Patching in your own kernel signing certificate

Fyyre · #1 09-27-2024, 17:58

Quote:

Originally Posted by Kerlingen

This is also total nonsense. The root certificates for kernel signing are hard-coded in the executable files, they are never read from the trusted roots store. The whole article seems to focus on removing certificate warnings in the GUI, a part which has absolutely nothing to do with the decision if a kernel driver is permitted to load or not.

Right.. GUI warnings are not important.

Whole point of UPGDSED was to implement my "six byte pg/ds kill" in a more eleoquent manner.

Motivation came from wanting to keep making utility rootkits for x64 Windows - when Microsoft came out with signing for drivers. Signing is much bigger ass pain than KPP .. disable of KPP is same last version of Windows 11 I check...

Neat people still want to do this. Personally, I never cared enough to mess with the UEFI crap... not so sure its going to be all that different with it..

change exection flow, change the world.

Thread Tools
Show Printable Version Email this Page
Display Modes
Switch to Linear Mode Hybrid Mode Switch to Threaded Mode

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
Signing a Windows Kernel driver without using Microsoft	Stingered	General Discussion	21	02-17-2023 22:09
Hades:Windows kernel driver lets reverse engineers monitor user and kernel mode code	sh3dow	Source Code	0	05-12-2016 03:15

The Following User Says Thank You to Fyyre For This Useful Post:
niculaita (09-27-2024)