LOLBAS icon indicating copy to clipboard operation
LOLBAS copied to clipboard
verified publisher icon LOLBAS-Project

Remove pnputil.exe

Open ConsciousHacker opened this issue 3 years ago • 2 comments

pnputil.exe requires the driver to be signed, example output is below

C:\Windows\System32\pnputil.exe -i -a .\test.inf
Microsoft PnP Utility

Processing inf :            test.inf
Adding the driver package failed : The third-party INF does not contain digital signature information.


Total attempted:              1
Number successfully imported: 0

ConsciousHacker avatar Mar 31 '22 14:03 ConsciousHacker

ill help you ...

bcdedit /set loadoptions DDISABLE_INTEGRITY_CHECKS & bcdedit /set testsigning on

Please think before you speak. Because in any way its still proxy execution , a lot attacks been carry out from signed driver ( example NVIDIA leak)

LuxNoBulIshit avatar Mar 31 '22 15:03 LuxNoBulIshit

  1. The detail you provided above should be added to the entry for it to be a constructive contribution that the community benefits from. Please submit a pull request and we'll be happy to review it.
  2. Please read the following: https://github.com/LOLBAS-Project/LOLBAS#criteria
  3. If we consider "proxy execution" in combination with attacks used by signed drivers, it would change the scope of the LOLBAS project.

ConsciousHacker avatar Mar 31 '22 21:03 ConsciousHacker

I agree that although this utility certainly could be of use to an attacker, the functionality appears to be intended, and as such this project is not the right fit for pnputil. Feel free to remove @ConsciousHacker

wietze avatar Jan 06 '24 15:01 wietze

@wietze Closed as discussed

ConsciousHacker avatar Jan 16 '24 21:01 ConsciousHacker