XaFF-XaFF / Cronos-Rootkit

Cronos is Windows 10/11 x64 ring 0 rootkit. Cronos is able to hide processes, protect and elevate them with token manipulation.
MIT License
855 stars 182 forks source link

Runtime error: Couldn't open handle to device (2). Check if driver is loaded correctly. #6

Closed bill-e-ghote closed 2 years ago

bill-e-ghote commented 2 years ago

Not sure if my error or the application. Please advise.

image

XaFF-XaFF commented 2 years ago

Firstly you have to load the driver into the kernel then run cdbg.exe

bill-e-ghote commented 2 years ago

Got it. Thanks.

river7816 commented 1 year ago

Firstly you have to load the driver into the kernel then run cdbg.exe

I have the same question, I know I need to load driver into the kernel but I do not know what tools can I use to do it.

XaFF-XaFF commented 1 year ago

@river7816 You can learn from this link: https://www.ired.team/miscellaneous-reversing-forensics/windows-kernel-internals/loading-a-windows-kernel-driver-osr-driver-loader-debugging-with-source-code

XaFF-XaFF commented 1 year ago

Or use new Black Angel Rootkit which can be loaded with kdmapper