Skip to content

Latest commit

 

History

History
executable file
·
49 lines (40 loc) · 1.08 KB

README.md

File metadata and controls

executable file
·
49 lines (40 loc) · 1.08 KB

VmxHijack

Header-only VMWare Backdoor API Implementation & Effortless VMX Patcher for Custom Guest-to-Host RPCs


Sample

// --- RPC Server Code (VmxHijack/vmx.hpp)
//
bool vmx_log_handler(
	uint64_t vcpuid, void* vcpuctx,
	const char* data, uint32_t length,
	const void** out, uint32_t* out_length )
{
    // Insert the message prefix.
    //
	std::string msg = "[vmx] vcpu-" + std::to_string( vcpuid ) + ": ";
	msg.insert( msg.end(), data, data + length );

	// Print onto the host console and DebugView.
	//
	OutputDebugStringA( msg.c_str() );
	logger::print<CON_BRG>( "%s\n", msg.c_str() );

	// Write dummy output.
	//
	*out = "OK";
	*out_length = 2;
	return true;
}



// --- RPC Client Code (Any guest application/driver/hypervisor)
//
extern "C" int32_t DriverEntry()
{
	auto [success, reply] = vmx::send( "Hello from guest Ring0 to Host!" );
	DbgPrint( "=> %s\n", reply.c_str() );
	return -1;
}