Home

Awesome

nullmap

A very simple driver manual mapper based on my older voidmap and CVE-2023-21768 POC by chompie and b33f. Because the underlying IoRing post-exploitation memory r/w primitive is not handling many consequent reads and writes very well, I've decided to overwrite CR4 to disable SMEP/SMAP to execute the driver mapped in usermode. Tested on Windows 11 22H2 (22621.525).

Usage:

nullmap.exe <path_to_driver>

Possible problems:

Video:

video