ionescu007/hdk ionescu007/hdk

  • Stars
    star
    209
  • Rank 188,325 (Top 4 %)
  • Language
    C
  • License
    Other
  • Created almost 6 years ago
  • Updated about 3 years ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
ionescu007/hdk
github

ionescu007

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

(unofficial) Hyper-V® Development Kit

hdk -- (unofficial) Hyper-V® Development Kit

The HDK is an updated version of the HvGdk.h header file published under MSR-LA as part of the Singularity Research Kernel. It has been updated to add the latest definitions, structures and definitions as described in the Microsoft Hypervisor Top-Level Functional Specification (TLFS) 5.0c published June 2018.

Windows® and Hyper-V® are registered trademarks of Microsoft® Corporation. This repository and its contents are not sponsored or endorsed by the companies mentioned herein.

Motivation

Developing against Hyper-V® is difficult enough without symbols, and we are lucky that the HvGdk.H "leaked" at least once, and that the TLFS 5.0c exists. Unfortunately, the HvGdk.h is quite old, and the TLFS is always delayed by about a year, and does not contain readily usable definitions for programming.

Approach

The original HvGdk.h is modified with the following information:

  • Publicly available definitions/structures defined in the HvGdk.h that shipped with the Windows Driver Kit for Windows 7
  • Publicly available definitions/structures defined in the TLFS -- up to 5.0c for now
    • This also includes inferred data from the TLFS -- for example, hypercalls are documented with their raw parameter/register mapping, but HvGdk.h contains data structures for each call -- these data structures are updated based on the parameter documentation in the TLFS.
  • Publicly available symbol data, when present, from the kernel and certain user-mode binaries

Contributions

This is an ongoing header, and I may have missed many things/made transcription mistakes. Contributions and pull requests are welcome as long as you stay within the confines of the MSR-LA.

Please do not add any proprietary or intellectual property information, as this would pollute the repository. All PRs will be examined for 'sourcing' information and verified to be publicly available.

License / Legal

Based upon my reading of the MSR-LA, it is perfectly legal to redistribute the original header file with modifications, as long as the copyright is kept (it is), modifications are clear, annotated, and date (they are), and you agree to the original license (academic/research use only). I am not a lawyer, so please consult with one if you intend to use this in any way -- but this repository and my changes appear to be covered by MSR-LA.

Please review LICENSE.MD for the full license.

More Repositories

1

SimpleVisor

SimpleVisor is a simple, portable, Intel VT-x hypervisor with two specific goals: using the least amount of assembly code (10 lines), and having the smallest amount of VMX-related code to support dynamic hyperjacking and unhyperjacking (that is, virtualizing the host state from within the host). It works on Windows and UEFI.
C
1,607
star
2

lxss

Fun with the Windows Subsystem for Linux (WSL/LXSS)
C++
831
star
3

SpecuCheck

SpecuCheck is a Windows utility for checking the state of the software mitigations and hardware against CVE-2017-5754 (Meltdown), CVE-2017-5715 (Spectre v2), CVE-2018-3260 (Foreshadow), and CVE-2018-3639 (Spectre v4)
C
559
star
4

VisualUefi

A project for allowing EDK-II Development with Visual Studio
C
444
star
5

winipt

The Windows Library for Intel Process Trace (WinIPT) is a project that leverages the new Intel Processor Trace functionality exposed by Windows 10 Redstone 5 (1809), through a set of libraries and a command-line tool.
C
341
star
6

minlzma

The Minimal LZMA (minlzma) project aims to provide a minimalistic, cross-platform, highly commented, standards-compliant C library (minlzlib) for decompressing LZMA2-encapsulated compressed data in LZMA format within an XZ container, as can be generated with Python 3.6, 7-zip, and xzutils
C
332
star
7

faxhell

A Bind Shell Using the Fax Service and a DLL Hijack
C
317
star
8

Simpleator

Simpleator ("Simple-ator") is an innovative Windows-centric x64 user-mode application emulator that leverages several new features that were added in Windows 10 Spring Update (1803), also called "Redstone 4", with additional improvements that were made in Windows 10 October Update (1809), aka "Redstone 5".
C++
313
star
9

HookingNirvana

Recon 2015 Presentation from Alex Ionescu
C
205
star
10

PrintDemon

PrintDemon is a PoC for a series of issues in the Windows Print Spooler service, as well as potetial misuses of the functionality.
C
196
star
11

clfs-docs

Unofficial Common Log File System (CLFS) Documentation
143
star
12

tpmtool

The TpmTool utility is a simple cross-platform tool for accessing TPM2.0 Non-Volatile (NV) Spaces (Index Values) on compliant systems, with zero dependencies on any TPM2.0 stack. It provides the ability to enumerate, create, delete, query, and lock NV indices, as well as to read and write data stored in them.
C++
133
star
13

wnfun

WNF Utilities 4 Newbies (WNFUN)
Python
87
star
14

hazmat5

Local OXID Resolver (LCLOR) : Research and Tooling
C++
31
star
15

Blackwood-4NT

Blackwood 4NT -- Grand Slam Authentication for Windows NT (10)
26
star
16

smctool

SMC Utility for Apple Macintosh Computers
13
star