Hi,
I'm trying to get the Demos\HookProcessCreation running. But I'm failed.
Is process hooking meant to work with self signed certificates? If yes, how can I get the mscross.cer from my certificate?
configDrivers.bat refers to a not existing signtool.exe. So I use signtool.exe from windows sdk. But the only response is "No certificates were found that met all the given criteria." I have no idea what the 'given criteria' are...
The only way to get signtool signing my drivers is the following command line:
SignTool.exe sign /t http://timestamp.verisign.com/scripts/timestamp.dll /f My.pfx /p MyPwd DemoDriver32.sys
But with this driver the DllInjector.exe fails with "loading driver failed".
Any idea?
BR
Michael
Demos\HookProcessCreation does not work
Re: Demos\HookProcessCreation does not work
Does the demo work when you use the files created and compiled by me? E.g. here:
http://madshi.net/HookProcessCreation.zip
http://madshi.net/HookProcessTermination.zip
http://madshi.net/PrintMonitor.zip
I've no experience with using self-cert, but I've heard that some people had trouble with that. One of the madCodeHook requirements is that you have your own code signing certificate. That's the only thing that I have experience with, and I can say that GlobalSign or Verisign certificates work fine.
Of course you can try using self-cert, but I can't really help with that. That said, madCodeHook's driver itself doesn't check the signature. As long as you make the OS happy, madCodeHook is happy, too. So this should mostly be a question of how to make the OS accept your signature. Which is not madCodeHook specific. JFWIW...
http://madshi.net/HookProcessCreation.zip
http://madshi.net/HookProcessTermination.zip
http://madshi.net/PrintMonitor.zip
I've no experience with using self-cert, but I've heard that some people had trouble with that. One of the madCodeHook requirements is that you have your own code signing certificate. That's the only thing that I have experience with, and I can say that GlobalSign or Verisign certificates work fine.
Of course you can try using self-cert, but I can't really help with that. That said, madCodeHook's driver itself doesn't check the signature. As long as you make the OS happy, madCodeHook is happy, too. So this should mostly be a question of how to make the OS accept your signature. Which is not madCodeHook specific. JFWIW...
Re: Demos\HookProcessCreation does not work
Yes, they work fine.
One additional question: where does the mscross.cer come from? This is used to sign the sys files (configDrivers.bat).
I assume, this file is not your certificate provided by GlobalSign, isn't it?
Could be, that I need to convert my self-signed certificate into such a file...
BR
Michael
One additional question: where does the mscross.cer come from? This is used to sign the sys files (configDrivers.bat).
I assume, this file is not your certificate provided by GlobalSign, isn't it?
Could be, that I need to convert my self-signed certificate into such a file...
BR
Michael