Skip to content

badewen/Growtopia-Dumps

Repository files navigation

Growtopia-Dumps

Growtopia can be dumped with kernel mode dumper.
you might find azure secret keys inside these string dumps

How to dump

There are 2 methods for dumping

First method (easiest)

Second method (last resort)

  • use EfiGuard to disable the DSE (further details is in the EfiGuard repos)
  • copy KsDumperDriver.sys from KsDumper to C:\Windows\System32\drivers
  • run the command sc create KsDumper binPath= %systemroot%\system32\drivers\KsDumperDriver.sys type= kernel to install the driver (or service)
  • run this command to start the driver (service? dumper?) sc start KsDumper
  • profit

Limitations

  • cant be run (well, you are going to use this for static code analysis dont you?)

Credits

https://github.com/Mattiwatti/EfiGuard
https://github.com/EquiFox/KsDumper
https://github.com/mastercodeon314/KsDumper-11
https://github.com/mrexodia/TitanHide

About

Growtopia dumped from memory

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published