Example Usage
// 82 KB version (patched) — deliberately clears the pointer:
v3 = MmGetSystemRoutineAddress(L"MmCopyMemory");
if (v3 >= 0) {
*(a1 + 24) = 0; // ← NULLs it — SubCmd 12 is dead
}
// 333 KB version (vulnerable) — stores the pointer:
ptr = MmGetSystemRoutineAddress(L"MmCopyMemory");
if (ptr) {
*(this + 0x18) = ptr; // ← Keeps it — SubCmd 12 works
}
See also
Netexec (nxc)
Open Source
Kali
The maintained fork and successor to CrackMapExec. Network service exploitation Swiss army knife for…
Unicorn
Open Source
Simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory. Works…
BeEF
Open Source
Kali
Browser Exploitation Framework. Hooks web browsers via JavaScript and provides extensive command mod…
BlackFriday-GPTs-Prompts
Open Source
List of free GPTs that doesn't require plus subscription…
Evil-WinRM
Open Source
Kali
Full-featured WinRM shell for hacking and penetration testing. Supports pass-the-hash, file upload/d…
WADComs.github.io
Open Source
WADComs is an interactive cheat sheet, containing a curated list of offensive security tools and the…