├── .gitignore ├── DetectProcessorMode ├── README.md └── Src │ └── merge_shellcode.py ├── EVENSTAR.sln ├── GetCPL ├── GetCPL.vcxproj ├── GetCPL.vcxproj.filters ├── Inc │ ├── BaseDataTypes.h │ ├── Common.h │ └── GetCurrentPrivilegeLevel.h ├── Lib │ ├── msvcrt_x64.lib │ └── msvcrt_x86.lib ├── README.md └── Src │ ├── ExeMain.cpp │ └── GetCurrentPrivilegeLevel64.asm ├── GetCurrentProcessorNumber ├── GetCurrentProcessorNumber.vcxproj ├── GetCurrentProcessorNumber.vcxproj.filters ├── Inc │ ├── BaseDataTypes.h │ ├── Common.h │ └── GetCurrentProcessorNumber.h ├── Lib │ ├── msvcrt_x64.lib │ └── msvcrt_x86.lib ├── README.md └── Src │ ├── ExeMain.cpp │ └── GetCurrentProcessorNumber.cpp ├── LICENSE ├── PagingDbgExt ├── Inc │ ├── BaseDataTypes.h │ ├── Common.h │ ├── DbgExt.h │ ├── GetKernelDirectoryTableBase.h │ ├── GetProcessDirectoryTableBase.h │ ├── Help.h │ └── PageTableWalk.h ├── Misc │ └── AllocTest.exe ├── PagingDbgExt.vcxproj ├── PagingDbgExt.vcxproj.filters ├── README.md └── Src │ ├── DbgExt.cpp │ ├── DllMain.cpp │ ├── GetKernelDirectoryTableBase.cpp │ ├── GetProcessDirectoryTableBase.cpp │ ├── Help.cpp │ └── PageTableWalk.cpp ├── README.md ├── ReadCRDbgExt ├── Inc │ ├── BaseDataTypes.h │ ├── Common.h │ ├── DbgExt.h │ └── ReadControlRegisters.h ├── Misc │ ├── GES2007.TRoy.Slides.pdf │ ├── control-registers.png │ └── intel-sdm-vol3-system-programming-guide.pdf ├── README.md ├── ReadCRDbgExt.vcxproj ├── ReadCRDbgExt.vcxproj.filters └── Src │ ├── DbgExt.cpp │ ├── DllMain.cpp │ └── ReadControlRegisters.cpp └── ReadIDTDbgExt ├── Inc ├── BaseDataTypes.h ├── Common.h ├── DbgExt.h └── ReadInterruptDescriptorTable.h ├── README.md ├── ReadIDTDbgExt.vcxproj ├── ReadIDTDbgExt.vcxproj.filters └── Src ├── DbgExt.cpp ├── DllMain.cpp └── ReadInterruptDescriptorTable.cpp /.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/winterknife/EVENSTAR/HEAD/.gitignore -------------------------------------------------------------------------------- /DetectProcessorMode/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/winterknife/EVENSTAR/HEAD/DetectProcessorMode/README.md -------------------------------------------------------------------------------- /DetectProcessorMode/Src/merge_shellcode.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/winterknife/EVENSTAR/HEAD/DetectProcessorMode/Src/merge_shellcode.py -------------------------------------------------------------------------------- /EVENSTAR.sln: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/winterknife/EVENSTAR/HEAD/EVENSTAR.sln -------------------------------------------------------------------------------- /GetCPL/GetCPL.vcxproj: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/winterknife/EVENSTAR/HEAD/GetCPL/GetCPL.vcxproj -------------------------------------------------------------------------------- /GetCPL/GetCPL.vcxproj.filters: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/winterknife/EVENSTAR/HEAD/GetCPL/GetCPL.vcxproj.filters -------------------------------------------------------------------------------- /GetCPL/Inc/BaseDataTypes.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/winterknife/EVENSTAR/HEAD/GetCPL/Inc/BaseDataTypes.h -------------------------------------------------------------------------------- /GetCPL/Inc/Common.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/winterknife/EVENSTAR/HEAD/GetCPL/Inc/Common.h -------------------------------------------------------------------------------- /GetCPL/Inc/GetCurrentPrivilegeLevel.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/winterknife/EVENSTAR/HEAD/GetCPL/Inc/GetCurrentPrivilegeLevel.h -------------------------------------------------------------------------------- /GetCPL/Lib/msvcrt_x64.lib: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/winterknife/EVENSTAR/HEAD/GetCPL/Lib/msvcrt_x64.lib -------------------------------------------------------------------------------- /GetCPL/Lib/msvcrt_x86.lib: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/winterknife/EVENSTAR/HEAD/GetCPL/Lib/msvcrt_x86.lib -------------------------------------------------------------------------------- /GetCPL/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/winterknife/EVENSTAR/HEAD/GetCPL/README.md -------------------------------------------------------------------------------- /GetCPL/Src/ExeMain.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/winterknife/EVENSTAR/HEAD/GetCPL/Src/ExeMain.cpp -------------------------------------------------------------------------------- /GetCPL/Src/GetCurrentPrivilegeLevel64.asm: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/winterknife/EVENSTAR/HEAD/GetCPL/Src/GetCurrentPrivilegeLevel64.asm -------------------------------------------------------------------------------- /GetCurrentProcessorNumber/GetCurrentProcessorNumber.vcxproj: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/winterknife/EVENSTAR/HEAD/GetCurrentProcessorNumber/GetCurrentProcessorNumber.vcxproj -------------------------------------------------------------------------------- /GetCurrentProcessorNumber/GetCurrentProcessorNumber.vcxproj.filters: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/winterknife/EVENSTAR/HEAD/GetCurrentProcessorNumber/GetCurrentProcessorNumber.vcxproj.filters -------------------------------------------------------------------------------- /GetCurrentProcessorNumber/Inc/BaseDataTypes.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/winterknife/EVENSTAR/HEAD/GetCurrentProcessorNumber/Inc/BaseDataTypes.h -------------------------------------------------------------------------------- /GetCurrentProcessorNumber/Inc/Common.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/winterknife/EVENSTAR/HEAD/GetCurrentProcessorNumber/Inc/Common.h -------------------------------------------------------------------------------- /GetCurrentProcessorNumber/Inc/GetCurrentProcessorNumber.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/winterknife/EVENSTAR/HEAD/GetCurrentProcessorNumber/Inc/GetCurrentProcessorNumber.h -------------------------------------------------------------------------------- /GetCurrentProcessorNumber/Lib/msvcrt_x64.lib: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/winterknife/EVENSTAR/HEAD/GetCurrentProcessorNumber/Lib/msvcrt_x64.lib -------------------------------------------------------------------------------- /GetCurrentProcessorNumber/Lib/msvcrt_x86.lib: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/winterknife/EVENSTAR/HEAD/GetCurrentProcessorNumber/Lib/msvcrt_x86.lib -------------------------------------------------------------------------------- /GetCurrentProcessorNumber/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/winterknife/EVENSTAR/HEAD/GetCurrentProcessorNumber/README.md -------------------------------------------------------------------------------- /GetCurrentProcessorNumber/Src/ExeMain.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/winterknife/EVENSTAR/HEAD/GetCurrentProcessorNumber/Src/ExeMain.cpp -------------------------------------------------------------------------------- /GetCurrentProcessorNumber/Src/GetCurrentProcessorNumber.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/winterknife/EVENSTAR/HEAD/GetCurrentProcessorNumber/Src/GetCurrentProcessorNumber.cpp -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/winterknife/EVENSTAR/HEAD/LICENSE -------------------------------------------------------------------------------- /PagingDbgExt/Inc/BaseDataTypes.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/winterknife/EVENSTAR/HEAD/PagingDbgExt/Inc/BaseDataTypes.h -------------------------------------------------------------------------------- /PagingDbgExt/Inc/Common.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/winterknife/EVENSTAR/HEAD/PagingDbgExt/Inc/Common.h -------------------------------------------------------------------------------- /PagingDbgExt/Inc/DbgExt.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/winterknife/EVENSTAR/HEAD/PagingDbgExt/Inc/DbgExt.h -------------------------------------------------------------------------------- /PagingDbgExt/Inc/GetKernelDirectoryTableBase.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/winterknife/EVENSTAR/HEAD/PagingDbgExt/Inc/GetKernelDirectoryTableBase.h -------------------------------------------------------------------------------- /PagingDbgExt/Inc/GetProcessDirectoryTableBase.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/winterknife/EVENSTAR/HEAD/PagingDbgExt/Inc/GetProcessDirectoryTableBase.h -------------------------------------------------------------------------------- /PagingDbgExt/Inc/Help.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/winterknife/EVENSTAR/HEAD/PagingDbgExt/Inc/Help.h -------------------------------------------------------------------------------- /PagingDbgExt/Inc/PageTableWalk.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/winterknife/EVENSTAR/HEAD/PagingDbgExt/Inc/PageTableWalk.h -------------------------------------------------------------------------------- /PagingDbgExt/Misc/AllocTest.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/winterknife/EVENSTAR/HEAD/PagingDbgExt/Misc/AllocTest.exe -------------------------------------------------------------------------------- /PagingDbgExt/PagingDbgExt.vcxproj: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/winterknife/EVENSTAR/HEAD/PagingDbgExt/PagingDbgExt.vcxproj -------------------------------------------------------------------------------- /PagingDbgExt/PagingDbgExt.vcxproj.filters: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/winterknife/EVENSTAR/HEAD/PagingDbgExt/PagingDbgExt.vcxproj.filters -------------------------------------------------------------------------------- /PagingDbgExt/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/winterknife/EVENSTAR/HEAD/PagingDbgExt/README.md -------------------------------------------------------------------------------- /PagingDbgExt/Src/DbgExt.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/winterknife/EVENSTAR/HEAD/PagingDbgExt/Src/DbgExt.cpp -------------------------------------------------------------------------------- /PagingDbgExt/Src/DllMain.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/winterknife/EVENSTAR/HEAD/PagingDbgExt/Src/DllMain.cpp -------------------------------------------------------------------------------- /PagingDbgExt/Src/GetKernelDirectoryTableBase.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/winterknife/EVENSTAR/HEAD/PagingDbgExt/Src/GetKernelDirectoryTableBase.cpp -------------------------------------------------------------------------------- /PagingDbgExt/Src/GetProcessDirectoryTableBase.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/winterknife/EVENSTAR/HEAD/PagingDbgExt/Src/GetProcessDirectoryTableBase.cpp -------------------------------------------------------------------------------- /PagingDbgExt/Src/Help.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/winterknife/EVENSTAR/HEAD/PagingDbgExt/Src/Help.cpp -------------------------------------------------------------------------------- /PagingDbgExt/Src/PageTableWalk.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/winterknife/EVENSTAR/HEAD/PagingDbgExt/Src/PageTableWalk.cpp -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # EVENSTAR 2 | 3 | `Intel 64`/`Windows` low-level experiments -------------------------------------------------------------------------------- /ReadCRDbgExt/Inc/BaseDataTypes.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/winterknife/EVENSTAR/HEAD/ReadCRDbgExt/Inc/BaseDataTypes.h -------------------------------------------------------------------------------- /ReadCRDbgExt/Inc/Common.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/winterknife/EVENSTAR/HEAD/ReadCRDbgExt/Inc/Common.h -------------------------------------------------------------------------------- /ReadCRDbgExt/Inc/DbgExt.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/winterknife/EVENSTAR/HEAD/ReadCRDbgExt/Inc/DbgExt.h -------------------------------------------------------------------------------- /ReadCRDbgExt/Inc/ReadControlRegisters.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/winterknife/EVENSTAR/HEAD/ReadCRDbgExt/Inc/ReadControlRegisters.h -------------------------------------------------------------------------------- /ReadCRDbgExt/Misc/GES2007.TRoy.Slides.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/winterknife/EVENSTAR/HEAD/ReadCRDbgExt/Misc/GES2007.TRoy.Slides.pdf -------------------------------------------------------------------------------- /ReadCRDbgExt/Misc/control-registers.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/winterknife/EVENSTAR/HEAD/ReadCRDbgExt/Misc/control-registers.png -------------------------------------------------------------------------------- /ReadCRDbgExt/Misc/intel-sdm-vol3-system-programming-guide.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/winterknife/EVENSTAR/HEAD/ReadCRDbgExt/Misc/intel-sdm-vol3-system-programming-guide.pdf -------------------------------------------------------------------------------- /ReadCRDbgExt/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/winterknife/EVENSTAR/HEAD/ReadCRDbgExt/README.md -------------------------------------------------------------------------------- /ReadCRDbgExt/ReadCRDbgExt.vcxproj: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/winterknife/EVENSTAR/HEAD/ReadCRDbgExt/ReadCRDbgExt.vcxproj -------------------------------------------------------------------------------- /ReadCRDbgExt/ReadCRDbgExt.vcxproj.filters: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/winterknife/EVENSTAR/HEAD/ReadCRDbgExt/ReadCRDbgExt.vcxproj.filters -------------------------------------------------------------------------------- /ReadCRDbgExt/Src/DbgExt.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/winterknife/EVENSTAR/HEAD/ReadCRDbgExt/Src/DbgExt.cpp -------------------------------------------------------------------------------- /ReadCRDbgExt/Src/DllMain.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/winterknife/EVENSTAR/HEAD/ReadCRDbgExt/Src/DllMain.cpp -------------------------------------------------------------------------------- /ReadCRDbgExt/Src/ReadControlRegisters.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/winterknife/EVENSTAR/HEAD/ReadCRDbgExt/Src/ReadControlRegisters.cpp -------------------------------------------------------------------------------- /ReadIDTDbgExt/Inc/BaseDataTypes.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/winterknife/EVENSTAR/HEAD/ReadIDTDbgExt/Inc/BaseDataTypes.h -------------------------------------------------------------------------------- /ReadIDTDbgExt/Inc/Common.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/winterknife/EVENSTAR/HEAD/ReadIDTDbgExt/Inc/Common.h -------------------------------------------------------------------------------- /ReadIDTDbgExt/Inc/DbgExt.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/winterknife/EVENSTAR/HEAD/ReadIDTDbgExt/Inc/DbgExt.h -------------------------------------------------------------------------------- /ReadIDTDbgExt/Inc/ReadInterruptDescriptorTable.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/winterknife/EVENSTAR/HEAD/ReadIDTDbgExt/Inc/ReadInterruptDescriptorTable.h -------------------------------------------------------------------------------- /ReadIDTDbgExt/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/winterknife/EVENSTAR/HEAD/ReadIDTDbgExt/README.md -------------------------------------------------------------------------------- /ReadIDTDbgExt/ReadIDTDbgExt.vcxproj: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/winterknife/EVENSTAR/HEAD/ReadIDTDbgExt/ReadIDTDbgExt.vcxproj -------------------------------------------------------------------------------- /ReadIDTDbgExt/ReadIDTDbgExt.vcxproj.filters: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/winterknife/EVENSTAR/HEAD/ReadIDTDbgExt/ReadIDTDbgExt.vcxproj.filters -------------------------------------------------------------------------------- /ReadIDTDbgExt/Src/DbgExt.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/winterknife/EVENSTAR/HEAD/ReadIDTDbgExt/Src/DbgExt.cpp -------------------------------------------------------------------------------- /ReadIDTDbgExt/Src/DllMain.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/winterknife/EVENSTAR/HEAD/ReadIDTDbgExt/Src/DllMain.cpp -------------------------------------------------------------------------------- /ReadIDTDbgExt/Src/ReadInterruptDescriptorTable.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/winterknife/EVENSTAR/HEAD/ReadIDTDbgExt/Src/ReadInterruptDescriptorTable.cpp --------------------------------------------------------------------------------