Thread: TS-Fucker
View Single Post
  #1  
Old 04-01-2023, 06:14
vitriol vitriol is offline
Friend
  
Join Date: Jan 2023
Posts: 5
Rept. Given: 0
Rept. Rcvd 1 Time in 1 Post
Thanks Given: 0
Thanks Rcvd at 19 Times in 5 Posts
vitriol Reputation: 1
Talking TS-Fucker
Whats up folks,

this a known technique, still I'm sure you'll find some usefull code in my project.
TS-Fucker will force your machine into TestSigning Mode without having to restart the machine. Theres a nice Symbol available in CI.dll - kernel module that makes this possible. Its just one nibble that needs to be changed.

Code will download symbol file for CI.dll and with that get the Offset.
So it will work on all versions that havent yet blocked dbutil.sys vulnerable driver. (except Win11 with or without vbs??? I've got told, but for whom is interested I can share an article that shows how to get around it for win11)

https://github.com/Flerov/TS-Fucker
Attached Files
File Type: rar TS-Fucker.rar (141.5 KB, 30 views)
Last edited by vitriol; 04-01-2023 at 22:47.
Reply With Quote
The Following User Gave Reputation+1 to vitriol For This Useful Post:
sh3dow (04-03-2023)
The Following 8 Users Say Thank You to vitriol For This Useful Post:
DavidXanatos (04-02-2023), Mendax47 (04-01-2023), MrScotc (04-01-2023), niculaita (04-02-2023), RAMPage (04-02-2023), sh3dow (04-03-2023), Stingered (04-02-2023), tonyweb (04-01-2023)