Closed LYingSiMon closed 2 years ago
hfiref0x
commented
2 years ago Hello,
to reproduce this behaviour can you attach your compiled binary? /gs could be the reason, you either didn't disabled it or didn't done full rebuild of the driver after applying new setting.
LYingSiMon
commented
2 years ago Hello,
to reproduce this behaviour can you attach your compiled binary? /gs could be the reason, you either didn't disabled it or didn't done full rebuild of the driver after applying new setting.
Of course!(If you need the whole project, I can also send you ✔) LysdDrv.zip
I didn't expect to get a reply so quickly, So happy hahaha.
hfiref0x
commented
2 years ago Your driver has WDFLDR, FLTMGR in import table. This loader cannot handle this. It seems you created your driver with wrong type of project.
hfiref0x
commented
2 years ago Take drivers from https://github.com/hfiref0x/KDU/tree/master/Source/Examples as examples of configuration.
LYingSiMon
commented
2 years ago You're absolutely right🤣,I did import fltMgr.lib, It returned to normal after removing the import to it.
I was just commented the code that had to do with MiniFliter, I was naive, thank you again !
hello, hfire0x. First of all, thank you for your project. It was great.
this is my dump ,I used windbg and found that some functions had wrong addresses, such as "MmGetSystemRoutineAddress" or "DbgPrintEx",I think this is probably because the ntoskrnl import is wrong(Of course, my guess may not be right 😁) 102022-9578-01.zip
this is the entry of my driver:
But the strange thing is that the other driver just works and their driverentry is exactly the same,So I compared their project attributes and changed them to the same(I swear I checked every attribute very carefully),But helplessly, they still only have a blue screen, the other one is normal.
I hope you can help me. Thank you!