View previous topic :: View next topic |
Author |
Message |
flarn2006 Advanced Cheater Reputation: 1
Joined: 27 Nov 2012 Posts: 73
|
Posted: Fri Apr 29, 2016 6:57 am Post subject: Technical documentation for DBVM? |
|
|
I saw on this page that DBVM basically adds additional instructions that enable access to kernel mode. Is there any technical documentation on what these instructions are so I can experiment with it? Or is the only option to look at the source code and figure it out myself?
|
|
Back to top |
|
|
Dark Byte Site Admin Reputation: 457
Joined: 09 May 2003 Posts: 25262 Location: The netherlands
|
|
Back to top |
|
|
flarn2006 Advanced Cheater Reputation: 1
Joined: 27 Nov 2012 Posts: 73
|
Posted: Wed May 04, 2016 7:56 pm Post subject: |
|
|
Dark Byte wrote: | https://github.com/cheat-engine/cheat-engine/blob/master/dbvm/vmm/docs/vmcall.txt
Besides that, best look at the source. New stuff has been added and some changes where made (sysenter change is obsolete) |
Exactly what I was looking for. Thanks!
I assume Cheat Engine sets a random password when you start DBVM and stores it somewhere secure, to prevent malware from taking advantage of DBVM being loaded while still enabling CE to make use of it. Am I correct in this assumption? If so, how do I get this password? If not, what's the default?
|
|
Back to top |
|
|
Dark Byte Site Admin Reputation: 457
Joined: 09 May 2003 Posts: 25262 Location: The netherlands
|
Posted: Thu May 05, 2016 1:50 am Post subject: |
|
|
users can change the password themselves if they provide a driver64.dat file, but otherwise it will be the default
p1 default = 0x76543210
p2 default = 0xfedcba98
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
Back to top |
|
|
flarn2006 Advanced Cheater Reputation: 1
Joined: 27 Nov 2012 Posts: 73
|
Posted: Fri May 06, 2016 6:32 pm Post subject: |
|
|
Wouldn't it be better to have it just choose a password randomly, and store it somewhere only a process with admin rights (like Cheat Engine) can access? Otherwise doesn't every user-mode process (including malware) get full kernel access if it was programmed to take advantage of DBVM? I mean the risk isn't too serious considering it already requires code execution on the PC, but if someone's using DBVM on a multi-user system, there's a huge privilege escalation exploit for non-admin users. Plus if something like Native Client can call DBVM, that's a huge risk even on a single-user system.
|
|
Back to top |
|
|
Dark Byte Site Admin Reputation: 457
Joined: 09 May 2003 Posts: 25262 Location: The netherlands
|
Posted: Sat May 07, 2016 12:57 pm Post subject: |
|
|
To load dbvm you need admin rights. (The driver needs to be loaded)
If you're not sure about the other users, then unload dbvm before logging out of your admin account. (Put your comp to sleep will unload it)
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
Back to top |
|
|
|