search

TheCruZ / kdmapper

KDMapper is a simple tool that exploits iqvw64e.sys Intel driver to manually map non-signed drivers in memory
MIT License
1.97k stars 500 forks source link

Kdmapper doesn't run unless debug is set to on in bcdedit #15

Closed xtremegamer1 closed 3 years ago

xtremegamer1 commented 3 years ago

KdMapper performs exactly as intended when bcdedit -debug on has been used before rebooting. However if debug is set to off it doesn't run.

TheCruZ commented 3 years ago

All the tests that I perform was with debug off then, I think that you are doing something wrong, Just drag and drop HelloWorld.sys into compiled kdmapper.exe and look with DbgView if the driver says Hi

xtremegamer1 commented 3 years ago

What could be the problem? I have tested it a dozen times and it works exactly as intended with debug on but not at all with debug on. I'll recompile and try again. If you dont believe me i can take a video.

TheCruZ commented 3 years ago

And which error do you have?, if just kdmapper don't open take care of your Antivirus, if it gives an error during ntloaddriver take care of running Anticheats

xtremegamer1 commented 3 years ago

Hey Cruzy boy I think you are onto something with the anticheat theory. I have faceit, esea, eac and battleye installed on this computer. It makes perfect sense they would run in the background normally, shutting down suspicious activities, but shut down if debug is turned on to avoid getting reversed by any idiot with the WDK installed. If that's the case I am probably already on "the list" for countless games i have installed :( Anyway I don't get any error messages, even on a version of kdmapper that is meant to stay open after loading the driver. That version pops up and instantly closes the same as the regular version if I try running it with debug disabled. However I've looked through all running services and nothing but the bare device minimums are running.

Pls help

TheCruZ commented 3 years ago

Check the README https://github.com/TheCruZ/kdmapper/blob/master/README.MD it says that FACEIT will block kdmapper with his running driver, and they will not run if debug is on, and about kdmapper closing remember to open it with a console to see all the output else don't make sense

xtremegamer1 commented 3 years ago

Sheesh you're right bro. It wasn't in the running driver list and i didnt get an error so that's why i didnt realize. Thanks your your time you are a legend. Anyway one last thing hod do I run kdmapper from console? thought I was supposed to drag my .sys into kdmapper

TheCruZ commented 3 years ago

https://www.google.com/search?q=how+to+open+a+program+with+cmd