December 24, 2023 at 12:28PM

Exploring Hell’s Gate.

Hell’s Gate makes it possible to execute direct syscalls based on dynamically retrieving the required SSNs via a combination of walking the Process Environment Block (PEB), parsing the Export Address Table (EAT) from ntdll.dll, opcode comparison from the syscall stub of the native functions and extracting the SSNs.