Changelog:
- add dumping some internals of ci.dll (like g_CiOptions & g_CiKernelApis). Thanks to Alex Ionescu for this idea
- add dumping of BootEnvironmentInformation (5th dword from ExpBootEnvironmentInformation used in many interesting functions like SepIsMinTCB, he-he)
- add dumping of EPROCESS.SignatureLevel & EPROCESS.SectionSignatureLevel (w8 only)
- some bugs were fixed
Комментариев нет:
Отправить комментарий