Exetools  

Go Back   Exetools > General > x64 OS

Notices

Reply
 
Thread Tools Display Modes
  #1  
Old 06-01-2017, 06:14
Fyyre's Avatar
Fyyre Fyyre is offline
Fyyre
 
Join Date: Dec 2009
Location: 0°N 0°E / 0°N 0°E / 0; 0
Posts: 217
Rept. Given: 58
Rept. Rcvd 78 Times in 36 Posts
Thanks Given: 91
Thanks Rcvd at 288 Times in 97 Posts
Fyyre Reputation: 78
Universal PatchGuard and Driver Signature Enforcement Disable

Tool created by myself (Fyyre) and long time friend EP_X0FF. It disable driver signing enforcement and Patch Guard on Windows 7, 8 & 10.

https://github.com/hfiref0x/UPGDSED

I highly recommend run patch.exe -nf -- this switch currently avoid bug we are researching when KiFilterFiberContext function is patch directly.

Enjoy,

-Fyyre
__________________
Best Wishes,

Fyyre

--

Slava Ukraini!
"If you think being against genocide is politics, get your head checked."

https://github.com/Fyyre
Reply With Quote
The Following 3 Users Gave Reputation+1 to Fyyre For This Useful Post:
deroko (07-13-2017), giv (06-08-2017), user1 (06-12-2017)
The Following 17 Users Say Thank You to Fyyre For This Useful Post:
abhi93696 (10-29-2017), Asus (06-15-2017), deroko (07-13-2017), giv (06-08-2017), Indigo (07-19-2019), Insid3Code (07-17-2017), JMP-JECXZ (06-01-2017), Kjacky (08-25-2017), niculaita (06-01-2017), ontryit (06-02-2017), papi (06-01-2017), SinaDiR (06-02-2017), Spiderz_Soft (06-09-2017), Stingered (06-21-2022), TechLord (06-13-2017), user1 (06-12-2017), yoza (07-02-2022)
  #2  
Old 06-13-2017, 03:17
niculaita's Avatar
niculaita niculaita is offline
Family
 
Join Date: Jun 2011
Location: here
Posts: 1,300
Rept. Given: 932
Rept. Rcvd 87 Times in 59 Posts
Thanks Given: 3,733
Thanks Rcvd at 473 Times in 334 Posts
niculaita Reputation: 87
this works if in bios we have bios secure enable ?
__________________
Decode and Conquer
Reply With Quote
The Following User Says Thank You to niculaita For This Useful Post:
Indigo (07-19-2019)
  #3  
Old 06-13-2017, 16:16
Fyyre's Avatar
Fyyre Fyyre is offline
Fyyre
 
Join Date: Dec 2009
Location: 0°N 0°E / 0°N 0°E / 0; 0
Posts: 217
Rept. Given: 58
Rept. Rcvd 78 Times in 36 Posts
Thanks Given: 91
Thanks Rcvd at 288 Times in 97 Posts
Fyyre Reputation: 78
Quote:
Originally Posted by niculaita View Post
this works if in bios we have bios secure enable ?
Secureboot? Sorry, no.
__________________
Best Wishes,

Fyyre

--

Slava Ukraini!
"If you think being against genocide is politics, get your head checked."

https://github.com/Fyyre
Reply With Quote
The Following 2 Users Say Thank You to Fyyre For This Useful Post:
Indigo (07-19-2019), niculaita (06-14-2017)
  #4  
Old 08-22-2017, 08:33
KNARZ KNARZ is offline
Friend
 
Join Date: Jan 2017
Posts: 28
Rept. Given: 0
Rept. Rcvd 2 Times in 1 Post
Thanks Given: 6
Thanks Rcvd at 24 Times in 12 Posts
KNARZ Reputation: 2
Nice, is there any advantage over WindowsD ?
Reply With Quote
The Following User Says Thank You to KNARZ For This Useful Post:
Indigo (07-19-2019)
  #5  
Old 08-22-2017, 18:29
mr.exodia's Avatar
mr.exodia mr.exodia is offline
Super Moderator
 
Join Date: Nov 2011
Posts: 859
Rept. Given: 500
Rept. Rcvd 1,155 Times in 309 Posts
Thanks Given: 95
Thanks Rcvd at 766 Times in 364 Posts
mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299
From what I can tell WindowsD (https://github.com/katlogic/WindowsD) does not disable PatchGuard.
__________________
x64dbg: http://x64dbg.com
My Blog: http://mrexodia.cf
Reply With Quote
The Following 2 Users Say Thank You to mr.exodia For This Useful Post:
Indigo (07-19-2019), niculaita (08-22-2017)
  #6  
Old 06-20-2022, 14:12
Gelip Gelip is offline
Friend
 
Join Date: Jun 2022
Posts: 4
Rept. Given: 0
Rept. Rcvd 0 Times in 0 Posts
Thanks Given: 0
Thanks Rcvd at 0 Times in 0 Posts
Gelip Reputation: 0
This patch does not work with Win7 SP1. I tried both versions 1.1.2 and 1.2.1 on the Administrator account with or without -nf switch but always error:
Code:
Universal PatchGuard and Driver Signature Enforcement Disable

WARNING: Using this tool might render your PC to an unbootable state.
If you want to continue type CONTINUE (all uppercase) and press Enter

CONTINUE
Patch: Windows Version: 6.1.7601, LegacyBIOS

Patch: Symbol dlls extracted successfully.
Patch: Dbghelp initialized.
Patch: Copy files to %TEMP%
Patch: Copy success
Patch: Scanning ntoskrnl for patterns

Patch: Ntoskrnl version: 6.1.7601.17514

-> SeValidateImageData          0031F6F9
-> CcInitializeBcbProfiler      004D1540

Patch: Cannot query KeInitAmd64SpecificState offset: Nie można ukończyć wykonywa
nia tej funkcji.

Patch: Cannot locate patch offsets for ntoskrnl.
Patch: Press Enter to exit
P.S. Fortunately, the old version of patch from 2012 - no_pg_ds_v3 works without a problem
Attached Images
File Type: png upgdsed.png (18.9 KB, 4 views)
File Type: png no_ds_pg.png (17.6 KB, 2 views)

Last edited by Gelip; 06-20-2022 at 14:27.
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Disable PatchGuard & Driver Signing Fyyre x64 OS 53 10-14-2013 01:30
Defeating patchguard and 64bit kernel-mode protections chaboyd General Discussion 1 02-05-2006 07:36
Why?the kb is disable 3boy General Discussion 1 09-03-2003 20:22


All times are GMT +8. The time now is 20:10.


Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX, chessgod101
( 1998 - 2022 )