Hi Everybody
Excuse me, my English is poor.
I'm starting to write some 64 bit kernel-mode samples for Windows Vista with Masm64.
Because my free time is scarce and the argument is new and difficult, before continue, i would like to know if somebody is interested in this project.
Please let me know what you are thinking about it
Thank you! :bg
such example would surely be interesting. I haven't seen any assembly drivers for Vista yet.
Unsigned drivers running in XP64 run in Vista x64 after "Disable drivers signature enfocement" in boot menu. To avoid setting this menu during every boot, you can pay for certificate for drivers signing and sign bare driver using e.g. signtool from WDK.
Here some simple unsigned drivers written in FASM. They run in Vista x64 after pressing F8 at boot and then Disable drivers signature enforcement.
[attachment deleted by admin]
In fact, there is workaround, as usual :U
You don't have to pay for certificates. Instead, issue one to yourself, signed by Windows 2003 Offline Root CA. Then import the signers certificate into a "Trusted Root" certificate store through the group policy. From that point on, you'll have all your code properly signed. I'm not writing here an "could be" story, this is a scenario that was used countless times because it works. Actually, I used it more times for AuthentiCode(TM), but the principle is the same.
"It is a trust thing" :bg