Exetools  

Go Back   Exetools > General > Source Code

Notices

 
 
Thread Tools Display Modes
Prev Previous Post   Next Post Next
  #1  
Old 04-01-2023, 06:14
vitriol vitriol is offline
Friend
 
Join Date: Jan 2023
Posts: 5
Rept. Given: 0
Rept. Rcvd 1 Time in 1 Post
Thanks Given: 0
Thanks Rcvd at 19 Times in 5 Posts
vitriol Reputation: 1
Talking TS-Fucker

Whats up folks,

this a known technique, still I'm sure you'll find some usefull code in my project.
TS-Fucker will force your machine into TestSigning Mode without having to restart the machine. Theres a nice Symbol available in CI.dll - kernel module that makes this possible. Its just one nibble that needs to be changed.

Code will download symbol file for CI.dll and with that get the Offset.
So it will work on all versions that havent yet blocked dbutil.sys vulnerable driver. (except Win11 with or without vbs??? I've got told, but for whom is interested I can share an article that shows how to get around it for win11)

https://github.com/Flerov/TS-Fucker
Attached Files
File Type: rar TS-Fucker.rar (141.5 KB, 30 views)

Last edited by vitriol; 04-01-2023 at 22:47.
Reply With Quote
The Following User Gave Reputation+1 to vitriol For This Useful Post:
sh3dow (04-03-2023)
The Following 8 Users Say Thank You to vitriol For This Useful Post:
DavidXanatos (04-02-2023), Mendax47 (04-01-2023), MrScotc (04-01-2023), niculaita (04-02-2023), RAMPage (04-02-2023), sh3dow (04-03-2023), Stingered (04-02-2023), tonyweb (04-01-2023)
 

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is On



All times are GMT +8. The time now is 08:13.


Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX, chessgod101
( 1998 - 2024 )