Yep. Or just sign your custom driver with a leaked cert. Works to date. My related workshop:https://github.com/theevilbit/workshops/tree/master/DSE%20Bypass%20Workshop …
-
-
- Još 2 druga odgovora
Novi razgovor -
-
-
The process havker driver amongst others is used by cheats to bypass anti-cheating detection in games.
- Još 5 drugih odgovora
Novi razgovor -
-
-
A list of vulnerable drivers: https://www.unknowncheats.me/forum/anti-cheat-bypass/334557-vulnerable-driver-megathread.html … ASUS, ATI, Samsung,
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
-
-
That's part of the reason why some AVs flag it as malicious/hacktool.
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
-
-
Hi, I believe Abatis blocks this. To abuse a driver you would need to a) get your program onto the machine and b) add a rule to Abatis to allow your program to talk to the said driver (or DLL or any other protected file type) - even as admin.
-
I'd be very interested to know if it doesn't.
Kraj razgovora
Novi razgovor -
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.
The problem is: Attackers can load any signed driver and abuse its functionality. For example, the process hacker driver can be abused to dump the memory of lsass.exe.
Read about it in my blog