Windows System Software -- Consulting, Training, Development -- Unique Expertise, Guaranteed Results

Home NTDEV
Before Posting...
Please check out the Community Guidelines in the Announcements and Administration Category.

More Info on Driver Writing and Debugging


The free OSR Learning Library has more than 50 articles on a wide variety of topics about writing and debugging device drivers and Minifilters. From introductory level to advanced. All the articles have been recently reviewed and updated, and are written using the clear and definitive style you've come to expect from OSR over the years.


Check out The OSR Learning Library at: https://www.osr.com/osr-learning-library/


App I need for testing wont run on Test Mode system, so...

matt_sykesmatt_sykes Member - All Emails Posts: 290

Is there anyway to get an unsigned driver on the system, any workaround, anyway of fooling the app into thinking the system is not in test mode?

Comments

  • Peter_Viscarola_(OSR)Peter_Viscarola_(OSR) Administrator Posts: 7,807

    Attach a debugger (and make it active) to the test system. Done.

    Peter

    Peter Viscarola
    OSR
    @OSRDrivers

  • matt_sykesmatt_sykes Member - All Emails Posts: 290

    @Peter_Viscarola_(OSR) said:
    Attach a debugger (and make it active) to the test system. Done.

    Peter

    Not on 1836 it doesnt, screen still shows TestMode and the app wont run.

    Oh well.

  • Peter_Viscarola_(OSR)Peter_Viscarola_(OSR) Administrator Posts: 7,807

    You don't put the Target into test mode. You just enable debug (and boot debug). This has always been "the way to do it." It's what we do in our classes, to enable us to entirely avoid signing anything.

    Are you trying to say that in 20H1, Microsoft has disabled the feature that allows unsigned kernel-mode drivers to be loaded when a debugger is attached and active. That would be a massive and very drastic change. I find that very hard to believe, but I haven't personally verified that this is not the case.

    Peter

    Peter Viscarola
    OSR
    @OSRDrivers

  • matt_sykesmatt_sykes Member - All Emails Posts: 290

    @Peter_Viscarola_(OSR) said:
    You don't put the Target into test mode. You just enable debug (and boot debug). This has always been "the way to do it." It's what we do in our classes, to enable us to entirely avoid signing anything.

    Are you trying to say that in 20H1, Microsoft has disabled the feature that allows unsigned kernel-mode drivers to be loaded when a debugger is attached and active. That would be a massive and very drastic change. I find that very hard to believe, but I haven't personally verified that this is not the case.

    Peter

    I did just enable debug Peter, it wasnt it didnt have testsigning set, or loadoptions for that matter. But, this is 1836, TestMOde still displayed.

  • matt_sykesmatt_sykes Member - All Emails Posts: 290

    debug on, nothing else, 1936, displays testmode

  • Peter_Viscarola_(OSR)Peter_Viscarola_(OSR) Administrator Posts: 7,807

    Can you please bit a bit more clear about the build? "1836" isn't a build number I recognize off-hand. The "most recent" build of 20H1 is 19041, IIRC.

    19H1 was build 18362, version 1903; 19H2 was build 18363, version 1909.

    If you mean 19H2 build 19363, version 1909, I do see that when you enable debug and/or boot debug, the system DOES show as being in test mode. Interesting... I never noticed that:

    Peter

    Peter Viscarola
    OSR
    @OSRDrivers

  • matt_sykesmatt_sykes Member - All Emails Posts: 290

    18362.19H1, forgot the 2. You can see it in the screen shot Peter. I installed an old wind10 off an MSDN subscription I had, went to update, and it blew away the entire OS and put this on, creating a windows.old dir

    Oddly ver returns 10.0.18363.418 3 not 2

    Oh isnt this 'we will only make one Windows form now on, WIndows 10' working out well! What a load of crap. THis is more of a mess than Vista.

  • Peter_Viscarola_(OSR)Peter_Viscarola_(OSR) Administrator Posts: 7,807

    10.0.18363.418 : That would make it 19H2... Updated through KB 4157389.

    But, no matter. Thanks for the clarity. And for calling attention to the "Test Mode" notice that pops when debug is enabled. I never noticed that.

    Peter

    Peter Viscarola
    OSR
    @OSRDrivers

  • matt_sykesmatt_sykes Member - All Emails Posts: 290

    'Windows, the non deterministic infinite state machine'. You always learn something! :)

  • matt_sykesmatt_sykes Member - All Emails Posts: 290

    But it is odd that Ver and the TestMode splash display different numbers. Weird.

    (I really with Msft had stuck with using major numbers to differentiate their OSes and not this garbage. )

  • MBond2MBond2 Member Posts: 99

    quote 'Windows, the non deterministic infinite state machine'. You always learn something!

    yes you can always learn somthing from what others have done before, but I find disturbing is the number of times we get comments like this. which boil down into 'well i didn't know that' and 'why didn't they make it easier for me to learn'.

Sign In or Register to comment.

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Upcoming OSR Seminars
OSR has suspended in-person seminars due to the Covid-19 outbreak. But, don't miss your training! Attend via the internet instead!
Kernel Debugging 30 Mar 2020 OSR Seminar Space
Developing Minifilters 15 Jun 2020 LIVE ONLINE
Writing WDF Drivers 22 June 2020 LIVE ONLINE
Internals & Software Drivers 28 Sept 2020 Dulles, VA