-
Notifications
You must be signed in to change notification settings - Fork 115
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[help] Having troubles getting it to work #5
Comments
This is the error I encountered, any solution?
Thanks! EDIT: problem fixed, just need to compile a x64 driver |
I am also getting: Any help is greatly appreciated, |
@jodimary Did you also build the driver and place it in the path defined at: https://github.com/landhb/HideProcess/blob/master/loader/loader.c#L8 You can change that define statement to point to wherever your .sys file is. |
Hi Bradley, Just want to say thank you, as I have been looking for exactly this, that works on Windows 10 for a while, as my university dissertation is regarding memory forensics. Thank you!! |
No problem! Hope it helps, good luck! |
Using a win8.1 VM, will this code work in this OS? |
Hi @landhb, i compiled the driver and the loader. Copied
Rootkit.sys
toC:\Windows\System32\drivers\
In the
loader.c
file i got#define DRIVER "C:\\Windows\\System32\\drivers\\Rootkit.sys"
when i compile.When i try to hide a process this is the STDOUT i get:
Ignore
LALA: 3
:D I think the error happens atStartService(svcHandle, 0, NULL) == 0
it is like the loader cannot find the driverany ideas?
OFF: on win 10 ver 1703 (rs2) build 15063 enterprise it only works for you about ~30minutes before BSOD?
The text was updated successfully, but these errors were encountered: