dmex
dmex
@henrypp > ReactOS signed the kernel drivers for Process Hacker At first ReactOS signed the Process Hacker driver (including a few other open source projects) years ago but we've been...
You can sign up for Microsoft's ACS for $10/m which is the cheapest certificate and it's the only supported signer for uiaccess and integritycheck going forward. https://techcommunity.microsoft.com/t5/security-compliance-and-identity/azure-code-signing-democratizing-trust-for-developers-and/ba-p/3604669 Howto: https://github.com/koaladsp/KoalaDocs/blob/master/azure-code-signing-for-plugin-developers.md
> System Informer uses the version-specific application path instead of the current path It's not just System Informer... Scoop is currently breaking every application that uses these system functions: [GetMappedFileName](https://learn.microsoft.com/en-us/windows/win32/api/psapi/nf-psapi-getmappedfilenamew)...
> I looked at ProcessHacker source code and unfortunately it doesn't use GetFinalPathNameByHandle/Ex, it uses NtQueryObject, like we do @giampaolo Process Hacker uses the Native API instead of the Win32...
@jschwartzentruber I was able to resolve the deadlock issues with NtQueryObject by using the [ReOpenFile function](https://learn.microsoft.com/en-us/windows/win32/api/winbase/nf-winbase-reopenfile) to clone/recreate the internal file_object referenced by handle. Try using this function to query...
> On further testing, this doesn't filter for pipes. I'm not seeing it hang/deadlock, but I do see OSError originated from NtQueryObject. @jschwartzentruber That would be the expected behavior. Named...
There's also a third option using the built-in Windows rundown support? Does not require a kernel driver, opening handles to processes or handle duplication so it's able to support protected...
> calling whatever ntdll.dll routines are used by kernel32 in its ReOpenFile @derekbruening ReOpenFile passes the original file handle as the OBJECT_ATTRIBUTES `RootDirectory` and calls the standard NtCreateFile function. Here's...
The plugins folder?