README.md

Diskjacker

A proof of concept project which hijacks Hyper-Vs VM Exit handler at runtime using DDMA.

Video

hypervpreview.mp4

How it works

Read at readcc.net, archived at archive.org.

Requirements

1. AMD CPU with Virtualization Capabilities (Intel support in theory possible)
2. Windows 11 24H2 (requires offset update in GetVmcb function in hyperv.hpp otherwise)
3. IOMMU Disabled
4. Hyper-V Enabled

Usage

1. Compile the project using Visual Studio 2022 and WDK.
2. Use a tool like HXD or bintoc to copy the bytes of payload.sys to payloadData inside of payloadBytes.h
3. Run loader passing kernel driver as parameter
4. Run usermode
5. Profit!

Resources

• https://github.com/backengineering/Voyager
• https://github.com/SamuelTulach/SecureHack
• https://github.com/btbd/ddma
• https://github.com/cutecatsandvirtualmachines/DDMA