|
|
|
|
#1
01-27-2023, 00:00
|
|||
|
|||
|
This is explains a lot (why hxxps://github.com/utoni/PastDSE doesn't work anymore, for example).
I don't know if this is possible, but if there was a "tool" (not from Digicert or similar companies) that generated a x509 SHA256 self-signed cert, then this could technically work? Thanks again for the explanation. Last edited by Stingered; 01-27-2023 at 00:10. 
|
|
#2
01-27-2023, 00:49
|
|||
|
|||
|
There are a lot of tools available which generate self-signed certificates, but Windows will never trust them, since they are not signed by Microsoft. Technically, even the old "kernel driver signing" certificates you bought at some certificate authority were signed by Microsoft. They were not signed directly, but Microsoft cross-signed the authority's intermediate certificate and you had to include this certificate with your signature.
This way, the certificate tree received a second "root". While the primary root certificate would be accepted by normal application software (for example, verifying the signature in Windows Explorer), it would fail the certificate check in the Windows kernel driver loader. After that, the second root certificate would be checked, traced back to a trusted Microsoft certificate (hardcoded in the loader) and permit the driver to load.
|
 |
| Thread Tools | |
| Display Modes | |
|
|
Similar Threads
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| Disable PatchGuard & Driver Signing | Fyyre | x64 OS | 61 | 04-21-2025 02:12 |
| Patching in your own kernel signing certificate | tame_mpeg | General Discussion | 11 | 09-28-2024 02:11 |
| Hades:Windows kernel driver lets reverse engineers monitor user and kernel mode code | sh3dow | Source Code | 0 | 05-12-2016 03:15 |
| Driver Signing on x64 Windows | _MAX_ | x64 OS | 7 | 10-22-2012 15:47 |
Hybrid Mode
