Problem in installation of Memranger driver

IgorKorkin / MemoryRanger

MemoryRanger protects kernel data and code by running drivers and hosting data in isolated kernel enclaves using VT-x and EPT features. MemoryRanger has been presented at the BlackHat, HITB, CDFSL.

https://igorkorkin.blogspot.com

218 stars 64 forks source link

Problem in installation of Memranger driver #1

Closed simakhan785 closed 5 years ago

simakhan785 commented 6 years ago

Hi,

I am currently experimenting with the memranger driver. My setup is vs2015 update 3 and WDK and SDK 10.0.14393. When I try to build it some files are missing in hyperplatform and capstone arch directory. After, copying the file from tandsaat project, I have problem in installing memranger (i am running as memranger_console.exe) driver in windows 10 10240 build x64. It says I/O operation abort and the driver installation failed. Pls. help me.

IgorKorkin commented 6 years ago

Hi!

Thank you for your email.

You are doing everything right.

Within next week I will upload a new version of MemoryRanger and will double check that I don't miss any files. I think this will help.

Thank you

Best

Igor

On Fri, Aug 31, 2018 at 9:03 AM simakhan785 notifications@github.com wrote:

Hi,

I am currently experimenting with the memranger driver. My setup is vs2015 update 3 and WDK and SDK 10.0.14393. When I try to build it some files are missing in hyperplatform and capstone arch directory. After, copying the file from tandsaat project, I have problem in installing memranger (i am running as memranger_console.exe) driver in windows 10 10240 build x64. It says I/O operation abort and the driver installation failed. Pls. help me.

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/IgorKorkin/MemoryRanger/issues/1, or mute the thread https://github.com/notifications/unsubscribe-auth/AKbtZ7PQXXkD9fOL_keWOW0LttgQL7Riks5uWNGSgaJpZM4WUpIe .

simakhan785 commented 6 years ago

Sir, Any update on MemoryRanger. So, that I can build and experiment with it.

Thanks, Sima

IgorKorkin commented 6 years ago

Hi, Sima!

I'm going to update code soon. Can I ask you to build and run MemoryMonRWX, https://github.com/tandasat/MemoryMon/tree/rwe_cdfs MemoryRanger is based on MemoryMonRWX.

Do you have the same issue with running MemoryMonRWX?

On Wed, Sep 26, 2018 at 10:58 AM simakhan785 notifications@github.com wrote:

Sir, Any update on MemoryRanger. So, that I can build and experiment with it.

Thanks, Sima

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/IgorKorkin/MemoryRanger/issues/1#issuecomment-424622189, or mute the thread https://github.com/notifications/unsubscribe-auth/AKbtZz0q7GMnSiEArNMeCHpsW8ylpjnSks5uezOqgaJpZM4WUpIe .

simakhan785 commented 6 years ago

Sir, I will try it. Thanks for ur reply.

IgorKorkin commented 6 years ago

Hi Sima! I've just uploaded a new version of MemoryRanger and related projects. Could you please update all files and test them again.

I compile all this stuff using Visual Studio 2015, WDK 10.0.10586.0 and SDK 14.0.23506. Can you try to compile all files in debug configuration and launch inside VMware with Windows 10 x64, which is loaded in DEBUG mode with connecting WinDbg via pipe. Here are the details of how to confige this testbed - https://hshrzd.wordpress.com/2017/05/28/starting-with-windows-kernel-exploitation-part-1-setting-up-the-lab/

Please, comment below about your results and any issues.

Thank you, bro!

nadiaivc commented 3 years ago

Hello,

Is there a chance to build this project using Visual Studio 2017? It isn't easy to find specific old version of WDK and SDK. I also successfully built Satoshi's project (https://github.com/tandasat/MemoryMon/tree/rwe_cdfs), but I have problem with yours... I use SDK 10.0.17763.0 and WDK 10.0.17763.1 (1809)

IgorKorkin commented 3 years ago

Hello,

Is there a chance to build this project using Visual Studio 2017? It isn't easy to find specific old version of WDK and SDK. I also successfully built Satoshi's project (https://github.com/tandasat/MemoryMon/tree/rwe_cdfs), but I have problem with yours... I use SDK 10.0.17763.0 and WDK 10.0.17763.1 (1809)

Hello @nadiaivc

Currently, MemoryRanger can be built using Visual Studio 2015 only. I hope to update MemoryRanger, so it has to be build using Visual Studio 2017 or even Visual Studio 2019. You can use the following links to download previously issued SDK\WDK:

Thank you

nadiaivc commented 3 years ago

Hello, Is there a chance to build this project using Visual Studio 2017? It isn't easy to find specific old version of WDK and SDK. I also successfully built Satoshi's project (https://github.com/tandasat/MemoryMon/tree/rwe_cdfs), but I have problem with yours... I use SDK 10.0.17763.0 and WDK 10.0.17763.1 (1809)

Hello @nadiaivc

Currently, MemoryRanger can be built using Visual Studio 2015 only. I hope to update MemoryRanger, so it has to be build using Visual Studio 2017 or even Visual Studio 2019. You can use the following links to download previously issued SDK\WDK:

https://docs.microsoft.com/en-us/windows-hardware/drivers/other-wdk-downloads

https://developer.microsoft.com/en-us/windows/downloads/sdk-archive/

https://visualstudio.microsoft.com/vs/older-downloads/

Thank you

Okay, I'll try to build it using VS 2015. Thanks for your quick reply!