Crypt/modify a .sys ?

#1 12-01-2010, 08:17

Hi,
Can someone help me with few information's please ?

1.How to crypt a .sys file ?(I try aspack, but after crypt stop working, windows didn't accept

).
2.How to modify size for a .sys ?(I know an exe/dll few methods) but for .sys after I modify stop working.
3.Have someone a ring 0 dll injector for 64 bit ?(rootkit method

) ?

10x in advance !

yogi_saw · #2 12-01-2010, 11:36

u will to have fix the checksum after modifying sys to make it work use petools or any pe editor to correct checksum

D-Jester · #3 12-01-2010, 21:41

Quote:

Originally Posted by J4H

Hi,
Can someone help me with few information's please ?

1.How to crypt a .sys file ?(I try aspack, but after crypt stop working, windows didn't accept

).

Code Virtualizer

Quote:

Originally Posted by J4H

2.How to modify size for a .sys ?(I know an exe/dll few methods) but for .sys after I modify stop working.

As yogi_saw mentioned, update checksum.

Quote:

Originally Posted by J4H

3.Have someone a ring 0 dll injector for 64 bit ?(rootkit method

) ?

x64 requires digital signatures on all drivers

Fyyre · #4 12-01-2010, 23:25

Quote:

Originally Posted by J4H

1.How to crypt a .sys file ?(I try aspack, but after crypt stop working, windows didn't accept

).

Write your own, or use something like Code Virtualizer.

Quote:

Originally Posted by J4H

2.How to modify size for a .sys ?(I know an exe/dll few methods) but for .sys after I modify stop working.

Why want to modify size of driver?

Quote:

Originally Posted by J4H

3.Have someone a ring 0 dll injector for 64 bit ?(rootkit method

) ?

You will have to port for x64 -->> InjectAPC

-Fyyre

D-Jester · #5 12-02-2010, 00:35

@Fyyre: Off topic, but who is that chick in your Avatar?

Av0id · #6 12-02-2010, 13:33

vmprotect can protect drivers

Fyyre · #7 12-03-2010, 01:46

Quote:

Originally Posted by D-Jester

@Fyyre: Off topic, but who is that chick in your Avatar?

Me, of course ;)

#8 12-03-2010, 02:09

10x for your great information's guys and girls

Have someone to share a good Code Virtualizer or vmprotect ? I have an old version of Code Virtualizer but seem to not work

I'm not so skilled like you guys and girls but an little tutorial: how to update/rebuild the checksum after I pack/crypt ?

I need to modify size for prevent a stupid detection method who check size&CRC, CRC to modify is simple in fact but if I modify size or CRC the windows don't accept my .sys

tell me: isn't a win 32 bit

Edit:

I solve the problem for 32 bit platform (IDA Pro(.MAP File) + Code Virtualizer) so 10x for great information guys and girls !
So only for made a comparison, have someone vmprotect ?(last version?)

A little tutorial: how to update/rebuild the checksum after I pack/crypt ?(to learn for myself)

Solved CRC&Size

Av0id · #9 12-03-2010, 15:30

look inside software release section and you will find everything you want

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
Can I crypt the ASProtect section ?	H22H	General Discussion	2	01-14-2005 06:08

The Following User Gave Reputation+1 to D-Jester For This Useful Post: