PoC: Rebuild A New Path Back to the Heaven's Gate (HITB 2021)

Last update: Dec 11, 2022

Overview

wowGrail

Rebuild a new to Abuse the conversion layer embedded in WOW64(Windows 32 on Windows 64), that makes malware able to launch 32-bit NTAPI interrupts, and bypass Antivirus agents in no time.

It's a proof-of-concept of the talk of HITB 2021. There are more details about reversing the whole WOW64 layer by Microsoft and abuse, see Rebuild The Heaven's Gate: from 32 bit Hell back to Heaven Wonderland.

HIGHLY RECOMMEND

Compile It in Release mode, if you're using MSVC toolchain. Due to MSVC's performance instrumentation in Debug mode, there'll be an unexpected memory layout.

CVE-2021-3156 POC and Docker and Analysis write up

CVE-2021-3156 [toc] 漏洞简介漏洞编号: CVE-2021-3156 漏洞产品: sudo 影响版本: 1.8.2-1.8.31sp12; 1.9.0-1.9.5sp1 利用后果: 本地提权源码获取: https://www.sudo.ws/getting/source/ 环境

1 Oct 22, 2022

This was the first ever Computer Science project that I made back in Class XII (2016). I thought I should upload it on GitHub so that it does not get lost. :)

First Ever Project This was the first ever Computer Science project that I made back in Class XII (2016). I thought I should upload it on github so th

3 Jun 7, 2021

Fully Featured Time Circuits Display from Back to the Future

Time Circuits Display This Time Circuits Display has been meticulously reproduced to be as accurate as possible to the one seen in the Delorean Time M

64 Dec 29, 2022

Had a tough time playing Microsoft Wordament ? Well WORDament_Solver has your back. It suggests you meaningful words you can use while playing the game and help you top the leaderboard.

WORDament_Solver Had a tough time playing Microsoft Wordament ? Well WORDament_Solver has your back. It suggests you meaningful words you can use whil

3 Aug 19, 2021

This project aims to bring back a productive working environment on Windows 11

10.4k Dec 30, 2022

VEX v5 Pro program that records driver movements and plays them back during the autonomous period.

Autonomous Recorder This code was written for team 5588R, but it can be easily modified to work with your team's robot. Notes Code isn't fully finishe

2 Jun 21, 2022

CredBandit - Proof of concept Beacon Object File (BOF) that uses static x64 syscalls to perform a complete in memory dump of a process and send that back through your already existing Beacon communication channel

CredBandit CredBandit is a proof of concept Beacon Object File (BOF) that uses static x64 syscalls to perform a complete in memory dump of a process a

188 Dec 25, 2022

pluggable tool to convert an unrolled TritonAST to LLVM-IR, optimize it and get back to TritonAST

it is fork from https://github.com/fvrmatteo/TritonASTLLVMIRTranslator *WARNINGS: tested only linux(ubuntu 20.04) and only llvm and clang version 10*

5 Jun 10, 2022

Masters degree research project source code. Might come back to it later.

Camflow Network Provenance Authors Tray Keller and Austin Waddell CamFlow and the Linux Provenance Module (LPM) framework are both an excellent step i

2 Mar 14, 2022

Owner

Sheng-Hao Ma

30cm.tw/me

GitHub

My version of psxfunkin with new changes like new story mode, new options,etc

PSXFunkin Friday Night Funkin' on the PSX LOL Compilation Refer to COMPILE.md here Characters Igor Ver added new characters Like XmasGF,Monster and mu

4 Jun 8, 2022

Rebuild YatSenOS On RISC-V 64.

YatSenOS RISC-V 64 Rebuild YatSenOS On RISC-V 64. It is not be guaranteed that there are no bugs in the project :( This REAME is too concise to unders

17 Aug 2, 2022

MicroPather is a path finder and A* solver (astar or a-star) written in platform independent C++ that can be easily integrated into existing code. MicroPather focuses on being a path finding engine for video games but is a generic A* solver.

MicroPather MicroPather is a path finder and A* solver (astar or a-star) written in platform independent C++ that can be easily integrated into existi

299 Dec 10, 2022

PoC: Rebuild A New Path Back to the Heaven's Gate (HITB 2021)

Related tags

Overview

wowGrail

You might also like...

CVE-2021-3156 POC and Docker and Analysis write up

This was the first ever Computer Science project that I made back in Class XII (2016). I thought I should upload it on GitHub so that it does not get lost. :)

Fully Featured Time Circuits Display from Back to the Future

Had a tough time playing Microsoft Wordament ? Well WORDament_Solver has your back. It suggests you meaningful words you can use while playing the game and help you top the leaderboard.

This project aims to bring back a productive working environment on Windows 11

VEX v5 Pro program that records driver movements and plays them back during the autonomous period.

CredBandit - Proof of concept Beacon Object File (BOF) that uses static x64 syscalls to perform a complete in memory dump of a process and send that back through your already existing Beacon communication channel

pluggable tool to convert an unrolled TritonAST to LLVM-IR, optimize it and get back to TritonAST

Masters degree research project source code. Might come back to it later.

Owner

Sheng-Hao Ma

My version of psxfunkin with new changes like new story mode, new options,etc

Rebuild YatSenOS On RISC-V 64.

MicroPather is a path finder and A* solver (astar or a-star) written in platform independent C++ that can be easily integrated into existing code. MicroPather focuses on being a path finding engine for video games but is a generic A* solver.

PoC for CVE-2021-28476 a guest-to-host "Hyper-V Remote Code Execution Vulnerability" in vmswitch.sys.

PoC (DoS) for CVE-2021-40449 - Win32k Elevation of Privilege Vulnerability (LPE)

Plex media server local privilige escalation poc - CVE-2021-42835

CVE-2021-4034 POC and Docker and Analysis write up

PoC for PwnKit: Local Privilege Escalation Vulnerability in polkit’s pkexec (CVE-2021-4034)

Proof of Concept (PoC) CVE-2021-4034

PoC for cve-2021-4034