Hide Process BSOD on Win 10 (1709 Build 16299.1992)

XaFF-XaFF / Cronos-Rootkit

Cronos is Windows 10/11 x64 ring 0 rootkit. Cronos is able to hide processes, protect and elevate them with token manipulation.

MIT License

855 stars 182 forks source link

Closed 0736b closed 2 years ago

0736b commented 2 years ago

What's your windows 10 version in the preview gif?

XaFF-XaFF commented 2 years ago

Windows 10 Pro (2004 Build 19041.1415). Check if you have correct ACTIVE_PROCESS_LINKS offset for your Windows 10 version.

0736b commented 2 years ago

Change ACTIVE_PROCESS_LINKS to 0x02E8 and it worked, Thanks