Search found 4 matches

by djnemo
Sat Feb 16, 2013 7:15 pm
Forum: Reverse Engineering and Debugging
Topic: Symantec arbitrary memory overwrite vulnerability
Replies: 1
Views: 4989

Re: Symantec arbitrary memory overwrite vulnerability

Hi,
Can you please upload vulnerable file ?

thanks
by djnemo
Thu Sep 06, 2012 7:44 am
Forum: Kernel-Mode Development
Topic: Driver Signing for x64 Windows
Replies: 5
Views: 8804

Re: Driver Signing for x64 Windows

Hello,

Is there anyway to sign the driver locally or fake the cert some how ?(to load it in normal boot) ?

Thnk you for all your nice replies
by djnemo
Fri Aug 31, 2012 12:35 am
Forum: Kernel-Mode Development
Topic: Driver Signing for x64 Windows
Replies: 5
Views: 8804

Driver Signing for x64 Windows

Hi KernelMode, i have a project that contain a kernel driver as part of the project and we want to install this kernel module on 10 to 20 client computer as we do not have enough budget to buy a licence i was looking for a free or more cheaper way to load my kernel module in x64 version of windows i...
by djnemo
Sun Aug 26, 2012 8:55 pm
Forum: Malware
Topic: Hikit backdoor used in APT attacks
Replies: 6
Views: 8681

Re: Hikit backdoor used in APT attacks

when i was reading analysis of hikit i didnt understand one thing , hikit add cert with certmgr.exe to system certmgr.exe -add GlobalSign.cer -c -s -r localMachine Root certmgr.exe -add GlobalSign.cer -c -s -r localMachineTrustedPublisher as far as i know only this two command and some registry chan...