SysDbgGetTriageDump.vcxproj.filters │ ├── ReadMe.txt │ ├── stdafx.cpp │ ├── stdafx.h │ └── targetver.h ├── README.md ├── SharedInfoHandleTable ├── SharedInfoHandleTable.sln └── SharedInfoHandleTable │ ├── ReadMe.txt │ ├── SharedInfoHandleTable.cpp │ ├── SharedInfoHandleTable.vcxproj │ ├── SharedInfoHandleTable.vcxproj.filters │ ├── stdafx.cpp │ ├── stdafx.h │ └── targetver.h ├── Syscalls ├── Syscalls.sln └── Syscalls │ ├── ReadMe.txt │ ├── Syscalls.cpp │ ├── Syscalls.vcxproj │ ├── Syscalls.vcxproj.filters │ ├── asm_funcs.asm │ ├── stdafx.cpp │ ├── stdafx.h │ └── targetver.h ├── icons ├── blue.png ├── cross.png ├── question.png └── tick.png ├── notes ├── NPIEP.md ├── gSharedInfo.md └── screenshots │ ├── LockDesktopMenu.png │ ├── gSharedInfo_win_1607.png │ ├── gSharedInfo_win_1703.png │ ├── gSharedInfo_win_1703_struct_size_example.png │ ├── npiep_definition.PNG │ ├── sgdt_definition.png │ ├── test_no_vbs.PNG │ ├── test_vbs.PNG │ └── umip_definition.PNG ├── pointer_hunt.py └── screenshots ├── NtGdiPATHOBJ_vEnumStartClipLines_windows_8_64bit_onwards_code_diff_mitigation.PNG ├── NtQuerySysInfo_SystemHandleInformation_windows8_64bit.PNG ├── NtQuerySysInfo_SystemLockInformation_windows8_64bit.PNG ├── NtQuerySysInfo_SystemModuleInformation_windows8_64bit.PNG ├── NtQuerySysInfo_SystemProcessInformation_windows7_32bit.PNG ├── NtQuerySysInfo_SystemProcessInformation_windows8_64bit.PNG ├── NtUserGetAsyncKeyState_windows_8_64bit_onwards_code_diff_mitigation.PNG ├── NtUserModifyUserStartupInfoFlags_infoleak.PNG ├── NtUserModifyUserStartupInfoFlags_windows_7_32bit_leak_check_lock.PNG ├── NtUserModifyUserStartupInfoFlags_windows_7_32bit_leak_high_level.PNG ├── NtUserModifyUserStartupInfoFlags_windows_7_32bit_leak_high_level_ebx_path.PNG ├── NtUserModifyUserStartupInfoFlags_windows_8_64bit_onwards_code_diff_mitigation.PNG ├── SharedInfoHandleTable_info_leak_poc_windows7_32bit.PNG ├── SharedInfoHandleTable_windows8_64bit.PNG ├── SystemHandleInformation_info_leak_poc_windows7_32bit.PNG ├── SystemHandleInformation_windows8_1_low_integrity.PNG ├── SystemHandleInformation_windows8_1_medium_integrity.PNG ├── SystemLockInformation_info_leak_poc_windows7_32bit.PNG ├── SystemLockInformation_windows8_1_low_integrity.PNG ├── SystemLockInformation_windows8_1_medium_integrity.PNG ├── SystemModuleInformation_info_leak_poc_windows7_32bit.PNG ├── SystemModuleInformation_windows8_1_low_integrity.PNG ├── SystemModuleInformation_windows8_1_medium_integrity.PNG ├── SystemProcessInformation_windows8_1_low_integrity.PNG ├── SystemProcessInformation_windows8_1_medium_integrity.PNG ├── descriptor_table_windows_10_64bit_low_integrity.PNG ├── descriptor_tables_info_leak_poc_windows7_32bit.PNG ├── descriptor_tables_win_10_64.PNG ├── descriptor_tables_win_7_32.PNG ├── descriptor_tables_win_8_1_64.PNG ├── descriptor_tables_win_8_64.PNG ├── descriptor_tables_windows8.PNG ├── descriptor_tables_windows8_1_low_integrity.PNG ├── expquerysysteminformation_diff_stats.PNG ├── ntquerysys_ida.PNG ├── restricted_caller_disasm_comments.png ├── restricted_check_refs.PNG ├── shared_handle_table_debugging_win10.PNG ├── shared_handle_table_debugging_win8_kernel_pointer.PNG ├── shared_handle_table_debugging_win8_user_pointer.PNG ├── shared_handle_table_windows_10_64bit_low_integrity.PNG ├── shared_handle_table_windows_8_1_64bit_low_integrity.PNG ├── syscall_address_leak_windows7_32bit.PNG ├── syscall_address_leak_windows8_64bit.PNG ├── syscall_info_leak_poc_windows7_32bit.PNG ├── syscall_pointer_leak_windows_8_64_bit.PNG ├── systemhandleinformation_windows_10_64bit_low_vs_medium_integrity.PNG ├── systemlockinformation_windows_10_64bit_low_vs_medium_integrity.PNG ├── systemmoduleinformation_windows_10_64bit_low_vs_medium_integrity.PNG ├── systemprocessinformation_windows_10_64bit_low_vs_medium_integrity.PNG └── windows_8_1_integrity_levels.PNG /.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/.gitignore -------------------------------------------------------------------------------- /DescriptorTables/DescriptorTables.sln: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/DescriptorTables/DescriptorTables.sln -------------------------------------------------------------------------------- /DescriptorTables/DescriptorTables/DescriptorTables.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/DescriptorTables/DescriptorTables/DescriptorTables.cpp -------------------------------------------------------------------------------- /DescriptorTables/DescriptorTables/DescriptorTables.vcxproj: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/DescriptorTables/DescriptorTables/DescriptorTables.vcxproj -------------------------------------------------------------------------------- /DescriptorTables/DescriptorTables/DescriptorTables.vcxproj.filters: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/DescriptorTables/DescriptorTables/DescriptorTables.vcxproj.filters -------------------------------------------------------------------------------- /DescriptorTables/DescriptorTables/ReadMe.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/DescriptorTables/DescriptorTables/ReadMe.txt -------------------------------------------------------------------------------- /DescriptorTables/DescriptorTables/stdafx.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/DescriptorTables/DescriptorTables/stdafx.cpp -------------------------------------------------------------------------------- /DescriptorTables/DescriptorTables/stdafx.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/DescriptorTables/DescriptorTables/stdafx.h -------------------------------------------------------------------------------- /DescriptorTables/DescriptorTables/targetver.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/DescriptorTables/DescriptorTables/targetver.h -------------------------------------------------------------------------------- /DesktopHeap/DesktopHeap.sln: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/DesktopHeap/DesktopHeap.sln -------------------------------------------------------------------------------- /DesktopHeap/DesktopHeap/DesktopHeap.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/DesktopHeap/DesktopHeap/DesktopHeap.cpp -------------------------------------------------------------------------------- /DesktopHeap/DesktopHeap/DesktopHeap.vcxproj: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/DesktopHeap/DesktopHeap/DesktopHeap.vcxproj -------------------------------------------------------------------------------- /DesktopHeap/DesktopHeap/DesktopHeap.vcxproj.filters: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/DesktopHeap/DesktopHeap/DesktopHeap.vcxproj.filters -------------------------------------------------------------------------------- /DesktopHeap/DesktopHeap/ReadMe.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/DesktopHeap/DesktopHeap/ReadMe.txt -------------------------------------------------------------------------------- /DesktopHeap/DesktopHeap/stdafx.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/DesktopHeap/DesktopHeap/stdafx.cpp -------------------------------------------------------------------------------- /DesktopHeap/DesktopHeap/stdafx.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/DesktopHeap/DesktopHeap/stdafx.h -------------------------------------------------------------------------------- /DesktopHeap/DesktopHeap/targetver.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/DesktopHeap/DesktopHeap/targetver.h -------------------------------------------------------------------------------- /GdiSharedHandleTable/GdiSharedHandleTable.sln: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/GdiSharedHandleTable/GdiSharedHandleTable.sln -------------------------------------------------------------------------------- /GdiSharedHandleTable/GdiSharedHandleTable/GdiSharedHandleTable.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/GdiSharedHandleTable/GdiSharedHandleTable/GdiSharedHandleTable.cpp -------------------------------------------------------------------------------- /GdiSharedHandleTable/GdiSharedHandleTable/GdiSharedHandleTable.vcxproj: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/GdiSharedHandleTable/GdiSharedHandleTable/GdiSharedHandleTable.vcxproj -------------------------------------------------------------------------------- /GdiSharedHandleTable/GdiSharedHandleTable/GdiSharedHandleTable.vcxproj.filters: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/GdiSharedHandleTable/GdiSharedHandleTable/GdiSharedHandleTable.vcxproj.filters -------------------------------------------------------------------------------- /GdiSharedHandleTable/GdiSharedHandleTable/ReadMe.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/GdiSharedHandleTable/GdiSharedHandleTable/ReadMe.txt -------------------------------------------------------------------------------- /GdiSharedHandleTable/GdiSharedHandleTable/stdafx.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/GdiSharedHandleTable/GdiSharedHandleTable/stdafx.cpp -------------------------------------------------------------------------------- /GdiSharedHandleTable/GdiSharedHandleTable/stdafx.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/GdiSharedHandleTable/GdiSharedHandleTable/stdafx.h -------------------------------------------------------------------------------- /GdiSharedHandleTable/GdiSharedHandleTable/targetver.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/GdiSharedHandleTable/GdiSharedHandleTable/targetver.h -------------------------------------------------------------------------------- /HMValidateHandle/HMValidateHandle.sln: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/HMValidateHandle/HMValidateHandle.sln -------------------------------------------------------------------------------- /HMValidateHandle/HMValidateHandle/HMValidateHandle.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/HMValidateHandle/HMValidateHandle/HMValidateHandle.cpp -------------------------------------------------------------------------------- /HMValidateHandle/HMValidateHandle/HMValidateHandle.vcxproj: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/HMValidateHandle/HMValidateHandle/HMValidateHandle.vcxproj -------------------------------------------------------------------------------- /HMValidateHandle/HMValidateHandle/HMValidateHandle.vcxproj.filters: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/HMValidateHandle/HMValidateHandle/HMValidateHandle.vcxproj.filters -------------------------------------------------------------------------------- /HMValidateHandle/HMValidateHandle/ReadMe.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/HMValidateHandle/HMValidateHandle/ReadMe.txt -------------------------------------------------------------------------------- /HMValidateHandle/HMValidateHandle/stdafx.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/HMValidateHandle/HMValidateHandle/stdafx.cpp -------------------------------------------------------------------------------- /HMValidateHandle/HMValidateHandle/stdafx.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/HMValidateHandle/HMValidateHandle/stdafx.h -------------------------------------------------------------------------------- /HMValidateHandle/HMValidateHandle/targetver.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/HMValidateHandle/HMValidateHandle/targetver.h -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/LICENSE -------------------------------------------------------------------------------- /NtQuerySysInfo_SystemBigPoolInformation/NtQuerySysInfo_SystemBigPoolInformation.sln: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/NtQuerySysInfo_SystemBigPoolInformation/NtQuerySysInfo_SystemBigPoolInformation.sln -------------------------------------------------------------------------------- /NtQuerySysInfo_SystemBigPoolInformation/NtQuerySysInfo_SystemBigPoolInformation/NtQuerySysInfo_SystemBigPoolInformation.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/NtQuerySysInfo_SystemBigPoolInformation/NtQuerySysInfo_SystemBigPoolInformation/NtQuerySysInfo_SystemBigPoolInformation.cpp -------------------------------------------------------------------------------- /NtQuerySysInfo_SystemBigPoolInformation/NtQuerySysInfo_SystemBigPoolInformation/NtQuerySysInfo_SystemBigPoolInformation.vcxproj: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/NtQuerySysInfo_SystemBigPoolInformation/NtQuerySysInfo_SystemBigPoolInformation/NtQuerySysInfo_SystemBigPoolInformation.vcxproj -------------------------------------------------------------------------------- /NtQuerySysInfo_SystemBigPoolInformation/NtQuerySysInfo_SystemBigPoolInformation/NtQuerySysInfo_SystemBigPoolInformation.vcxproj.filters: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/NtQuerySysInfo_SystemBigPoolInformation/NtQuerySysInfo_SystemBigPoolInformation/NtQuerySysInfo_SystemBigPoolInformation.vcxproj.filters -------------------------------------------------------------------------------- /NtQuerySysInfo_SystemBigPoolInformation/NtQuerySysInfo_SystemBigPoolInformation/ReadMe.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/NtQuerySysInfo_SystemBigPoolInformation/NtQuerySysInfo_SystemBigPoolInformation/ReadMe.txt -------------------------------------------------------------------------------- /NtQuerySysInfo_SystemBigPoolInformation/NtQuerySysInfo_SystemBigPoolInformation/stdafx.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/NtQuerySysInfo_SystemBigPoolInformation/NtQuerySysInfo_SystemBigPoolInformation/stdafx.cpp -------------------------------------------------------------------------------- /NtQuerySysInfo_SystemBigPoolInformation/NtQuerySysInfo_SystemBigPoolInformation/stdafx.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/NtQuerySysInfo_SystemBigPoolInformation/NtQuerySysInfo_SystemBigPoolInformation/stdafx.h -------------------------------------------------------------------------------- /NtQuerySysInfo_SystemBigPoolInformation/NtQuerySysInfo_SystemBigPoolInformation/targetver.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/NtQuerySysInfo_SystemBigPoolInformation/NtQuerySysInfo_SystemBigPoolInformation/targetver.h -------------------------------------------------------------------------------- /NtQuerySysInfo_SystemFirmwareTableInfo/NtQuerySysInfo_SystemFirmwareTableInfo.sln: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/NtQuerySysInfo_SystemFirmwareTableInfo/NtQuerySysInfo_SystemFirmwareTableInfo.sln -------------------------------------------------------------------------------- /NtQuerySysInfo_SystemFirmwareTableInfo/NtQuerySysInfo_SystemFirmwareTableInfo/NtQuerySysInfo_SystemFirmwareTableInfo.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/NtQuerySysInfo_SystemFirmwareTableInfo/NtQuerySysInfo_SystemFirmwareTableInfo/NtQuerySysInfo_SystemFirmwareTableInfo.cpp -------------------------------------------------------------------------------- /NtQuerySysInfo_SystemFirmwareTableInfo/NtQuerySysInfo_SystemFirmwareTableInfo/NtQuerySysInfo_SystemFirmwareTableInfo.vcxproj: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/NtQuerySysInfo_SystemFirmwareTableInfo/NtQuerySysInfo_SystemFirmwareTableInfo/NtQuerySysInfo_SystemFirmwareTableInfo.vcxproj -------------------------------------------------------------------------------- /NtQuerySysInfo_SystemFirmwareTableInfo/NtQuerySysInfo_SystemFirmwareTableInfo/NtQuerySysInfo_SystemFirmwareTableInfo.vcxproj.filters: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/NtQuerySysInfo_SystemFirmwareTableInfo/NtQuerySysInfo_SystemFirmwareTableInfo/NtQuerySysInfo_SystemFirmwareTableInfo.vcxproj.filters -------------------------------------------------------------------------------- /NtQuerySysInfo_SystemFirmwareTableInfo/NtQuerySysInfo_SystemFirmwareTableInfo/ReadMe.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/NtQuerySysInfo_SystemFirmwareTableInfo/NtQuerySysInfo_SystemFirmwareTableInfo/ReadMe.txt -------------------------------------------------------------------------------- /NtQuerySysInfo_SystemFirmwareTableInfo/NtQuerySysInfo_SystemFirmwareTableInfo/stdafx.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/NtQuerySysInfo_SystemFirmwareTableInfo/NtQuerySysInfo_SystemFirmwareTableInfo/stdafx.cpp -------------------------------------------------------------------------------- /NtQuerySysInfo_SystemFirmwareTableInfo/NtQuerySysInfo_SystemFirmwareTableInfo/stdafx.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/NtQuerySysInfo_SystemFirmwareTableInfo/NtQuerySysInfo_SystemFirmwareTableInfo/stdafx.h -------------------------------------------------------------------------------- /NtQuerySysInfo_SystemFirmwareTableInfo/NtQuerySysInfo_SystemFirmwareTableInfo/targetver.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/NtQuerySysInfo_SystemFirmwareTableInfo/NtQuerySysInfo_SystemFirmwareTableInfo/targetver.h -------------------------------------------------------------------------------- /NtQuerySysInfo_SystemHandleInformation/NtQuerySysInfo_SystemHandleInformation.sln: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/NtQuerySysInfo_SystemHandleInformation/NtQuerySysInfo_SystemHandleInformation.sln -------------------------------------------------------------------------------- /NtQuerySysInfo_SystemHandleInformation/NtQuerySysInfo_SystemHandleInformation/NtQuerySysInfo_SystemHandleInformation.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/NtQuerySysInfo_SystemHandleInformation/NtQuerySysInfo_SystemHandleInformation/NtQuerySysInfo_SystemHandleInformation.cpp -------------------------------------------------------------------------------- /NtQuerySysInfo_SystemHandleInformation/NtQuerySysInfo_SystemHandleInformation/NtQuerySysInfo_SystemHandleInformation.vcxproj: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/NtQuerySysInfo_SystemHandleInformation/NtQuerySysInfo_SystemHandleInformation/NtQuerySysInfo_SystemHandleInformation.vcxproj -------------------------------------------------------------------------------- /NtQuerySysInfo_SystemHandleInformation/NtQuerySysInfo_SystemHandleInformation/NtQuerySysInfo_SystemHandleInformation.vcxproj.filters: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/NtQuerySysInfo_SystemHandleInformation/NtQuerySysInfo_SystemHandleInformation/NtQuerySysInfo_SystemHandleInformation.vcxproj.filters -------------------------------------------------------------------------------- /NtQuerySysInfo_SystemHandleInformation/NtQuerySysInfo_SystemHandleInformation/ReadMe.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/NtQuerySysInfo_SystemHandleInformation/NtQuerySysInfo_SystemHandleInformation/ReadMe.txt -------------------------------------------------------------------------------- /NtQuerySysInfo_SystemHandleInformation/NtQuerySysInfo_SystemHandleInformation/stdafx.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/NtQuerySysInfo_SystemHandleInformation/NtQuerySysInfo_SystemHandleInformation/stdafx.cpp -------------------------------------------------------------------------------- /NtQuerySysInfo_SystemHandleInformation/NtQuerySysInfo_SystemHandleInformation/stdafx.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/NtQuerySysInfo_SystemHandleInformation/NtQuerySysInfo_SystemHandleInformation/stdafx.h -------------------------------------------------------------------------------- /NtQuerySysInfo_SystemHandleInformation/NtQuerySysInfo_SystemHandleInformation/targetver.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/NtQuerySysInfo_SystemHandleInformation/NtQuerySysInfo_SystemHandleInformation/targetver.h -------------------------------------------------------------------------------- /NtQuerySysInfo_SystemLockInformation/NtQuerySysInfo_SystemLockInformation.sln: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/NtQuerySysInfo_SystemLockInformation/NtQuerySysInfo_SystemLockInformation.sln -------------------------------------------------------------------------------- /NtQuerySysInfo_SystemLockInformation/NtQuerySysInfo_SystemLockInformation/NtQuerySysInfo_SystemLockInformation.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/NtQuerySysInfo_SystemLockInformation/NtQuerySysInfo_SystemLockInformation/NtQuerySysInfo_SystemLockInformation.cpp -------------------------------------------------------------------------------- /NtQuerySysInfo_SystemLockInformation/NtQuerySysInfo_SystemLockInformation/NtQuerySysInfo_SystemLockInformation.vcxproj: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/NtQuerySysInfo_SystemLockInformation/NtQuerySysInfo_SystemLockInformation/NtQuerySysInfo_SystemLockInformation.vcxproj -------------------------------------------------------------------------------- /NtQuerySysInfo_SystemLockInformation/NtQuerySysInfo_SystemLockInformation/NtQuerySysInfo_SystemLockInformation.vcxproj.filters: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/NtQuerySysInfo_SystemLockInformation/NtQuerySysInfo_SystemLockInformation/NtQuerySysInfo_SystemLockInformation.vcxproj.filters -------------------------------------------------------------------------------- /NtQuerySysInfo_SystemLockInformation/NtQuerySysInfo_SystemLockInformation/ReadMe.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/NtQuerySysInfo_SystemLockInformation/NtQuerySysInfo_SystemLockInformation/ReadMe.txt -------------------------------------------------------------------------------- /NtQuerySysInfo_SystemLockInformation/NtQuerySysInfo_SystemLockInformation/stdafx.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/NtQuerySysInfo_SystemLockInformation/NtQuerySysInfo_SystemLockInformation/stdafx.cpp -------------------------------------------------------------------------------- /NtQuerySysInfo_SystemLockInformation/NtQuerySysInfo_SystemLockInformation/stdafx.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/NtQuerySysInfo_SystemLockInformation/NtQuerySysInfo_SystemLockInformation/stdafx.h -------------------------------------------------------------------------------- /NtQuerySysInfo_SystemLockInformation/NtQuerySysInfo_SystemLockInformation/targetver.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/NtQuerySysInfo_SystemLockInformation/NtQuerySysInfo_SystemLockInformation/targetver.h -------------------------------------------------------------------------------- /NtQuerySysInfo_SystemModuleInformation/NtQuerySysInfo_SystemModuleInformation.sln: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/NtQuerySysInfo_SystemModuleInformation/NtQuerySysInfo_SystemModuleInformation.sln -------------------------------------------------------------------------------- /NtQuerySysInfo_SystemModuleInformation/NtQuerySysInfo_SystemModuleInformation/NtQuerySysInfo_SystemModuleInformation.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/NtQuerySysInfo_SystemModuleInformation/NtQuerySysInfo_SystemModuleInformation/NtQuerySysInfo_SystemModuleInformation.cpp -------------------------------------------------------------------------------- /NtQuerySysInfo_SystemModuleInformation/NtQuerySysInfo_SystemModuleInformation/NtQuerySysInfo_SystemModuleInformation.vcxproj: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/NtQuerySysInfo_SystemModuleInformation/NtQuerySysInfo_SystemModuleInformation/NtQuerySysInfo_SystemModuleInformation.vcxproj -------------------------------------------------------------------------------- /NtQuerySysInfo_SystemModuleInformation/NtQuerySysInfo_SystemModuleInformation/NtQuerySysInfo_SystemModuleInformation.vcxproj.filters: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/NtQuerySysInfo_SystemModuleInformation/NtQuerySysInfo_SystemModuleInformation/NtQuerySysInfo_SystemModuleInformation.vcxproj.filters -------------------------------------------------------------------------------- /NtQuerySysInfo_SystemModuleInformation/NtQuerySysInfo_SystemModuleInformation/ReadMe.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/NtQuerySysInfo_SystemModuleInformation/NtQuerySysInfo_SystemModuleInformation/ReadMe.txt -------------------------------------------------------------------------------- /NtQuerySysInfo_SystemModuleInformation/NtQuerySysInfo_SystemModuleInformation/stdafx.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/NtQuerySysInfo_SystemModuleInformation/NtQuerySysInfo_SystemModuleInformation/stdafx.cpp -------------------------------------------------------------------------------- /NtQuerySysInfo_SystemModuleInformation/NtQuerySysInfo_SystemModuleInformation/stdafx.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/NtQuerySysInfo_SystemModuleInformation/NtQuerySysInfo_SystemModuleInformation/stdafx.h -------------------------------------------------------------------------------- /NtQuerySysInfo_SystemModuleInformation/NtQuerySysInfo_SystemModuleInformation/targetver.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/NtQuerySysInfo_SystemModuleInformation/NtQuerySysInfo_SystemModuleInformation/targetver.h -------------------------------------------------------------------------------- /NtQuerySysInfo_SystemProcessInformation/NtQuerySysInfo_SystemProcessInformation.sln: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/NtQuerySysInfo_SystemProcessInformation/NtQuerySysInfo_SystemProcessInformation.sln -------------------------------------------------------------------------------- /NtQuerySysInfo_SystemProcessInformation/NtQuerySysInfo_SystemProcessInformation/NtQuerySysInfo_SystemProcessInformation.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/NtQuerySysInfo_SystemProcessInformation/NtQuerySysInfo_SystemProcessInformation/NtQuerySysInfo_SystemProcessInformation.cpp -------------------------------------------------------------------------------- /NtQuerySysInfo_SystemProcessInformation/NtQuerySysInfo_SystemProcessInformation/NtQuerySysInfo_SystemProcessInformation.vcxproj: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/NtQuerySysInfo_SystemProcessInformation/NtQuerySysInfo_SystemProcessInformation/NtQuerySysInfo_SystemProcessInformation.vcxproj -------------------------------------------------------------------------------- /NtQuerySysInfo_SystemProcessInformation/NtQuerySysInfo_SystemProcessInformation/NtQuerySysInfo_SystemProcessInformation.vcxproj.filters: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/NtQuerySysInfo_SystemProcessInformation/NtQuerySysInfo_SystemProcessInformation/NtQuerySysInfo_SystemProcessInformation.vcxproj.filters -------------------------------------------------------------------------------- /NtQuerySysInfo_SystemProcessInformation/NtQuerySysInfo_SystemProcessInformation/ReadMe.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/NtQuerySysInfo_SystemProcessInformation/NtQuerySysInfo_SystemProcessInformation/ReadMe.txt -------------------------------------------------------------------------------- /NtQuerySysInfo_SystemProcessInformation/NtQuerySysInfo_SystemProcessInformation/stdafx.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/NtQuerySysInfo_SystemProcessInformation/NtQuerySysInfo_SystemProcessInformation/stdafx.cpp -------------------------------------------------------------------------------- /NtQuerySysInfo_SystemProcessInformation/NtQuerySysInfo_SystemProcessInformation/stdafx.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/NtQuerySysInfo_SystemProcessInformation/NtQuerySysInfo_SystemProcessInformation/stdafx.h -------------------------------------------------------------------------------- /NtQuerySysInfo_SystemProcessInformation/NtQuerySysInfo_SystemProcessInformation/targetver.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/NtQuerySysInfo_SystemProcessInformation/NtQuerySysInfo_SystemProcessInformation/targetver.h -------------------------------------------------------------------------------- /NtSystemDebugControl_SysDbgGetTriageDump/NtSystemDebugControl_SysDbgGetTriageDump.sln: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/NtSystemDebugControl_SysDbgGetTriageDump/NtSystemDebugControl_SysDbgGetTriageDump.sln -------------------------------------------------------------------------------- /NtSystemDebugControl_SysDbgGetTriageDump/NtSystemDebugControl_SysDbgGetTriageDump/NtSystemDebugControl_SysDbgGetTriageDump.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/NtSystemDebugControl_SysDbgGetTriageDump/NtSystemDebugControl_SysDbgGetTriageDump/NtSystemDebugControl_SysDbgGetTriageDump.cpp -------------------------------------------------------------------------------- /NtSystemDebugControl_SysDbgGetTriageDump/NtSystemDebugControl_SysDbgGetTriageDump/NtSystemDebugControl_SysDbgGetTriageDump.vcxproj: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/NtSystemDebugControl_SysDbgGetTriageDump/NtSystemDebugControl_SysDbgGetTriageDump/NtSystemDebugControl_SysDbgGetTriageDump.vcxproj -------------------------------------------------------------------------------- /NtSystemDebugControl_SysDbgGetTriageDump/NtSystemDebugControl_SysDbgGetTriageDump/NtSystemDebugControl_SysDbgGetTriageDump.vcxproj.filters: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/NtSystemDebugControl_SysDbgGetTriageDump/NtSystemDebugControl_SysDbgGetTriageDump/NtSystemDebugControl_SysDbgGetTriageDump.vcxproj.filters -------------------------------------------------------------------------------- /NtSystemDebugControl_SysDbgGetTriageDump/NtSystemDebugControl_SysDbgGetTriageDump/ReadMe.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/NtSystemDebugControl_SysDbgGetTriageDump/NtSystemDebugControl_SysDbgGetTriageDump/ReadMe.txt -------------------------------------------------------------------------------- /NtSystemDebugControl_SysDbgGetTriageDump/NtSystemDebugControl_SysDbgGetTriageDump/stdafx.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/NtSystemDebugControl_SysDbgGetTriageDump/NtSystemDebugControl_SysDbgGetTriageDump/stdafx.cpp -------------------------------------------------------------------------------- /NtSystemDebugControl_SysDbgGetTriageDump/NtSystemDebugControl_SysDbgGetTriageDump/stdafx.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/NtSystemDebugControl_SysDbgGetTriageDump/NtSystemDebugControl_SysDbgGetTriageDump/stdafx.h -------------------------------------------------------------------------------- /NtSystemDebugControl_SysDbgGetTriageDump/NtSystemDebugControl_SysDbgGetTriageDump/targetver.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/NtSystemDebugControl_SysDbgGetTriageDump/NtSystemDebugControl_SysDbgGetTriageDump/targetver.h -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/README.md -------------------------------------------------------------------------------- /SharedInfoHandleTable/SharedInfoHandleTable.sln: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/SharedInfoHandleTable/SharedInfoHandleTable.sln -------------------------------------------------------------------------------- /SharedInfoHandleTable/SharedInfoHandleTable/ReadMe.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/SharedInfoHandleTable/SharedInfoHandleTable/ReadMe.txt -------------------------------------------------------------------------------- /SharedInfoHandleTable/SharedInfoHandleTable/SharedInfoHandleTable.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/SharedInfoHandleTable/SharedInfoHandleTable/SharedInfoHandleTable.cpp -------------------------------------------------------------------------------- /SharedInfoHandleTable/SharedInfoHandleTable/SharedInfoHandleTable.vcxproj: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/SharedInfoHandleTable/SharedInfoHandleTable/SharedInfoHandleTable.vcxproj -------------------------------------------------------------------------------- /SharedInfoHandleTable/SharedInfoHandleTable/SharedInfoHandleTable.vcxproj.filters: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/SharedInfoHandleTable/SharedInfoHandleTable/SharedInfoHandleTable.vcxproj.filters -------------------------------------------------------------------------------- /SharedInfoHandleTable/SharedInfoHandleTable/stdafx.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/SharedInfoHandleTable/SharedInfoHandleTable/stdafx.cpp -------------------------------------------------------------------------------- /SharedInfoHandleTable/SharedInfoHandleTable/stdafx.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/SharedInfoHandleTable/SharedInfoHandleTable/stdafx.h -------------------------------------------------------------------------------- /SharedInfoHandleTable/SharedInfoHandleTable/targetver.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/SharedInfoHandleTable/SharedInfoHandleTable/targetver.h -------------------------------------------------------------------------------- /Syscalls/Syscalls.sln: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/Syscalls/Syscalls.sln -------------------------------------------------------------------------------- /Syscalls/Syscalls/ReadMe.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/Syscalls/Syscalls/ReadMe.txt -------------------------------------------------------------------------------- /Syscalls/Syscalls/Syscalls.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/Syscalls/Syscalls/Syscalls.cpp -------------------------------------------------------------------------------- /Syscalls/Syscalls/Syscalls.vcxproj: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/Syscalls/Syscalls/Syscalls.vcxproj -------------------------------------------------------------------------------- /Syscalls/Syscalls/Syscalls.vcxproj.filters: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/Syscalls/Syscalls/Syscalls.vcxproj.filters -------------------------------------------------------------------------------- /Syscalls/Syscalls/asm_funcs.asm: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/Syscalls/Syscalls/asm_funcs.asm -------------------------------------------------------------------------------- /Syscalls/Syscalls/stdafx.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/Syscalls/Syscalls/stdafx.cpp -------------------------------------------------------------------------------- /Syscalls/Syscalls/stdafx.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/Syscalls/Syscalls/stdafx.h -------------------------------------------------------------------------------- /Syscalls/Syscalls/targetver.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/Syscalls/Syscalls/targetver.h -------------------------------------------------------------------------------- /icons/blue.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/icons/blue.png -------------------------------------------------------------------------------- /icons/cross.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/icons/cross.png -------------------------------------------------------------------------------- /icons/question.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/icons/question.png -------------------------------------------------------------------------------- /icons/tick.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/icons/tick.png -------------------------------------------------------------------------------- /notes/NPIEP.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/notes/NPIEP.md -------------------------------------------------------------------------------- /notes/gSharedInfo.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/notes/gSharedInfo.md -------------------------------------------------------------------------------- /notes/screenshots/LockDesktopMenu.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/notes/screenshots/LockDesktopMenu.png -------------------------------------------------------------------------------- /notes/screenshots/gSharedInfo_win_1607.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/notes/screenshots/gSharedInfo_win_1607.png -------------------------------------------------------------------------------- /notes/screenshots/gSharedInfo_win_1703.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/notes/screenshots/gSharedInfo_win_1703.png -------------------------------------------------------------------------------- /notes/screenshots/gSharedInfo_win_1703_struct_size_example.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/notes/screenshots/gSharedInfo_win_1703_struct_size_example.png -------------------------------------------------------------------------------- /notes/screenshots/npiep_definition.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/notes/screenshots/npiep_definition.PNG -------------------------------------------------------------------------------- /notes/screenshots/sgdt_definition.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/notes/screenshots/sgdt_definition.png -------------------------------------------------------------------------------- /notes/screenshots/test_no_vbs.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/notes/screenshots/test_no_vbs.PNG -------------------------------------------------------------------------------- /notes/screenshots/test_vbs.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/notes/screenshots/test_vbs.PNG -------------------------------------------------------------------------------- /notes/screenshots/umip_definition.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/notes/screenshots/umip_definition.PNG -------------------------------------------------------------------------------- /pointer_hunt.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/pointer_hunt.py -------------------------------------------------------------------------------- /screenshots/NtGdiPATHOBJ_vEnumStartClipLines_windows_8_64bit_onwards_code_diff_mitigation.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/screenshots/NtGdiPATHOBJ_vEnumStartClipLines_windows_8_64bit_onwards_code_diff_mitigation.PNG -------------------------------------------------------------------------------- /screenshots/NtQuerySysInfo_SystemHandleInformation_windows8_64bit.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/screenshots/NtQuerySysInfo_SystemHandleInformation_windows8_64bit.PNG -------------------------------------------------------------------------------- /screenshots/NtQuerySysInfo_SystemLockInformation_windows8_64bit.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/screenshots/NtQuerySysInfo_SystemLockInformation_windows8_64bit.PNG -------------------------------------------------------------------------------- /screenshots/NtQuerySysInfo_SystemModuleInformation_windows8_64bit.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/screenshots/NtQuerySysInfo_SystemModuleInformation_windows8_64bit.PNG -------------------------------------------------------------------------------- /screenshots/NtQuerySysInfo_SystemProcessInformation_windows7_32bit.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/screenshots/NtQuerySysInfo_SystemProcessInformation_windows7_32bit.PNG -------------------------------------------------------------------------------- /screenshots/NtQuerySysInfo_SystemProcessInformation_windows8_64bit.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/screenshots/NtQuerySysInfo_SystemProcessInformation_windows8_64bit.PNG -------------------------------------------------------------------------------- /screenshots/NtUserGetAsyncKeyState_windows_8_64bit_onwards_code_diff_mitigation.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/screenshots/NtUserGetAsyncKeyState_windows_8_64bit_onwards_code_diff_mitigation.PNG -------------------------------------------------------------------------------- /screenshots/NtUserModifyUserStartupInfoFlags_infoleak.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/screenshots/NtUserModifyUserStartupInfoFlags_infoleak.PNG -------------------------------------------------------------------------------- /screenshots/NtUserModifyUserStartupInfoFlags_windows_7_32bit_leak_check_lock.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/screenshots/NtUserModifyUserStartupInfoFlags_windows_7_32bit_leak_check_lock.PNG -------------------------------------------------------------------------------- /screenshots/NtUserModifyUserStartupInfoFlags_windows_7_32bit_leak_high_level.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/screenshots/NtUserModifyUserStartupInfoFlags_windows_7_32bit_leak_high_level.PNG -------------------------------------------------------------------------------- /screenshots/NtUserModifyUserStartupInfoFlags_windows_7_32bit_leak_high_level_ebx_path.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/screenshots/NtUserModifyUserStartupInfoFlags_windows_7_32bit_leak_high_level_ebx_path.PNG -------------------------------------------------------------------------------- /screenshots/NtUserModifyUserStartupInfoFlags_windows_8_64bit_onwards_code_diff_mitigation.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/screenshots/NtUserModifyUserStartupInfoFlags_windows_8_64bit_onwards_code_diff_mitigation.PNG -------------------------------------------------------------------------------- /screenshots/SharedInfoHandleTable_info_leak_poc_windows7_32bit.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/screenshots/SharedInfoHandleTable_info_leak_poc_windows7_32bit.PNG -------------------------------------------------------------------------------- /screenshots/SharedInfoHandleTable_windows8_64bit.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/screenshots/SharedInfoHandleTable_windows8_64bit.PNG -------------------------------------------------------------------------------- /screenshots/SystemHandleInformation_info_leak_poc_windows7_32bit.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/screenshots/SystemHandleInformation_info_leak_poc_windows7_32bit.PNG -------------------------------------------------------------------------------- /screenshots/SystemHandleInformation_windows8_1_low_integrity.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/screenshots/SystemHandleInformation_windows8_1_low_integrity.PNG -------------------------------------------------------------------------------- /screenshots/SystemHandleInformation_windows8_1_medium_integrity.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/screenshots/SystemHandleInformation_windows8_1_medium_integrity.PNG -------------------------------------------------------------------------------- /screenshots/SystemLockInformation_info_leak_poc_windows7_32bit.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/screenshots/SystemLockInformation_info_leak_poc_windows7_32bit.PNG -------------------------------------------------------------------------------- /screenshots/SystemLockInformation_windows8_1_low_integrity.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/screenshots/SystemLockInformation_windows8_1_low_integrity.PNG -------------------------------------------------------------------------------- /screenshots/SystemLockInformation_windows8_1_medium_integrity.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/screenshots/SystemLockInformation_windows8_1_medium_integrity.PNG -------------------------------------------------------------------------------- /screenshots/SystemModuleInformation_info_leak_poc_windows7_32bit.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/screenshots/SystemModuleInformation_info_leak_poc_windows7_32bit.PNG -------------------------------------------------------------------------------- /screenshots/SystemModuleInformation_windows8_1_low_integrity.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/screenshots/SystemModuleInformation_windows8_1_low_integrity.PNG -------------------------------------------------------------------------------- /screenshots/SystemModuleInformation_windows8_1_medium_integrity.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/screenshots/SystemModuleInformation_windows8_1_medium_integrity.PNG -------------------------------------------------------------------------------- /screenshots/SystemProcessInformation_windows8_1_low_integrity.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/screenshots/SystemProcessInformation_windows8_1_low_integrity.PNG -------------------------------------------------------------------------------- /screenshots/SystemProcessInformation_windows8_1_medium_integrity.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/screenshots/SystemProcessInformation_windows8_1_medium_integrity.PNG -------------------------------------------------------------------------------- /screenshots/descriptor_table_windows_10_64bit_low_integrity.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/screenshots/descriptor_table_windows_10_64bit_low_integrity.PNG -------------------------------------------------------------------------------- /screenshots/descriptor_tables_info_leak_poc_windows7_32bit.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/screenshots/descriptor_tables_info_leak_poc_windows7_32bit.PNG -------------------------------------------------------------------------------- /screenshots/descriptor_tables_win_10_64.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/screenshots/descriptor_tables_win_10_64.PNG -------------------------------------------------------------------------------- /screenshots/descriptor_tables_win_7_32.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/screenshots/descriptor_tables_win_7_32.PNG -------------------------------------------------------------------------------- /screenshots/descriptor_tables_win_8_1_64.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/screenshots/descriptor_tables_win_8_1_64.PNG -------------------------------------------------------------------------------- /screenshots/descriptor_tables_win_8_64.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/screenshots/descriptor_tables_win_8_64.PNG -------------------------------------------------------------------------------- /screenshots/descriptor_tables_windows8.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/screenshots/descriptor_tables_windows8.PNG -------------------------------------------------------------------------------- /screenshots/descriptor_tables_windows8_1_low_integrity.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/screenshots/descriptor_tables_windows8_1_low_integrity.PNG -------------------------------------------------------------------------------- /screenshots/expquerysysteminformation_diff_stats.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/screenshots/expquerysysteminformation_diff_stats.PNG -------------------------------------------------------------------------------- /screenshots/ntquerysys_ida.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/screenshots/ntquerysys_ida.PNG -------------------------------------------------------------------------------- /screenshots/restricted_caller_disasm_comments.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/screenshots/restricted_caller_disasm_comments.png -------------------------------------------------------------------------------- /screenshots/restricted_check_refs.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/screenshots/restricted_check_refs.PNG -------------------------------------------------------------------------------- /screenshots/shared_handle_table_debugging_win10.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/screenshots/shared_handle_table_debugging_win10.PNG -------------------------------------------------------------------------------- /screenshots/shared_handle_table_debugging_win8_kernel_pointer.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/screenshots/shared_handle_table_debugging_win8_kernel_pointer.PNG -------------------------------------------------------------------------------- /screenshots/shared_handle_table_debugging_win8_user_pointer.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/screenshots/shared_handle_table_debugging_win8_user_pointer.PNG -------------------------------------------------------------------------------- /screenshots/shared_handle_table_windows_10_64bit_low_integrity.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/screenshots/shared_handle_table_windows_10_64bit_low_integrity.PNG -------------------------------------------------------------------------------- /screenshots/shared_handle_table_windows_8_1_64bit_low_integrity.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/screenshots/shared_handle_table_windows_8_1_64bit_low_integrity.PNG -------------------------------------------------------------------------------- /screenshots/syscall_address_leak_windows7_32bit.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/screenshots/syscall_address_leak_windows7_32bit.PNG -------------------------------------------------------------------------------- /screenshots/syscall_address_leak_windows8_64bit.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/screenshots/syscall_address_leak_windows8_64bit.PNG -------------------------------------------------------------------------------- /screenshots/syscall_info_leak_poc_windows7_32bit.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/screenshots/syscall_info_leak_poc_windows7_32bit.PNG -------------------------------------------------------------------------------- /screenshots/syscall_pointer_leak_windows_8_64_bit.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/screenshots/syscall_pointer_leak_windows_8_64_bit.PNG -------------------------------------------------------------------------------- /screenshots/systemhandleinformation_windows_10_64bit_low_vs_medium_integrity.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/screenshots/systemhandleinformation_windows_10_64bit_low_vs_medium_integrity.PNG -------------------------------------------------------------------------------- /screenshots/systemlockinformation_windows_10_64bit_low_vs_medium_integrity.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/screenshots/systemlockinformation_windows_10_64bit_low_vs_medium_integrity.PNG -------------------------------------------------------------------------------- /screenshots/systemmoduleinformation_windows_10_64bit_low_vs_medium_integrity.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/screenshots/systemmoduleinformation_windows_10_64bit_low_vs_medium_integrity.PNG -------------------------------------------------------------------------------- /screenshots/systemprocessinformation_windows_10_64bit_low_vs_medium_integrity.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/screenshots/systemprocessinformation_windows_10_64bit_low_vs_medium_integrity.PNG -------------------------------------------------------------------------------- /screenshots/windows_8_1_integrity_levels.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sam-b/windows_kernel_address_leaks/HEAD/screenshots/windows_8_1_integrity_levels.PNG --------------------------------------------------------------------------------