Need help with access?
Click the “chat” button below for chat support from the developer who created it, or find similar developers for support.

About the developer

btbd
413 Stars 137 Forks 6 Commits 6 Opened issues

Description

Access without a real handle

Services available

!
?

Need anything else?

Contributors list

# 101,613
C
Shell
specifi...
Serverl...
6 commits

access - noseh

A simple syscall wrapper that requires no handles to perform operations with

PROCESS_ALL_ACCESS
privilege.

This branch is the modified version that uses no SEH, but still does safe operations (results in slower execution). This branch also utilizes a different syscall hook for communication via a

.data
section modification in the kernel.

Usage

  1. Load the driver.
  2. Load the DLL (wrapper) into a program that needs to open a handle to a protected process.
  3. The program can now perform privileged operations without creating a real handle.

Demo

Demo with Fortnite and Cheat Engine

Note

  • The wrapper is designed to be loaded in a x64 process and only implements the syscalls that pertain to my workflow.
  • Only tested on Windows 10 1903, 1809, and 1803.

We use cookies. If you continue to browse the site, you agree to the use of cookies. For more information on our use of cookies please see our Privacy Policy.