WIN64 Driver Development Basic Tutorial

Forum for discussion about kernel-mode development.

Re: WIN64 Driver Development Basic Tutorial

Postby EP_X0FF » Wed Aug 30, 2017 8:19 am

Offtopic removed. If you have something useful to complain/ask about -> elaborate yourself. Posts with content looking like "I don't like this because I don't like this" or "I don't like it coz it is in language I don't understand" will be removed.
Ring0 - the source of inspiration
User avatar
EP_X0FF
Global Moderator
 
Posts: 4759
Joined: Sun Mar 07, 2010 5:35 am
Location: Russian Federation
Reputation point: 571

Re: WIN64 Driver Development Basic Tutorial

Postby mr.exodia » Sun Sep 03, 2017 12:29 pm

Here is an example driver that shows SSDT hooking on x64, might be useful for people learning. https://github.com/mrexodia/TitanHide
mr.exodia
 
Posts: 1
Joined: Wed Feb 18, 2015 11:34 pm
Reputation point: 0

Re: WIN64 Driver Development Basic Tutorial

Postby fl4shc0d3r » Fri Sep 08, 2017 12:39 am

mr.exodia wrote:Here is an example driver that shows SSDT hooking on x64, might be useful for people learning. https://github.com/mrexodia/TitanHide


I'm searching by Shadow SSDT unhook x64 (complete example). This pack have, but is incomplete, nothing useful.
The author of this topic have a private example that seems good, but this other example is stored on own his forum in this link (http://www.m5home.com/bbs/forum.php?mod=viewthread&tid=6964).

I already have registered, but not was accepted, why? i don't know.
But if he unlock my account, i could buy.
fl4shc0d3r
 
Posts: 31
Joined: Fri Jan 20, 2017 3:10 am
Reputation point: -1

Re: WIN64 Driver Development Basic Tutorial

Postby Vrtule » Fri Sep 08, 2017 8:07 am

I already have registered, but not was accepted, why? i don't know.
But if he unlock my account, i could buy


Well, since probably nobody of us has enough talents in divination, we do not know the answer. You should ask him directly (which, I suppose, you already did). It may be so that he allows only people known to him (in some way) to have an account on his forums.

Sample code tends to be incomplete since it is a sample code.
User avatar
Vrtule
 
Posts: 414
Joined: Sat Mar 13, 2010 9:14 pm
Location: Czech Republic
Reputation point: 92

Re: WIN64 Driver Development Basic Tutorial

Postby Brock » Fri Sep 08, 2017 10:58 am

EP_X0FF has already answered your question, kernelmode.info is not affiliated with other forums or websites so we (members here) have no knowledge of another forum's rules and regulations, registration procedures etc. That would be like asking Microsoft for your forgotten Yahoo email password, they won't know and have nothing to do with each other's rendered services. Private Message (PM) m5home on this forum and ask him directly. You've been told more than once
Accept nothing less than STATUS_SUCCESS
User avatar
Brock
 
Posts: 202
Joined: Wed Apr 28, 2010 3:13 am
Location: Navarre, Florida USA
Reputation point: 19

Re: WIN64 Driver Development Basic Tutorial

Postby fsdhook » Fri Sep 08, 2017 12:19 pm

fl4shc0d3r wrote:I already have registered, but not was accepted, why? i don't know.
But if he unlock my account, i could buy.

Are you a mental defective? You have complain about this matter more than two weeks like a pussy.
Why others have to give you the code or satisfy your request?
I think you come to this forum just for create disturbances.
fsdhook
 
Posts: 45
Joined: Wed May 14, 2014 8:27 am
Reputation point: 0

Re: WIN64 Driver Development Basic Tutorial

Postby fl4shc0d3r » Fri Sep 08, 2017 4:02 pm

fsdhook wrote:
fl4shc0d3r wrote:I already have registered, but not was accepted, why? i don't know.
But if he unlock my account, i could buy.

Are you a mental defective? You have complain about this matter more than two weeks like a pussy.
Why others have to give you the code or satisfy your request?
I think you come to this forum just for create disturbances.


I only commented the happened, i'm not requesting nothing to no one. You understood wrong.
fl4shc0d3r
 
Posts: 31
Joined: Fri Jan 20, 2017 3:10 am
Reputation point: -1

Re: WIN64 Driver Development Basic Tutorial

Postby myid » Tue Oct 03, 2017 3:52 pm

Code of enumerate create process notification is outdated, could you update your code?
Could you tell me how to enumerate the process notifications created by PsSetCreateProcessNotifyRoutineEx2?
myid
 
Posts: 140
Joined: Sat Jun 09, 2012 2:54 am
Reputation point: 0

Re: WIN64 Driver Development Basic Tutorial

Postby m5home » Sun Nov 05, 2017 2:50 am

myid wrote:Code of enumerate create process notification is outdated, could you update your code?
Could you tell me how to enumerate the process notifications created by PsSetCreateProcessNotifyRoutineEx2?


It is not so different between all systems. All process notifications are in the same array.
The woman of my avatar: MiYue, the first empress dowager of China. In the TV series "The Legend of MiYue", my favourite movie star SunLi plays MiYue.
User avatar
m5home
 
Posts: 82
Joined: Wed Jun 06, 2012 1:21 am
Reputation point: 50

Previous

Return to Kernel-Mode Development

Who is online

Users browsing this forum: No registered users and 3 guests

cron