OpenArk icon indicating copy to clipboard operation
OpenArk copied to clipboard
verified publisher icon BlackINT3

1.3.4进入内核模式失败

Open xxhhlk opened this issue 2 years ago • 14 comments

OpenArk Console Copyright (C) 2019 BlackINT3 https://github.com/BlackINT3/OpenArk [UNONE::FsReadFileDataW] [WARN] C:\Users\im\AppData\Roaming\OpenArk\console\history.txt is empty file [UNONE::PsGetProcessInfo64W] [ERR] VirtualOpenProcess pid:4 err:5 [Kernel::InitKernelEntryView::::operator ()] [INFO] 操作系统 : Windows 10 [Kernel::InitKernelEntryView::::operator ()] [INFO] 主版本号 : 10 [Kernel::InitKernelEntryView::::operator ()] [INFO] 副版本号 : 0 [Kernel::InitKernelEntryView::::operator ()] [INFO] 发行编号 : 22H2 [Kernel::InitKernelEntryView::::operator ()] [INFO] 编译号 : 19045 [Kernel::InitKernelEntryView::::operator ()] [INFO] 主服务包 : 0 [Kernel::InitKernelEntryView::::operator ()] [INFO] 副服务包 : 0 [Kernel::InitKernelEntryView::::operator ()] [INFO] R3地址空间 : 0x10000 - 0x7FFFFFFEFFFF [Kernel::InitKernelEntryView::::operator ()] [INFO] R0地址空间 : 0xFFFF080000000000 - 0xFFFFFFFFFFFFFFFF [Kernel::InitKernelEntryView::::operator ()] [INFO] 页面大小 : 4 KB [Kernel::InitKernelEntryView::::operator ()] [INFO] 物理内存 : 32 GB [Kernel::InitKernelEntryView::::operator ()] [INFO] CPU核数 : 20 [Kernel::InitKernelEntryView::::operator ()] [INFO] 系统根目录 : C:\WINDOWS [Kernel::InitKernelEntryView::::operator ()] [INFO] 启动时间 : 2024-01-19 19:48:37 (0Day/17Hour/44Min) [Kernel::InitKernelEntryView::::operator ()] [INFO] BootInfo : UEFI [Kernel::InitKernelEntryView::::operator ()] [INFO] HVM : VT Enabled [OpenArk::onActionCheckUpdate] [INFO] requset server:http://file.blackint3.com:88/openark/version.txt [OpenArk::onActionCheckUpdate::::operator ()] [INFO] local appver:1.3.4, build:202312202152 [OpenArk::onActionCheckUpdate::::operator ()] [INFO] server responsed:{ "err": 0, "appver": "1.3.4", "appbd": "202312202152", "appcl": "LSDov5vnqIvlop7lvLrvvJrlop7liqDlhoXlrZjkvb/nlKjjgIFQRULjgIFURULjgIHnur/nqIvmoIjjgIHnu5PmnZ/nur/nqIvnrYnlkITnp43lip/og70NCi0g5YaF5qC45aKe5by677ya5aKe5Yqg5YWo5YaF5a2Y5pCc57Si44CB5Y246L296amx5Yqo5YiX6KGo44CB6ZWc5YOP5Yqr5oyB44CB5Yqg6L2956ym5Y+3562J5ZCE56eN5Yqf6IO9DQotIOaJq+aPj+aPkOWNh++8muS8mOWMllBF5omr5o+P44CB5pSv5oyB6Kej5p6Q5YaF5a2Y5YyWUEXnrYnlip/og70NCi0g6Kej5Yaz6YOo5YiG5LiN6IO96L+b5YWl5YaF5qC45qih5byP55qE6Zeu6aKYDQotIEJVR+S/ruWkje+8jOi/mOacieWFtuWug+W+iOWkmuacquaPkOWPiueahOWKn+iDvQ0KLSDnibnliKvor7TmmI7vvJrlop7liqDoh7TosKLlkI3ljZXvvIzmhJ/osKLlr7lPcGVuQXJr55qE5pSv5oyB77yBDQotLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCi0gSW1wb3ZlZCBwcm9jZXNzIG1hbmFnZXI6IEFkZGVkIG1lbW9yeSB1c2FnZSwgUEVCLCBURUIsIENhbGxTdGFjaywgVGVybWluYXRlIFRocmVhZCBldGMuDQotIEltcG92ZWQga2VybmVsIG1hbmFnZXI6IEFkZGVkIG1lbW9yeSBzZWFyY2gsIFVubG9hZGVkIGRyaXZlcnMsIElGRU8sIExvYWQgc3ltYm9scyBldGMuDQotIEltcHJvdmVkIHNjYW5uZXI6IEltcHJvdmVkIHBlIHNjYW5uZXIsIEFkZGVkIHNjYW5uZXIgZm9yIE1lbW9yeSBQRS4NCi0gRml4ZWQgc29tZSBmYWlsdXJlIGNhc2Ugd2hlbiBlbnRlciBrZXJuZWwgbW9kZS4NCi0gQnVnZml4ZWQgYW5kIG1hbnkgb3RoZXIgdW5tZW50aW9uZWQgZmVhdHVyZXMuDQotIFNwZWNpYWwgTm90ZXM6IEFkZGVkIGFja25vd2xlZGdlbWVudHMsIHRoYW5rcyBmb3IgeW91ciBzdXBwb3J0IQ==", "appurl": "https://github.com/BlackINT3/OpenArk/releases" }

[OpenArk::onActionCheckUpdate::::operator ()] [INFO] OpenArk is latest. [Kernel::ParseKernelSymbol] [INFO] PDB: C:\Users\im\AppData\Roaming\OpenArk\symbols\ci.pdb\F978A72B5A84D8D5262BA9654FE1F57D1\ci.pdb [Kernel::ParseKernelSymbol] [INFO] Download: http://msdl.blackint3.com:88/download/symbols/ci.pdb/F978A72B5A84D8D5262BA9654FE1F57D1/ci.pdb [Kernel::ParseKernelSymbol] [INFO] PDB: C:\Users\im\AppData\Roaming\OpenArk\symbols\fltMgr.pdb\C6B7358770920641714F8F39943309AC1\fltMgr.pdb [Kernel::ParseKernelSymbol] [INFO] Download: http://msdl.blackint3.com:88/download/symbols/fltMgr.pdb/C6B7358770920641714F8F39943309AC1/fltMgr.pdb [Kernel::ParseKernelSymbol] [INFO] PDB: C:\Users\im\AppData\Roaming\OpenArk\symbols\netio.pdb\A6FB7302AF03576B8E72B1E88E1987F31\netio.pdb [Kernel::ParseKernelSymbol] [INFO] Download: http://msdl.blackint3.com:88/download/symbols/netio.pdb/A6FB7302AF03576B8E72B1E88E1987F31/netio.pdb [Kernel::ParseKernelSymbol] [INFO] PDB: C:\Users\im\AppData\Roaming\OpenArk\symbols\ntkrnlmp.pdb\D7ABE9B23BAD553213DE9BB10F1677B81\ntkrnlmp.pdb [Kernel::ParseKernelSymbol] [INFO] Download: http://msdl.blackint3.com:88/download/symbols/ntkrnlmp.pdb/D7ABE9B23BAD553213DE9BB10F1677B81/ntkrnlmp.pdb [Kernel::ParseKernelSymbol] [INFO] PDB: C:\Users\im\AppData\Roaming\OpenArk\symbols\win32k.pdb\4861D9D8CC375CC7E28E23C9A6E302D71\win32k.pdb [Kernel::ParseKernelSymbol] [INFO] Download: http://msdl.blackint3.com:88/download/symbols/win32k.pdb/4861D9D8CC375CC7E28E23C9A6E302D71/win32k.pdb [Kernel::ParseKernelSymbol] [INFO] PDB: C:\Users\im\AppData\Roaming\OpenArk\symbols\win32kbase.pdb\0949450FAC20B4137303F4C4BF4DD3E81\win32kbase.pdb [Kernel::ParseKernelSymbol] [INFO] Download: http://msdl.blackint3.com:88/download/symbols/win32kbase.pdb/0949450FAC20B4137303F4C4BF4DD3E81/win32kbase.pdb [Kernel::ParseKernelSymbol] [INFO] PDB: C:\Users\im\AppData\Roaming\OpenArk\symbols\win32kfull.pdb\BC20C80D10E7BC4AEB33A16598296E8F1\win32kfull.pdb [Kernel::ParseKernelSymbol] [INFO] Download: http://msdl.blackint3.com:88/download/symbols/win32kfull.pdb/BC20C80D10E7BC4AEB33A16598296E8F1/win32kfull.pdb [UNONE::ObLoadDriverW] [ERR] NtLoadDriver service:\Registry\Machine\System\CurrentControlSet\Services\MicrosoftDoSvc err:c000010e [UNONE::ObLoadDriverW] [ERR] NtLoadDriver service:\Registry\Machine\System\CurrentControlSet\Services\OpenArkDrv64 err:c0000428 [Kernel::onEnterKernelMode] [INFO] InstallDriver 1. [Kernel::onEnterKernelMode] [INFO] InstallDriver 2. [Kernel::onEnterKernelMode] [ERR] InstallDriver C:\Users\im\AppData\Roaming\OpenArk\kernel\OpenArkDrv64.sys err

Windows 10 Pro 22H2 19045.3930

xxhhlk avatar Jan 20 '24 05:01 xxhhlk