Exetools

Exetools (https://forum.exetools.com/index.php)
-   x64 OS (https://forum.exetools.com/forumdisplay.php?f=44)
-   -   Disable PatchGuard & Driver Signing (https://forum.exetools.com/showthread.php?t=12628)

Fyyre 01-22-2010 05:38

Disable PatchGuard & Driver Signing
 
1 Attachment(s)
Hello,

This patch is for Windows 7 X64 RTM & Windows 7 SP1. It directly modifies ntoskrnl.exe & winload.exe to remove Microsoft's "PatchGuard" and requirement of driver signing.

This is accomplished by patching 6 bytes inside ntoskrnl.exe and four bytes inside of winload.exe ... it is file patch version of my existing bootkit

I originally made this for myself... wanting to again be able to hook inside of ntoskrnl like with X86 Windows.

Hope that someone find this useful,

-Fyyre

p.s. attachment updated for SP1 -- new attachment added on 8 March, 2011

Pansemuckl 01-23-2010 03:11

Tested on my Win x64. Works perfectly.

metr0 01-23-2010 06:47

Seems like I got not enough permission to access the file, probably due to my different user group. Just some minor setting in the board panel I guess.

Thanks anyway, I guess I already read about it on your page. :)

JMI 01-23-2010 11:24

metr0:

You should be able to download the attachment to Fyyre's post. Your usergroup has permission to download from this forum.

Regards,

quosego 01-23-2010 17:30

Same here actually JMI.. I also get a permission denied.

ahmadmansoor 01-23-2010 18:08

@quosego & metr0 : I have fix the problem .pls try it now .
Thanks for replay

metr0 01-23-2010 21:58

Thanks JMI and ahmadmansoor for the fix, it works fine now. Time to boot into 7 x64! :)

bball0002 01-25-2010 03:47

I can't seem to download this attachment either. Is there a certain amount of posts I'm supposed to have before I can download attachments?

JMI 01-25-2010 04:15

Promotion is a manual process and does not get done on a set schedule. However, your post count qualifies you for promotion to "Trial Member", and they have upload and download privileges.

Please give it a try again.

Regards,

nulli 01-26-2010 16:53

This is exactly what I've been looking for! Thanks for this Fyyre!

bball0002 01-28-2010 07:30

JMI: Works now. Thanks a bunch.

ahmadmansoor 01-30-2010 20:02

@Fyyre : my friend could we see some useful tut in win x64 if that possible ??!!
if u have some time ..of course .
Thanks in adv

Fyyre 02-04-2010 03:43

Hi Ahmadmansoor,

A tutorial to disable the PatchGuard and Driver Signing? Or did you have something else in mind?

-Fyyre

Quote:

Originally Posted by ahmadmansoor (Post 66694)
@Fyyre : my friend could we see some useful tut in win x64 if that possible ??!!
if u have some time ..of course .
Thanks in adv


ahmadmansoor 02-04-2010 16:32

as u know some of guys now begin work on win 64 ...
and we still have many weakness points in dealing with win x64 .
so any new inf or any new tuts r very welcome at this time ,even if it is for beginners .
specially in reversing or debugging or Analyzing (PE)
so if u can write some useful tuts for us about win x64 that will be very welcome and thankful, and I promise u that I will make a special sticky post at the top of this section just for ur tuts .
Thanks in adv for ur nice work ....we will wait ur great work .

Fyyre 02-04-2010 22:32

Hi ahmadmansoor,

Certainly I can make some tutorials for X64 =)

-Fyyre


All times are GMT +8. The time now is 19:30.

Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2024, vBulletin Solutions, Inc.
Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX