DSEFix - Defeating x64 Driver Signature Enforcement

Forum for announcements and questions about tools and software.

Re: Update 15 dec 2014

Postby EP_X0FF » Sat Mar 07, 2015 8:40 am

GLOBALBANFIXED wrote:What version of VBox driver you use?

Where?
Ring0 - the source of inspiration
User avatar
EP_X0FF
Global Moderator
 
Posts: 4759
Joined: Sun Mar 07, 2010 5:35 am
Location: Russian Federation
Reputation point: 571

Re: DSEFix - Defeating x64 Driver Signature Enforcement

Postby SelectHF2 » Sat Mar 07, 2015 1:27 pm

So i would need to use a Vbox to do this?
SelectHF2
 
Posts: 1
Joined: Sat Mar 07, 2015 1:25 pm
Reputation point: 0

Re: Update 15 dec 2014

Postby GLOBALBANFIXED » Sat Mar 07, 2015 1:29 pm

EP_X0FF wrote:
GLOBALBANFIXED wrote:What version of VBox driver you use?

Where?


In last dsefix (ultra4.sys) version. Ultra4.sys this is VBoxDrv .sys (ver?) ? Or another selfmade driver?

P.S. Thanks for this app, really make life easier :twisted:
GLOBALBANFIXED
 
Posts: 3
Joined: Thu Mar 05, 2015 6:44 pm
Reputation point: 0

Re: DSEFix - Defeating x64 Driver Signature Enforcement

Postby EP_X0FF » Sat Mar 07, 2015 1:32 pm

SelectHF2 wrote:So i would need to use a Vbox to do this?

No.

GLOBALBANFIXED wrote:In last dsefix (ultra4.sys) version. Ultra4.sys this is VBoxDrv .sys (ver?) ? Or another selfmade driver?


1.6
Ring0 - the source of inspiration
User avatar
EP_X0FF
Global Moderator
 
Posts: 4759
Joined: Sun Mar 07, 2010 5:35 am
Location: Russian Federation
Reputation point: 571

Re: DSEFix - Defeating x64 Driver Signature Enforcement

Postby warezjoe19 » Sat Mar 07, 2015 2:26 pm

Thanks for this. Super helpful tool.
warezjoe19
 
Posts: 1
Joined: Wed Mar 04, 2015 8:43 pm
Reputation point: 0

Re: DSEFix - Defeating x64 Driver Signature Enforcement

Postby EP_X0FF » Tue Mar 10, 2015 11:00 am

Latest version published on GitHub https://github.com/hfiref0x/DSEFix, further updates (if any) will be posted on git also.
Ring0 - the source of inspiration
User avatar
EP_X0FF
Global Moderator
 
Posts: 4759
Joined: Sun Mar 07, 2010 5:35 am
Location: Russian Federation
Reputation point: 571

Re: DSEFix - Defeating x64 Driver Signature Enforcement

Postby GLOBALBANFIXED » Wed Mar 11, 2015 4:10 am

EP_X0FF wrote:Latest version published on GitHub https://github.com/hfiref0x/DSEFix, further updates (if any) will be posted on git also.


Thx! you are cool!
"Спасибо, ты крут!)"
GLOBALBANFIXED
 
Posts: 3
Joined: Thu Mar 05, 2015 6:44 pm
Reputation point: 0

Re: DSEFix - Defeating x64 Driver Signature Enforcement

Postby aionescu » Sun Aug 30, 2015 11:25 pm

Why not just use the Windows 8+ unfixed 0 day from my Infiltrate talk? With the technique I presented, you can easily disable DSE :)
aionescu
 
Posts: 13
Joined: Sun Aug 14, 2011 1:55 pm
Reputation point: 3

Re: DSEFix - Defeating x64 Driver Signature Enforcement

Postby EP_X0FF » Mon Aug 31, 2015 5:31 am

aionescu wrote:Why not just use the Windows 8+ unfixed 0 day from my Infiltrate talk? With the technique I presented, you can easily disable DSE :)

Well because it 0day and maybe fixed, while this driver isn't banned and used by malware for 5+ years.
Ring0 - the source of inspiration
User avatar
EP_X0FF
Global Moderator
 
Posts: 4759
Joined: Sun Mar 07, 2010 5:35 am
Location: Russian Federation
Reputation point: 571

Re: DSEFix - Defeating x64 Driver Signature Enforcement

Postby breaker09 » Thu Sep 03, 2015 6:57 pm

Is this still working in Windows 10? I seem to be getting PatchGuarded a lot... :(
breaker09
 
Posts: 6
Joined: Mon Jun 09, 2014 6:15 pm
Reputation point: 0

PreviousNext

Return to Tools/Software

Who is online

Users browsing this forum: No registered users and 2 guests