search

BlackINT3 / OpenArk

The Next Generation of Anti-Rookit(ARK) tool for Windows.
https://openark.blackint3.com
GNU Lesser General Public License v2.1
8.29k stars 835 forks source link

打开内核模式下载所需文件时无法下载 #186

Open akschy opened 3 weeks ago

akschy commented 3 weeks ago

打开内核模式下载所需文件时无法下载,通过浏览器访问资源位置提示404 [Kernel::ParseKernelSymbol] [INFO] PDB: C:\Users\akchy\AppData\Roaming\OpenArk\symbols\ci.pdb\5ed2395d069ca6940eb352ff5aea73e11\ci.pdb [Kernel::ParseKernelSymbol] [INFO] Download: http://msdl.blackint3.com:88/download/symbols/ci.pdb/5ed2395d069ca6940eb352ff5aea73e11/ci.pdb [HttpDownload::::operator ()] [INFO] Download failed, err:203, msg:Error transferring http://msdl.blackint3.com:88/download/symbols/ci.pdb/5ed2395d069ca6940eb352ff5aea73e11/ci.pdb - server replied: Not Found [Kernel::ParseKernelSymbol] [ERR] LoadSymbol: C:\Users\akchy\AppData\Roaming\OpenArk\symbols\ci.pdb\5ed2395d069ca6940eb352ff5aea73e11\ci.pdb err [Kernel::ParseKernelSymbol] [INFO] PDB: C:\Users\akchy\AppData\Roaming\OpenArk\symbols\fltMgr.pdb\c2e26c16442664656024bc218bf3d3bc1\fltMgr.pdb [Kernel::ParseKernelSymbol] [INFO] PDB: C:\Users\akchy\AppData\Roaming\OpenArk\symbols\netio.pdb\d3e5a23c5c5f5cfd758cd1499593b5b41\netio.pdb [Kernel::ParseKernelSymbol] [INFO] PDB: C:\Users\akchy\AppData\Roaming\OpenArk\symbols\ntkrnlmp.pdb\9f5b89c1e333e244f1f553704ad1b7831\ntkrnlmp.pdb [Kernel::ParseKernelSymbol] [INFO] Download: http://msdl.blackint3.com:88/download/symbols/ntkrnlmp.pdb/9f5b89c1e333e244f1f553704ad1b7831/ntkrnlmp.pdb [Kernel::ParseKernelSymbol] [ERR] LoadSymbol: C:\Users\akchy\AppData\Roaming\OpenArk\symbols\ntkrnlmp.pdb\9f5b89c1e333e244f1f553704ad1b7831\ntkrnlmp.pdb err [Kernel::ParseKernelSymbol] [INFO] PDB: C:\Users\akchy\AppData\Roaming\OpenArk\symbols\win32kbase.pdb\8e8137272a0d494794f7ae3dc0441bd61\win32kbase.pdb [Kernel::ParseKernelSymbol] [INFO] Download: http://msdl.blackint3.com:88/download/symbols/win32kbase.pdb/8e8137272a0d494794f7ae3dc0441bd61/win32kbase.pdb [Kernel::ParseKernelSymbol] [ERR] LoadSymbol: C:\Users\akchy\AppData\Roaming\OpenArk\symbols\win32kbase.pdb\8e8137272a0d494794f7ae3dc0441bd61\win32kbase.pdb err [Kernel::ParseKernelSymbol] [INFO] PDB: C:\Users\akchy\AppData\Roaming\OpenArk\symbols\win32kfull.pdb\b50fc5e7f26df670a7984203500b36cb1\win32kfull.pdb [Kernel::ParseKernelSymbol] [INFO] Download: http://msdl.blackint3.com:88/download/symbols/win32kfull.pdb/b50fc5e7f26df670a7984203500b36cb1/win32kfull.pdb [UNONE::ObLoadDriverW] [ERR] NtLoadDriver service:\Registry\Machine\System\CurrentControlSet\Services\OpenArkDrv64 err:c0000428 [Kernel::ParseKernelSymbol] [ERR] LoadSymbol: C:\Users\akchy\AppData\Roaming\OpenArk\symbols\win32kfull.pdb\b50fc5e7f26df670a7984203500b36cb1\win32kfull.pdb err [Kernel::onEnterKernelMode] [INFO] InstallDriver 1. [Kernel::onEnterKernelMode] [INFO] InstallDriver 2. [Kernel::onEnterKernelMode] [ERR] InstallDriver C:\Users\akchy\AppData\Roaming\OpenArk\kernel\OpenArkDrv64.sys err