h33p/vmread

This repository has been archived on 29/Sep/2020
Stars
262
Rank 155,521 (Top 4 %)
Language
C
License
MIT License
Created about 6 years ago
Updated about 4 years ago

h33p/vmread

h33p

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

A library to read/write memory to Windows on KVM

A library to read/write memory to Windows running inside of KVM

End-of-life

This library is not supported anymore. Please use memflow for more up-to-date and versatile VM introspection tools.

wintools.h and mem.h provide most of the functions callable to interract with the Windows VM, while hlapi abstracts everything in a bit simpler to use manner (requires C++).

Rust bindings are available in a separate repository.

Compiling

Minimum language standard: C99 The current example project is in C++, requiring at least C++11 with template support, but the C version also exists, which works fine on a C99 compiler.

Use meson and ninja to compile the example programs

Use make to compile the kernel module

Performance

Internal (QEMU inject) mode is roughly 5 times faster than external mode. However, it is possible to use the kernel module to map the memory space of QEMU into the external process, mitigating the performance penalty. Also, when performing larger reads, the memcpy quickly reaches its peak speed and external mode begins to catch up. Performance numbers are shown below.

Frequent issues

Make sure to use the Q35 chipset on the KVM guest, unless it is running Windows XP. Otherwise, the library may not work correctly. Kmod mapping is not guaranteed to work properly or for extended periods of time if the VM is not set up to use hugepages.

Licensing note

While most of the codebase is under the MIT license, the kernel module (kmem.c file) is licensed under GNU GPLv2.

cglue

Rust ABI safe code generator

UNet-Controller

A CharacterController based controller for Unity's new Networking system

ofps

Optical Flow Processing Stack

Unity-Graphics-Demo

This is a project demonstrating the capabilities of the Unity 3D engine. Everything is taken from all over the place. Links to the original owners are provided.

m0dular-csgo

A performance optimized CSGO HvH hack

vaclog

kvm_explorer

m0dular

kvm-rdtsc-hack

Kernel module to evade KVM's detection through RDTSC timer

kallsyms-mod

Access to kallsyms_lookup_name through the use of kernel livepatch interface

Nuklear-Node-Editor

Node editor for Nuklear immediate mode GUI toolkit

ctti

Rust compile-time type information experiment

kernel-hook

Linux kernel hooking library

vmread-rs

Rust bindings for vmread

side-channels

docker-rosetta2

Run amd64 containers under Rosetta 2 on Apple Silicon machines

memflow-applied

Memflow 0.1.0 tutorials

m0dular-source-sdk

Source SDK for m0dular framework

Instanced-Foliage

csgo-linux-preload

A simple library preloader at the right time for CSGO Linux

dragonskulle

Online 3D Strategy Game Made With Vulkan+Java

rayon-tlsctx

Thread local variables for Rayon thread pools

asciirend

Generic no_std compatible ascii renderer

unitree-docker

Unofficial docker container for unitree robotics ROS setup

systemc

SystemD for ComputerCraft

vimrc

My rather light vim config

linux-mmap

Inventory-System

talks

Various DMA talks for Uni, and maybe more?

mkimg

Simple tool to create raw disk images

django-blog

Personal blog website written in Python+Django

resolve-amdocl-fix

Fixes an issue with an OpenCL extension misbehaving in AMDs implementation.

pwned2-simulation

Solution for pwnEd 2 CTF "simulation" challenge

configs

m0dular-menu

Centre-Switch

dominecraft

vector-trees

Vector backed AVL and B-Trees in Rust

uob-java

Java assignments for 2019 freshers of University of Birmingham.

tarc

Transposable, type-erasable, and FFI-safe Arc

dysonsphere

Allows to choose which star to get from the stardust treasury

libmv

Fork of Libmv from https://developer.blender.org/tag/libmv/ with minimal patches