kdmapper icon indicating copy to clipboard operation
kdmapper copied to clipboard
verified publisher icon eddeeh

Not working on Windows 10 Pro x64 Build 1903

Open hy3nA opened this issue 6 years ago • 11 comments

[<] Loading vulnerable driver [-] Failed to get export gdi32full.NtGdiDdDDIReclaimAllocations2 [-] Failed to allocate remote image in kernel [-] Failed to map Driver.sys [<] Unloading vulnerable driver

hy3nA avatar May 23 '19 15:05 hy3nA

Maybe you have a ac running in the background (faceit auto run itself on windows start)

Jerem584 avatar Sep 03 '19 22:09 Jerem584

Like the CONSOLE OUTPUT fucking says, it can't find the "NtGdiDdDDIReclaimAllocations2" function. Use another one, it's an easy fix.

BerkanYildiz avatar Sep 05 '19 23:09 BerkanYildiz

cringe alert

ghost avatar Apr 18 '20 13:04 ghost

NtGdiDdDDIReclaimAllocations2 is in win32u.dll, the function wrapper in gdi32full.dll has been removed. Also, lower down NtGdiDdDDIReclaimAllocations2 is in dxgkrnl.sys.

So you should replace

const auto NtGdiDdDDIReclaimAllocations2 = reinterpret_cast<void*>(GetProcAddress(LoadLibrary("gdi32full.dll"), "NtGdiDdDDIReclaimAllocations2"));

with

const auto NtGdiDdDDIReclaimAllocations2 = reinterpret_cast<void*>(GetProcAddress(LoadLibrary("win32u.dll"), "NtGdiDdDDIReclaimAllocations2"));

and

const uint64_t kernel_NtGdiDdDDIReclaimAllocations2 = GetKernelModuleExport(device_handle, utils::GetKernelModuleAddress("win32kbase.sys"), "NtGdiDdDDIReclaimAllocations2");

with

const uint64_t kernel_NtGdiDdDDIReclaimAllocations2 = GetKernelModuleExport(device_handle, utils::GetKernelModuleAddress("dxgkrnl.sys"), "NtGdiDdDDIReclaimAllocations2");

Not sure if that'll be enough to make this work again though.

chickentuna avatar Jul 26 '20 20:07 chickentuna

I did a test. win10 1904, But bsod occurs.

sysenter0 avatar Jul 28 '20 15:07 sysenter0

Maybe bother understanding the code properly first, jesus fucking christ.

BerkanYildiz avatar Jul 28 '20 15:07 BerkanYildiz

I tried and also got a BSOD. Sorry, there's more going on than what I expected. BerkanYildiz has all the answers of course but has decided to help by motivating us through abuse, rather than the more traditional hints and/or explanations.

chickentuna avatar Jul 29 '20 09:07 chickentuna

You're most likely mapping a driver with invalid project settings and/or non-manualmap designed.

BerkanYildiz avatar Jul 29 '20 14:07 BerkanYildiz

Ok, I'm pretty sure this is what you need KoreaHck: https://github.com/sunriseiscool/kdmapper/commit/f7c4d3bf40046be873792ee85fab8710ff7ef52e

Really, you can just clone that fork and try building again => https://github.com/sunriseiscool/kdmapper

chickentuna avatar Jul 29 '20 20:07 chickentuna

I have already changed win32u, dxg and test yesterday but intel driver was occurs bsod. Today your project will test and notify result. thx

sysenter0 avatar Jul 30 '20 00:07 sysenter0

Does it still has any options with this issue? github profile @chickentuna wrote doesn't work.

Imba6 avatar Nov 09 '21 23:11 Imba6