weewoo22/memflow-shellcode

Shellcode execution for memflow

Zig

TODO

Forcefully load unsigned drivers
Hide kernel debugging state
Load DLL into usermode process (LoadLibrary & manual mapping loader)
Spawn usermode process
Dump disk encryption private key (LUKS & BitLocker)
Bypass windows login screen
Fault trigger (command to raise a page fault for the bounds of any usermode process)

Credits

DMA Attack the Kernel talk by Ulf Frisk