A nim re-write of Terminator that allows for loading the driver via either service creation or NtLoadDriver api call. The driver is embeded into the executable and will be dropped to disk. The executable also embeds and drops kernel_exec.exe
which exploits a different vuln in the zemana driver to elevate to SYSTEM (CVE-2021-31728)
Build:
nimble build
Cleanup currently does not work for either the service or the NtLoadDriver methods...
Manualy cleanup the service:
sc stop zTerm
sc delete zTerm
Manualy cleanup the NtLoadDriver:
Restart the system lol