ByePG on Win10x64 19041 #21
Description
I'm currently running ByePG (ExHook) on a VMWare machine with Win10 and WinDBG attached through serial port.
First issue was on finding ntoskrnl base address in Internals::Resolve() but fixed adding a check on valid address in the "if" statement when checking the e_magic fields.
Now I get stuck on ExceptionHandler::Initialize when executing the KeIpiGenericCall. WinDBG froze and I didn't know how to proceed to resolve this.
Edit: It looks like this cope with WinDBG. In fact, running without debugger attached I can see the logs message that let me understand It exits from ByePgInitialise. But at the If statement in ExHook main, it returns. So probably ByePgInitialize returns the wrong value, in fact it return STATUS_DEVICE_NOT_CONNECTED.
Any suggestions?