Driver loader for bypassing Windows x64 Driver Signature Enforcement

Here you can discuss ReactOS related topics.

Moderator: Moderator Team

Post Reply
Quim
Posts: 235
Joined: Wed Jul 04, 2018 11:45 pm

Driver loader for bypassing Windows x64 Driver Signature Enforcement

Post by Quim » Fri Jan 18, 2019 6:58 am

TDL (Turla Driver Loader)
Driver loader for bypassing Windows x64 Driver Signature Enforcement
https://github.com/hfiref0x/TDL

This could be useful when ReactOS have a necesary NT 6.1 support and 64 bits port functional....

erkinalp
Posts: 837
Joined: Sat Dec 20, 2008 5:55 pm

Re: Driver loader for bypassing Windows x64 Driver Signature Enforcement

Post by erkinalp » Fri Jan 18, 2019 9:34 am

Not needed, as ReactOS is open source, you will already be able to disable signature checks. Signature check is not part of API contract, it is part of the security model.
-uses Ubuntu+GNOME 3 GNU/Linux
-likes Free (as in freedom) and Open Source Detergents
-favors open source of Windows 10 under GPL2

PurpleGurl
Posts: 1777
Joined: Fri Aug 07, 2009 5:11 am
Location: USA

Re: Driver loader for bypassing Windows x64 Driver Signature Enforcement

Post by PurpleGurl » Fri Jan 18, 2019 11:30 am

It is only needed going the other way. See, if we want to test our drivers on Windows that enforces this, that is how the driver loader could help us. We would directly load the driver without verification on our end, but if we want to test Windows behavior with our drivers, we'd likely need something like this.

ThFabba
Developer
Posts: 263
Joined: Sun Jul 11, 2010 11:39 am

Re: Driver loader for bypassing Windows x64 Driver Signature Enforcement

Post by ThFabba » Fri Jan 18, 2019 12:12 pm

Windows supports a Test-signing mode, exactly for the purpose of testing drivers without having to sign them.
So really, this isn't useful to many people at all -- namely, those developing malicious drivers, and those who need to deploy some kind of internal tooling across their organization but don't want to put every machine in test-signing mode (and don't want to pay for a certificate). And for the latter group it's not a good solution either, because it decreases the system's security (and likely, stability).

Post Reply

Who is online

Users browsing this forum: Ahrefs [Bot], Bing [Bot], Simon and 21 guests