Cryptiiiic/How to find OFFSET_ZONE_MAP for v0rtex.md

Created December 9, 2017 19:01

Star () You must be signed in to star a gist
Fork () You must be signed in to fork a gist

Learn more about clone URLs
Clone this repository at <script src="https://gist.github.com/Cryptiiiic/d0d64cde0cbd92892f034b6d22d51e2e.js"></script>
Save Cryptiiiic/d0d64cde0cbd92892f034b6d22d51e2e to your computer and use it in GitHub Desktop.

Download ZIP

Guide to finding the Zone Map offset for v0rtex

Raw

How to find OFFSET_ZONE_MAP for v0rtex.md

Open your decompressed kernel in hopper.
Go to the string tab and search for zone_init: kmem_suballoc failed
Click the result that came up. You are going to want to double click on the DATA XREF=sub_fffffff.
Double click on the DATA XREF to the very far right of the location you landed on.
The offset will be the first qword above the location you jumped to.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment