|
|
|
@57201
|
9 years |
vboxsync |
windows hardning error reporting improvements.
|
|
|
|
@57165
|
9 years |
vboxsync |
supHardNtViCheckIfNotSignedOk: apphelp.dll is still not signed in W10, …
|
|
|
|
@57161
|
9 years |
vboxsync |
SUPR3HardenedMain-win.cpp: ext-ms-win-devmgmt-policy-l1-1-0.dll and …
|
|
|
|
@57108
|
9 years |
vboxsync |
supdrv: Added SUPKERNELFEATURES_SMAP to SUPR0GetKernelFeatures and …
|
|
|
|
@56746
|
9 years |
vboxsync |
SUPHardNt: Need another hack to make VBoxRT.dll load when executing …
|
|
|
|
@56733
|
9 years |
vboxsync |
SUPHardNt: Allow hardened exectuable binaries in the 'testcase' …
|
|
|
|
@56732
|
9 years |
vboxsync |
Added SUPHARNT_IMPORT_STDCALL_OPTIONAL (currently unused).
|
|
|
|
@56293
|
9 years |
vboxsync |
HostDrivers: Updated (C) year.
|
|
|
|
@55784
|
10 years |
vboxsync |
Restored lost ProductVersion.
|
|
|
|
@55782
|
10 years |
vboxsync |
Added an empty macro as a place holder for any additional strings we …
|
|
|
|
@55781
|
10 years |
vboxsync |
Clean up RC files, adding more version.h defines for common values.
|
|
|
|
@55778
|
10 years |
vboxsync |
SUPHardenedVerifyProcess-win.cpp: typo
|
|
|
|
@55772
|
10 years |
vboxsync |
Two more RC defines.
|
|
|
|
@55771
|
10 years |
vboxsync |
Use defines in the RC files and make those defines compatible with …
|
|
|
|
@55689
|
10 years |
vboxsync |
supHardNtVpFileMemCompareSection: Forgot to move pbFile forward along …
|
|
|
|
@55026
|
10 years |
vboxsync |
supHardNtVpFreeOrReplacePrivateExecMemory: Bugfix.
|
|
|
|
@55017
|
10 years |
vboxsync |
supHardNt: bcrypt.dll is not mandatory
|
|
|
|
@55007
|
10 years |
vboxsync |
supHardNt: Corrected loader lock ownership check. Turns out LockCount …
|
|
|
|
@54998
|
10 years |
vboxsync |
supHardNt: Some more memory replacment hacking - take evasive action …
|
|
|
|
@54997
|
10 years |
vboxsync |
supHardNt: Never call WinVerifyTrust and friends when owning the …
|
|
|
|
@54993
|
10 years |
vboxsync |
SUPHardNt: Extended the free/replace unknown exec memory trick a little.
|
|
|
|
@54666
|
10 years |
vboxsync |
SUPDrv-win.cpp: Make sure we don't call ExFreePoolWithTag with a NULL …
|
|
|
|
@54664
|
10 years |
vboxsync |
SUPDrv-win: be pedantic
|
|
|
|
@54581
|
10 years |
vboxsync |
HostDrivers/Support: add and use supdrvOSAreCpusOfflinedOnSuspend(). …
|
|
|
|
@54560
|
10 years |
vboxsync |
SUPHardNt: Don't get confused and throw …
|
|
|
|
@54502
|
10 years |
vboxsync |
SUPDrv-win.cpp: Reverted r98598.
|
|
|
|
@54490
|
10 years |
vboxsync |
Temporarily disabled delta calculations on windows.
|
|
|
|
@54453
|
10 years |
vboxsync |
Runtime/testcase: tstRTR0ThreadPreemption rename fixes.
|
|
|
|
@54412
|
10 years |
vboxsync |
SUPDrv-win.cpp: We can do cross calls using IPI too for a month or two.
|
|
|
|
@54139
|
10 years |
vboxsync |
SUPR3HardenedMain-win.cpp: Workaround for a process deadlock caused by …
|
|
|
|
@53955
|
10 years |
vboxsync |
SpcRoot-MicrosoftDevelopmentRootCertificateAuthority2014-078f0a9d03df11 …
|
|
|
|
@53948
|
10 years |
vboxsync |
header fixes
|
|
|
|
@53822
|
10 years |
vboxsync |
not optional.
|
|
|
|
@53821
|
10 years |
vboxsync |
SUPR3HardenedMain-win.cpp: Handle the case where someone uses …
|
|
|
|
@53820
|
10 years |
vboxsync |
SUPHardenedVerfiyImage-win.cpp: Tell RTLdr to disregard the specified …
|
|
|
|
@53784
|
10 years |
vboxsync |
fixed @file information of a couple of .rc files
|
|
|
|
@53781
|
10 years |
vboxsync |
added a bunch of missing Windows resource files and fixed a few minor bugs
|
|
|
|
@53396
|
10 years |
vboxsync |
HostDrivers/Support: Don't try measuring TSC deltas on OSes that …
|
|
|
|
@53329
|
10 years |
vboxsync |
SUPDrv-win.cpp: Must reset enmProcessKind before releasing pNtChild in …
|
|
|
|
@53220
|
10 years |
vboxsync |
SUP: Relax image architecture restrictions so 32-bit resource DLLs …
|
|
|
|
@53051
|
10 years |
vboxsync |
supR3HardenedMonitor_LdrLoadDll: Merged the name mapping log statement …
|
|
|
|
@53045
|
10 years |
vboxsync |
SUP: Reduce LdrLoadDll logging. Still one log statement needing …
|
|
|
|
@53042
|
10 years |
vboxsync |
SUP: CERT_E_CHANING due to signatures rooted in 'Microsoft Digital …
|
|
|
|
@53036
|
10 years |
vboxsync |
SUP: NtCreateFile requires SYNCHRONIZE access when …
|
|
|
|
@53035
|
10 years |
vboxsync |
supHardNtViRdrRead: Cleanup and deal with async i/o in ring-3 just to …
|
|
|
|
@53034
|
10 years |
vboxsync |
SUP: Missing two FILE_SYNCHRONOUS_IO_NONALERT flags, one of which …
|
|
|
|
@53027
|
10 years |
vboxsync |
Forward ported r96507: SUP: Don't wait for yourself to quit, wait on …
|
|
|
|
@53025
|
10 years |
vboxsync |
SUP: corrected child error message and fudge the memory replace ment …
|
|
|
|
@53024
|
10 years |
vboxsync |
SUP: Removed heap debug code.
|
|
|
|
@53022
|
10 years |
vboxsync |
SUP: XP + ATI kludge.
|
|
|
|
@53021
|
10 years |
vboxsync |
SUP: Revised the dgmaster.sys/sakfile.sys hack as it didn't quite work …
|
|
|
|
@53018
|
10 years |
vboxsync |
SUP: corrected log message.
|
|
|
|
@53017
|
10 years |
vboxsync |
SUP: Try to work around sakfile.sys bsod and dgmaster.sys.
|
|
|
|
@53016
|
10 years |
vboxsync |
SUPDrv-win.cpp: Trust the system process a little bit more to make …
|
|
|
|
@53011
|
10 years |
vboxsync |
SUP: instrumentation for debugging possible heap corruption.
|
|
|
|
@53005
|
10 years |
vboxsync |
SUP: Short list of microsoft files that when found not to be signed in …
|
|
|
|
@53003
|
10 years |
vboxsync |
SUP: A bit more logging.
|
|
|
|
@53002
|
10 years |
vboxsync |
VBoxDrv-win.cpp: Keep the error info string from failed VBoxDrv and …
|
|
|
|
@52975
|
10 years |
vboxsync |
build fix
|
|
|
|
@52974
|
10 years |
vboxsync |
SUP: Seems ThreadHideFromDebugger on others might require debugger …
|
|
|
|
@52973
|
10 years |
vboxsync |
SUP: Handle denormalized command line string pointer and always ignore …
|
|
|
|
@52972
|
10 years |
vboxsync |
supR3HardNtChildPurify: Logging improvements.
|
|
|
|
@52969
|
10 years |
vboxsync |
SUP: Restructured the respawn + child purification code to use the …
|
|
|
|
@52968
|
10 years |
vboxsync |
build fix
|
|
|
|
@52967
|
10 years |
vboxsync |
SUP: simplified the ntdll hooking / patching so we can avoid the jump …
|
|
|
|
@52966
|
10 years |
vboxsync |
fixed w8.1 .mrdata hack.
|
|
|
|
@52962
|
10 years |
vboxsync |
SUP: Check the entire NTDLL during process verification now that we're …
|
|
|
|
@52954
|
10 years |
vboxsync |
Tighten the checks on the stub process a little bit (part 1).
|
|
|
|
@52953
|
10 years |
vboxsync |
SUP: Use LdrRegisterDllNotification when available to make sure we see …
|
|
|
|
@52950
|
10 years |
vboxsync |
duh
|
|
|
|
@52949
|
10 years |
vboxsync |
SUP: Do the early init thing on the stub process too.
|
|
|
|
@52947
|
10 years |
vboxsync |
SUP: Implemented early VM process vboxdrv initialization.
|
|
|
|
@52945
|
10 years |
vboxsync |
win.x86 build fix
|
|
|
|
@52943
|
10 years |
vboxsync |
SUP: The child side of early VM process init.
|
|
|
|
@52941
|
10 years |
vboxsync |
Use our own heap in the hope that we can use it before ntdll is really …
|
|
|
|
@52940
|
10 years |
vboxsync |
Eliminating some more kernel32.dll dependencies, marking APIs we like …
|
|
|
|
@52908
|
10 years |
vboxsync |
supdrvNtProtectRelease: Decrement child reference count, don't …
|
|
|
|
@52907
|
10 years |
vboxsync |
SUP: Allow loading of administrator group owned DLLs in addition to …
|
|
|
|
@52906
|
10 years |
vboxsync |
SUP: detect ZoneAlarm installs.
|
|
|
|
@52905
|
10 years |
vboxsync |
SUPDrv-win.cpp: 32-bit + CSRSS hack for working around ZoneAlarm -104 …
|
|
|
|
@52877
|
10 years |
vboxsync |
Import NtQuerySystemInformation.
|
|
|
|
@52875
|
10 years |
vboxsync |
SUP: Log more details on system dlls and hot patching.
|
|
|
|
@52844
|
10 years |
vboxsync |
suplibOsStopService: The rc variable was used uninitialized in one …
|
|
|
|
@52834
|
10 years |
vboxsync |
SUP: Fixed copy and past bug in supR3HardenedWinVerifyCacheIsMatch. …
|
|
|
|
@52795
|
10 years |
vboxsync |
SUP: Deal with comodo's ntdll export and getprocaddress modifications. …
|
|
|
|
@52744
|
10 years |
vboxsync |
terrible experiment with kernel32/base and avast.
|
|
|
|
@52741
|
10 years |
vboxsync |
SUP: Better adversary detection.
|
|
|
|
@52739
|
10 years |
vboxsync |
SUP: Increase fudge factors when there are known trouble makers around.
|
|
|
|
@52738
|
10 years |
vboxsync |
SUPDrv-win.cpp: Forgot to initialize g_pAlpcPortObjectType1.
|
|
|
|
@52737
|
10 years |
vboxsync |
Document the ALPC hack.
|
|
|
|
@52736
|
10 years |
vboxsync |
SUPDrv-win.cpp: Reduce noise.
|
|
|
|
@52735
|
10 years |
vboxsync |
SUPDrv-win.cpp: Alternative way of obtaining the ALPC Port object type.
|
|
|
|
@52709
|
10 years |
vboxsync |
SUP: Improve VBoxDrvStub open error reporting.
|
|
|
|
@52704
|
10 years |
vboxsync |
SUP: Apply redirection to full paths too.
|
|
|
|
@52703
|
10 years |
vboxsync |
SUP: Disable the 2nd ntdll.dll mapping as avast users are seeing …
|
|
|
|
@52690
|
10 years |
vboxsync |
SUP: relax trusted installer for winsxs too.
|
|
|
|
@52679
|
10 years |
vboxsync |
SUP: Cache errors and don't log LdrLoadDll calls before we've …
|
|
|
|
@52668
|
10 years |
vboxsync |
SUP: Wrong flags field in the wShowWindow forwarding feature.
|
|
|
|
@52666
|
10 years |
vboxsync |
SUP: Fix Ctrl-C issue.
|
|
|
|
@52665
|
10 years |
vboxsync |
SUP: Pass along the ShowWindowsFlags.
|
|
|
|
