DSEFix - Defeating x64 Driver Signature Enforcement

Forum for announcements and questions about tools and software.
User avatar
EP_X0FF
Global Moderator
Posts: 4788
Joined: Sun Mar 07, 2010 5:35 am
Location: Russian Federation
Contact:

Re: Update 15 dec 2014

Post by EP_X0FF » Sat Mar 07, 2015 8:40 am

GLOBALBANFIXED wrote:What version of VBox driver you use?
Where?
Ring0 - the source of inspiration

SelectHF2
Posts: 1
Joined: Sat Mar 07, 2015 1:25 pm

Re: DSEFix - Defeating x64 Driver Signature Enforcement

Post by SelectHF2 » Sat Mar 07, 2015 1:27 pm

So i would need to use a Vbox to do this?

GLOBALBANFIXED
Posts: 3
Joined: Thu Mar 05, 2015 6:44 pm

Re: Update 15 dec 2014

Post by GLOBALBANFIXED » Sat Mar 07, 2015 1:29 pm

EP_X0FF wrote:
GLOBALBANFIXED wrote:What version of VBox driver you use?
Where?
In last dsefix (ultra4.sys) version. Ultra4.sys this is VBoxDrv .sys (ver?) ? Or another selfmade driver?

P.S. Thanks for this app, really make life easier :twisted:

User avatar
EP_X0FF
Global Moderator
Posts: 4788
Joined: Sun Mar 07, 2010 5:35 am
Location: Russian Federation
Contact:

Re: DSEFix - Defeating x64 Driver Signature Enforcement

Post by EP_X0FF » Sat Mar 07, 2015 1:32 pm

SelectHF2 wrote:So i would need to use a Vbox to do this?
No.
GLOBALBANFIXED wrote:In last dsefix (ultra4.sys) version. Ultra4.sys this is VBoxDrv .sys (ver?) ? Or another selfmade driver?
1.6
Ring0 - the source of inspiration

warezjoe19
Posts: 1
Joined: Wed Mar 04, 2015 8:43 pm

Re: DSEFix - Defeating x64 Driver Signature Enforcement

Post by warezjoe19 » Sat Mar 07, 2015 2:26 pm

Thanks for this. Super helpful tool.

User avatar
EP_X0FF
Global Moderator
Posts: 4788
Joined: Sun Mar 07, 2010 5:35 am
Location: Russian Federation
Contact:

Re: DSEFix - Defeating x64 Driver Signature Enforcement

Post by EP_X0FF » Tue Mar 10, 2015 11:00 am

Latest version published on GitHub https://github.com/hfiref0x/DSEFix, further updates (if any) will be posted on git also.
Ring0 - the source of inspiration

GLOBALBANFIXED
Posts: 3
Joined: Thu Mar 05, 2015 6:44 pm

Re: DSEFix - Defeating x64 Driver Signature Enforcement

Post by GLOBALBANFIXED » Wed Mar 11, 2015 4:10 am

EP_X0FF wrote:Latest version published on GitHub https://github.com/hfiref0x/DSEFix, further updates (if any) will be posted on git also.
Thx! you are cool!
"Спасибо, ты крут!)"

aionescu
Posts: 13
Joined: Sun Aug 14, 2011 1:55 pm

Re: DSEFix - Defeating x64 Driver Signature Enforcement

Post by aionescu » Sun Aug 30, 2015 11:25 pm

Why not just use the Windows 8+ unfixed 0 day from my Infiltrate talk? With the technique I presented, you can easily disable DSE :)

User avatar
EP_X0FF
Global Moderator
Posts: 4788
Joined: Sun Mar 07, 2010 5:35 am
Location: Russian Federation
Contact:

Re: DSEFix - Defeating x64 Driver Signature Enforcement

Post by EP_X0FF » Mon Aug 31, 2015 5:31 am

aionescu wrote:Why not just use the Windows 8+ unfixed 0 day from my Infiltrate talk? With the technique I presented, you can easily disable DSE :)
Well because it 0day and maybe fixed, while this driver isn't banned and used by malware for 5+ years.
Ring0 - the source of inspiration

breaker09
Posts: 6
Joined: Mon Jun 09, 2014 6:15 pm

Re: DSEFix - Defeating x64 Driver Signature Enforcement

Post by breaker09 » Thu Sep 03, 2015 6:57 pm

Is this still working in Windows 10? I seem to be getting PatchGuarded a lot... :(

Locked