This repository has been archived by the owner on Sep 1, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 31
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
1 changed file
with
0 additions
and
92 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,92 +0,0 @@ | ||
| vcpu-0 INFO: The Matrix is an illusion | ||
| vcpu-0 DEBUG: Zapping relocations | ||
| vcpu-0 DEBUG: Image base: 0xdfb8000..0xe00d000 | ||
| vcpu-0 DEBUG: Starting hypervisor on all processors | ||
| vcpu-0 WARN: Hyper-V feature is enabled | ||
| vcpu-0 DEBUG: Is virtualized: false | ||
| vcpu-0 DEBUG: Virtualizing the system | ||
| vcpu-0 DEBUG: Allocating stack space for host | ||
| vcpu-0 DEBUG: Stack range: 0xafb7000..0xdfb6ff0 | ||
| vcpu-0 DEBUG: Starting hypervisor | ||
| vcpu-0 INFO: CPU is Intel | ||
| vcpu-0 INFO: Virtual Machine Extension (VMX) technology is supported | ||
| vcpu-0 INFO: Memory Type Range Registers (MTRRs) are supported | ||
| vcpu-0 INFO: Extended Page Tables (EPT) are supported | ||
| vcpu-0 DEBUG: CPU is supported | ||
| vcpu-0 DEBUG: VMX enabled | ||
| vcpu-0 DEBUG: Building identity map for page tables | ||
| vcpu-0 DEBUG: Identity map built successfully | ||
| vcpu-0 DEBUG: Creating a new GDT with TSS for host | ||
| vcpu-0 DEBUG: New GDT with TSS created for host successfully! | ||
| vcpu-0 DEBUG: Creating a new GDT with TSS for guest | ||
| vcpu-0 DEBUG: New GDT with TSS created for guest successfully! | ||
| vcpu-0 DEBUG: Setting up Guest Registers State | ||
| vcpu-0 DEBUG: Guest Registers State setup successfully! | ||
| vcpu-0 DEBUG: Setting up Host Registers State | ||
| vcpu-0 DEBUG: Host Registers State setup successfully! | ||
| vcpu-0 DEBUG: Setting up VMCS Control Fields | ||
| vcpu-0 DEBUG: VMCS Control Fields setup successfully! | ||
| vcpu-0 DEBUG: VMCS activated | ||
| vcpu-0 INFO: Launching the VM until a vmexit occurs... | ||
| vcpu-0 DEBUG: Is virtualized: true | ||
| vcpu-0 DEBUG: Handling XSETBV VM VM exit... | ||
| vcpu-0 DEBUG: XSETBV VM exit handled successfully! | ||
| vcpu-0 DEBUG: Handling XSETBV VM VM exit... | ||
| vcpu-0 DEBUG: XSETBV VM exit handled successfully! | ||
| vcpu-0 DEBUG: Handling XSETBV VM VM exit... | ||
| vcpu-0 DEBUG: XSETBV VM exit handled successfully! | ||
| vcpu-0 DEBUG: Handling XSETBV VM VM exit... | ||
| vcpu-0 DEBUG: XSETBV VM exit handled successfully! | ||
| vcpu-0 DEBUG: Handling MSR VM exit... | ||
| vcpu-0 DEBUG: MSR VMEXIT handled successfully. | ||
| vcpu-0 DEBUG: Handling XSETBV VM VM exit... | ||
| vcpu-0 DEBUG: XSETBV VM exit handled successfully! | ||
| vcpu-0 DEBUG: Handling commands | ||
| vcpu-0 DEBUG: Client data pointer: 0x35e407080 | ||
| vcpu-0 DEBUG: Client data: ClientData { command: EnableSyscallEptHook, function_hash: None, syscall_number: Some(54) } | ||
| vcpu-0 DEBUG: Setting up EPT hook for syscall: 54 | ||
| vcpu-0 DEBUG: Kernel base address: 0x3800000 | ||
| vcpu-0 DEBUG: Kernel size: 17063936 | ||
| vcpu-0 DEBUG: Creating EPT hook for function at VA: 0xfffff806133f79f0 | ||
| vcpu-0 DEBUG: Guest function PA: 0x3df79f0 | ||
| vcpu-0 DEBUG: Guest page PA: 0x3df7000 | ||
| vcpu-0 DEBUG: Guest large page PA: 0x3c00000 | ||
| vcpu-0 DEBUG: Splitting 2MB page to 4KB pages for Primary EPT: 0x3c00000 | ||
| vcpu-0 DEBUG: Copying guest page to shadow page: 0x3df7000 | ||
| vcpu-0 DEBUG: Shadow Function PA: 0xaaac9f0 | ||
| vcpu-0 DEBUG: Installing inline hook at shadow function PA: 0xaaac9f0 | ||
| vcpu-0 DEBUG: Changing Primary EPT permissions for page to Read-Write (RW) only: 0x3df7000 | ||
| vcpu-0 DEBUG: EPT hook created and enabled successfully | ||
| vcpu-0 DEBUG: Handling VMCALL VM exit... | ||
| vcpu-0 INFO: NtQuerySystemInformation called with parameters: SystemInformationClass: SystemBasicInformation, SystemInformation: 0x000000cf7587e4b0, SystemInformationLength: 64, ReturnLength: 0x0000000000000000 | ||
| vcpu-0 DEBUG: Handling VMCALL VM exit... | ||
| vcpu-0 INFO: NtQuerySystemInformation called with parameters: SystemInformationClass: SystemProcessorInformation, SystemInformation: 0x000000cf7587e4a0, SystemInformationLength: 12, ReturnLength: 0x0000000000000000 | ||
| vcpu-0 ERROR: [-] Panic in hypervisor\src\vmm.rs at (127, 90): | ||
| vcpu-0 ERROR: [-] Failed to handle Monitor Trap Flag: ShadowPageNotFound | ||
|
|
||
|
|
||
| ``` | ||
| kd> u ntdll!NtQuerySystemInformation | ||
| ntdll!NtQuerySystemInformation: | ||
| 00007ffd`517ad760 4c8bd1 mov r10,rcx | ||
| 00007ffd`517ad763 b836000000 mov eax,36h | ||
| 00007ffd`517ad768 f604250803fe7f01 test byte ptr [SharedUserData+0x308 (00000000`7ffe0308)],1 | ||
| 00007ffd`517ad770 7503 jne ntdll!NtQuerySystemInformation+0x15 (00007ffd`517ad775) | ||
| 00007ffd`517ad772 0f05 syscall | ||
| 00007ffd`517ad774 c3 ret | ||
| 00007ffd`517ad775 cd2e int 2Eh | ||
| 00007ffd`517ad777 c3 ret | ||
|
|
||
|
|
||
|
|
||
| kd> u nt!NtQuerySystemInformation | ||
| nt!NtQuerySystemInformation: | ||
| fffff806`133f79f0 4053 push rbx | ||
| fffff806`133f79f2 4883ec30 sub rsp,30h | ||
| fffff806`133f79f6 4533d2 xor r10d,r10d | ||
| fffff806`133f79f9 458bd8 mov r11d,r8d | ||
| fffff806`133f79fc 664489542440 mov word ptr [rsp+40h],r10w | ||
| fffff806`133f7a02 488bda mov rbx,rdx | ||
| fffff806`133f7a05 83f94a cmp ecx,4Ah | ||
| fffff806`133f7a08 7c24 jl nt!NtQuerySystemInformation+0x3e (fffff806`133f7a2e) | ||
| ``` | ||