[help] Having troubles getting it to work

Hi @landhb, i compiled the driver and the loader. Copied `Rootkit.sys` to `C:\Windows\System32\drivers\`

In the `loader.c` file i got `#define DRIVER "C:\\Windows\\System32\\drivers\\Rootkit.sys"` when i compile.

When i try to hide a process this is the STDOUT i get:

```
C:\Windows>dkom.exe Ditto_deleted.exe

 Basic DKOM Rootkit to Hide a Process
 Usage : loader.exe [process name]
 Author: Bradley Landherr


[+] Discovered PID of process Ditto_deleted.exe: 1208
[*] Grabbing driver device handle...
[*] Loading driver.
[-] Error loading driver: The system cannot find the path specified.

LALA: 3
[-] Error creating handle: The system cannot find the path specified.
```

Ignore `LALA: 3` :D I think the error happens at `StartService(svcHandle, 0, NULL) == 0` it is like the loader cannot find the driver

any ideas?

OFF: on win 10 ver 1703 (rs2) build 15063 enterprise it only works for you about ~30minutes before BSOD? 

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[help] Having troubles getting it to work #5

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

[help] Having troubles getting it to work #5

Description

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions