Exetools  

Go Back   Exetools > General > General Discussion
Reload this Page Signing a Windows Kernel driver without using Microsoft
Register Forum Rules FAQ Calendar Mark Forums Read

Notices

 
 
Thread Tools Display Modes
Prev Previous Post   Next Post Next
  #14  
Old 01-27-2023, 23:06
Kerlingen Kerlingen is offline
VIP
  
Join Date: Feb 2011
Posts: 338
Rept. Given: 0
Rept. Rcvd 278 Times in 100 Posts
Thanks Given: 0
Thanks Rcvd at 358 Times in 110 Posts
Kerlingen Reputation: 200-299 Kerlingen Reputation: 200-299 Kerlingen Reputation: 200-299
Quote:
Originally Posted by chants View Post
There is always hacking the private key of a trusted signing authority.
No, there is not. The only trusted authority which has ever existed is Microsoft itself and all intermediate cross-certificates signed by Microsoft have expired at least two years ago.

Quote:
Originally Posted by chants View Post
Also you could crack Windows to not check, although if on EFI, might have to hack that private key as well. Or fallback to MBR.
If you don't want Windows to check driver signatures on your own computer, then you can just turn it off. Windows provides several official ways to load drivers without proper signatures, but they are all limited to your computer and will not work when trying to distribute the driver to regular Windows systems without modifications. Microsoft is not like Apple, so Windows still allows you to switch off security features.

Quote:
Originally Posted by Elisa3167 View Post
Another thing you could do... Fake the timestamp-server response.
And why would Windows trust your fake timeserver's signature? Also, as explained above, the timestamp doesn't really matter for kernel driver signatures.
Reply With Quote
The Following 3 Users Say Thank You to Kerlingen For This Useful Post:
Stingered (01-28-2023), tonyweb (01-29-2023), yoza (01-27-2023)
 

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Threaded Mode Threaded Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Disable PatchGuard & Driver Signing Fyyre x64 OS 61 04-21-2025 02:12
Patching in your own kernel signing certificate tame_mpeg General Discussion 11 09-28-2024 02:11
Hades:Windows kernel driver lets reverse engineers monitor user and kernel mode code sh3dow Source Code 0 05-12-2016 03:15
Driver Signing on x64 Windows _MAX_ x64 OS 7 10-22-2012 15:47


All times are GMT +8. The time now is 23:57.

Aaron's homepage - Top

Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX, chessgod101
( Since 1998 )