evil-mhyprot-cli
Mhyprot2DrvControl
evil-mhyprot-cli | Mhyprot2DrvControl | |
---|---|---|
3 | 2 | |
299 | 333 | |
- | - | |
2.6 | 4.3 | |
almost 3 years ago | over 3 years ago | |
C++ | C# | |
MIT License | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
evil-mhyprot-cli
-
Daily Questions Megathread (August 30, 2022)
It's real. It's possible to hijack genshin's anticheat driver, mhyprot3.sys to gain kernel-level access, and since it's a verified legit driver it gets past antivirus. Here's a proof of concept made over a year ago https://github.com/kkent030315/evil-mhyprot-cli
- Hoyoverse claims that requiring admin permission is perfectly normal, refuses to explain what Genshin needs it for
-
Tim Sweeney has a point about Fortnite EAC support
Depends on what you call damage, I guess. Sometimes anti-cheat software is vulnerable and other times these companies are just not trustworthy enough to believe they won't pull a Sony BMG.
Mhyprot2DrvControl
-
Ransomware abuses Genshin Impact's kernel mode anti-cheat to bypass antivirus protection
Code seems to already to have been developed to use it 2 years ago: https://github.com/kagurazakasanae/Mhyprot2DrvControl
-
Microsoft admits to signing rootkit malware in supply-chain fiasco
Here's a PoC for it on GitHub, you can read the code, it's pretty much just an IOCTL for each operation. Check Driver/MhyProt2.cs.
https://github.com/kagurazakasanae/Mhyprot2DrvControl
What are some alternatives?
ViGEmBus - Windows kernel-mode driver emulating well-known USB game controllers.
BetterJoy - Allows the Nintendo Switch Pro Controller, Joycons and SNES controller to be used with CEMU, Citra, Dolphin, Yuzu and as generic XInput
GarHal_CSGO - A project that demonstrates how to screw with CSGO from Kernel Space. (CSGO Kernel Cheat/Hack) All cleaned up, and with updated offsets.
winfsp - Windows File System Proxy - FUSE for Windows
BsodSurvivor - This project aims to facilitate debugging a kernel driver in windows by adding support for a code change on the fly without reboot/unload, and more!
LenovoController - 🎮 A lightweight alternative to Lenovo Vantage
herpaderping - Process Herpaderping proof of concept, tool, and technical deep dive. Process Herpaderping bypasses security products by obscuring the intentions of a process.
HackSysExtremeVulnerableDriver - HackSys Extreme Vulnerable Driver (HEVD) - Windows & Linux
ds3-nrssr-rce - Documentation and proof of concept code for CVE-2022-24125 and CVE-2022-24126.
DOOM - DOOM Open Source Release
MhyprotDriver - [UnavailableForLegalReasons - Repository access blocked]
VectorKernel - PoCs for Kernelmode rootkit techniques research.