PoC for the SWAPGS attack (CVE-2019-1125)
This repository holds the sources for the SWAPGS attack PoC publicly shown at Black Hat USA, 2019.
- leakgsbkva - variant 1 (look for random values in kernel memory; limited to PE kernel image header)
- leakgsbkvat - variant 2 (extract random values from kernel memory; limited to PE kernel image header)
- whitepaper
- Black Hat USA 2019 presentation
- Visual Studio 2015
- Unpatched Windows x64 (7 or newer)
- Andrei Vlad LUȚAȘ
- Dan Horea LUȚAȘ