Menu

Tree [84ba3f] master /
 History

HTTPS git://
HTTPS access

File Date Author Commit
 helperlib 2017-09-19 peterius peterius [84ba3f] moved types and x86/AMD64 value_t out of hookst...
 thirtytwobithelper 2017-09-19 peterius peterius [7e3acd] header
 warontencent 2017-08-21 peterius peterius [26a070] initial
 .gitignore 2017-08-17 Peter Bohning Peter Bohning [8e02aa] init
 LICENSE 2017-08-17 Peter Bohning Peter Bohning [16af7b] initial
 README 2017-08-17 Peter Bohning Peter Bohning [d665e2] minor
 driver.cpp 2017-08-29 peterius peterius [5ec8ba] minor
 driver.h 2017-08-17 Peter Bohning Peter Bohning [16af7b] initial
 functionstohook.xml 2017-09-17 peterius peterius [7cf875] should have committed this earlier...
 ipcsocket.cpp 2017-09-17 peterius peterius [d2f35c] debug statements
 ipcsocket.h 2017-08-17 Peter Bohning Peter Bohning [16af7b] initial
 kernelreplacements.cpp 2017-08-17 Peter Bohning Peter Bohning [16af7b] initial
 kernelreplacements.h 2017-08-17 Peter Bohning Peter Bohning [16af7b] initial
 libraryloader.cpp 2017-08-25 peterius peterius [f1ee92] out of section 64 bit library variables...
 libraryloader.h 2017-08-17 Peter Bohning Peter Bohning [16af7b] initial
 loadfiles.cpp 2017-08-25 peterius peterius [b369bd] can't believe I forgot to close the handle
 loadfiles.h 2017-08-17 Peter Bohning Peter Bohning [16af7b] initial
 processdumper.cpp 2017-09-05 peterius peterius [c4e592] some error strings, untested
 processdumper.rc 2017-08-17 Peter Bohning Peter Bohning [16af7b] initial
 processdumper.sln 2017-08-17 Peter Bohning Peter Bohning [16af7b] initial
 processdumper.vcxproj 2017-08-28 peterius peterius [cb4759] - uninstall driver option
 processdumper.vcxproj.filters 2017-08-26 peterius peterius [421e40] attempting to find out why can't inject
 query.cpp 2017-08-19 Peter Bohning Peter Bohning [653aad] minor
 query.h 2017-08-17 Peter Bohning Peter Bohning [16af7b] initial
 reconstitute.cpp 2017-08-17 Peter Bohning Peter Bohning [16af7b] initial
 reconstitute.h 2017-08-17 Peter Bohning Peter Bohning [16af7b] initial
 resource.h 2017-08-17 Peter Bohning Peter Bohning [16af7b] initial
 targetver.h 2017-08-17 Peter Bohning Peter Bohning [16af7b] initial
 winnt.h 2017-08-17 Peter Bohning Peter Bohning [16af7b] initial
 x64_syscalls.asm 2017-08-17 Peter Bohning Peter Bohning [16af7b] initial

Read Me

* dirty, unfinished, exploratory code for analyzing software
* Run it from an administrator console or it will quit with some unhelpful error.
* From pretty early on, I started compiling the console application 64 bit.  So while it should work on 32 bit applications, it will likely be broken if compiled for 32 bit.
* installing driver requires:

	bcdedit -set TESTSIGNING ON
	and reboot

	and to turn it off bcdedit -set TESTSIGNING OFF

	I think I used

	MakeCert -r -pe -ss PrivateCertStore -n "CN=test.com(test)" testcert.cer

	for the signing certificate and then set the test certificate in the driver project properties.  Pretty sure it's per-machine

	makecert-test-certificate from msdn
Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.