Mairon
Mairon
Hello @snltty sorry for late response Microsoft has revoked the driver's certificate due to its increased use in malicious stuff thus making it unloadable, you might want to consider using...
Hello @ozohhub ,the rootkit currently works only when DSE is disabled, You can disable DSE by opening cmd as an administrator and running the following command: bcdedit /set testsigning on...
@ozohhub Did you place the driver chaos-rootkit.sys in the same directory as rin3-gui.exe? Also, can you run [DbgView](https://learn.microsoft.com/en-us/sysinternals/downloads/debugview), then run the rootkit and send a screenshot of the output in...
also you should run the ring3-gui.exe as an administrator @ozohhub
hello @ozohhub did you enable test signing mode ?
From what I can see in DebugView, the driver didn't load
Hello @ozohhub , that's weird it should work in test mode, can you please run the cmd as an administrator and execute the following commands: - sc stop Chaos-Rootkit -...
@ozohhub Ah yes, that error occurs because the driver returns STATUS_UNSUCCESSFUL during the offset initialization part. I should be more precise with the error details, haha. Your Windows build is...
Hello @ozohhub , I’ve made an update. Now, when your system version is not supported, it won’t restrict you from everything. Instead, it will only limit access to features that...
Hello @ahabx64 , sorry for the late reply. To fix this issue, go to Settings, then Linker, then Input, and add FltMgr.lib;%(AdditionalDependencies) to the Additional Dependencies input.