madshi.net

Alright, here's more info following the suggestions, I appreciate them I made the tool that calls WinVerifyTrust, it does multiple calls using different flags: DRIVER_ACTION_VERIFY WINTRUST_ACTION_GENERIC_CHAIN_VERIFY WINTRUST_ACTION_GENERIC_VERIFY_V2 *Also the WTD_REVOKE_WHOLECHAIN options to check...

Last madcodehook I've got running on my clients are from dec 2017 Recently I've decided to update to the 2.8.8.0, went throught all the hoops, configuring the driver, resigning everything, getting the microsoft hardware signature from their partner dashboard Tested on my machines and everything was ...

Thanks for the detailed report! So what is the key difference to what you did before? When struggling to see why signtool would not recognize globalsigns root certificate(it never will using driver verification policy) I changed the signature command plenty of times signing your driver, so when I w...

Alright I got this thing figured out now, will describe in steps below for next guy that needs this with minimal headache. Microsoft is enforcing the sysdev signature under recently installed windows 10 RS3 and forward, upgrades doesn't seem to be impacted so this is will be a slow and growing probl...

Appreciate the info Iconic I thought it would be a little easier to have the same driver I've been using for so long to just keep loading as before after passing through the dashboard When submitting a new hardware on the dashboard it requires a package (.cab, .hlkx, .hckx), since I read the tutoria...

Past 3 months I've been having a larger number of clients reporting driver not being installed under their windows 10, it seems microsoft is slowly rolling their previous call to not trusting in the EV certificate and requiring you to go through their dashboard to get an extra signature from them To...

I'm currently stuck in the same predicament, the sandbox rollout is slowly taking place (around 5% of my userbase are unable to inject into edge by now) My entire app user base are employees, if I could easily disable edge's sandbox through GPs or registry, by already being in full access to the mac...

All the masks are working 100%

Thanks for the info

Hey I've googled and searched all over this forum for a possible answer and none seemed to solve my questions I'm also not especiallized in C++, but I had to learn the basics to build a driverloader/injection helper because there isnt a delphi XE2 with 64 support version available yet I've just rece...

Nope not a processHandleToId problem after all I'm hooking NTTerminateProcess Thanks for the register idea I'll try it if it comes to unsolvable issues :P Btw thing is, when windows is shutting down all programs are supposed to do whatever they want before shutting down and close themselves and most...

I was just about to start checking on duplicate handle thing and found this amazing stuff If i do this function callback(handle, exitCode): bool; begin result := next(handle, exitCode); end; Everything works fine it wont hang on shut down ever and everyones happy Then again...if I try this function ...

I've seem someone complaining once about handle enumeration issue that was freezing the app and had to solve it by creating a threat that would wait 500ms for it etc etc but the issue ended up unsolved I'm not sure if anybody here noticed the same problem due the lack of usage on windows 7, this iss...

I solved the terminateprocess issue Somehow the uac crashes you with unknown or unespecified errors, sometimes with an unknown GUID error if you try to access the file path of the being killed handle, if you try to get it with processIdToFileName or even getModuleFileName the uac takes you down, thi...

I tested avoiding handles <=0 and it still persists

Then I tested with uac deactivated and it no longer bugged, NTCreateProcess also had issues with the uac perhaps the same one?

Also found an issue on ProcessIdToFileName(under the same seven professional 32) Some costumers reported to me they couldn't open device manager it would pop up a "unknown error." everytime they tried, couple other control panel apps wouldn't run and return GUIDs and weird error messages o...