[question] load any kernel driver on windows

ufrisk / pcileech

Direct Memory Access (DMA) Attack Software

GNU Affero General Public License v3.0

4.87k stars 718 forks source link

[question] load any kernel driver on windows #165

Closed ryzen7i7 closed 3 years ago

ryzen7i7 commented 3 years ago

Hi, Is there any way to load own kernel drivers on Windows via DMA?

ufrisk commented 3 years ago

currently no, I had a kernel inject for that which disabled driver signing, created a driver loading service and then re-enabled driver signing again. wx64_driverload_svc - but it's not working on more recent Windows 10 versions as far as I know.

The solution would be to manually load/patch the driver into the kernel; this is possible and there is code for that; but I haven't had the time to look into it so unfortunately right now; no. You'll be limited to shellcode.

ryzen7i7 commented 3 years ago

thanks for your rapid reply. "The solution would be to manually load/patch the driver into the kernel; this is possible and there is code for that;" mean that, pcileech has that code, or somebody's? or technically possible?

ufrisk commented 3 years ago

It's not in PCILeech; code exists elsewhere. This would be a good feature to add; but I'm a bit busy with other projects in the near future; but after that...

ryzen7i7 commented 3 years ago

Thank you for the helpful information. Take your time! Now that the my question has been answered. Thank you again for your time.

P.S. I'm gonna close this issue with this comment.