Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

V1.3.2无法进入内核模式 #158

Open
EvilOctopusFu opened this issue Nov 19, 2023 · 2 comments
Open

V1.3.2无法进入内核模式 #158

EvilOctopusFu opened this issue Nov 19, 2023 · 2 comments
Labels
fixed This issue is fixed, wait for release kernel-mode-error

Comments

@EvilOctopusFu
Copy link

日志内容
OpenArk Console
Copyright (C) 2019 BlackINT3 https://github.com/BlackINT3/OpenArk
[UNONE::FsReadFileDataW] [WARN] C:\Users\Octopus home\AppData\Roaming\OpenArk\console\history.txt is empty file
[Kernel::InitKernelEntryView::::operator ()] [INFO] 操作系统 : Windows 10
[Kernel::InitKernelEntryView::::operator ()] [INFO] 主版本号 : 10
[Kernel::InitKernelEntryView::::operator ()] [INFO] 副版本号 : 0
[Kernel::InitKernelEntryView::::operator ()] [INFO] 发行编号 : 22H2
[Kernel::InitKernelEntryView::::operator ()] [INFO] 编译号 : 19045
[Kernel::InitKernelEntryView::::operator ()] [INFO] 主服务包 : 0
[Kernel::InitKernelEntryView::::operator ()] [INFO] 副服务包 : 0
[Kernel::InitKernelEntryView::::operator ()] [INFO] R3地址空间 : 0x10000 - 0x7FFFFFFEFFFF
[Kernel::InitKernelEntryView::::operator ()] [INFO] R0地址空间 : 0xFFFF080000000000 - 0xFFFFFFFFFFFFFFFF
[Kernel::InitKernelEntryView::::operator ()] [INFO] 页面大小 : 4 KB
[Kernel::InitKernelEntryView::::operator ()] [INFO] 物理内存 : 32 GB
[Kernel::InitKernelEntryView::::operator ()] [INFO] CPU核数 : 20
[Kernel::InitKernelEntryView::::operator ()] [INFO] 系统根目录 : C:\WINDOWS
[Kernel::InitKernelEntryView::::operator ()] [INFO] 启动时间 : 2023-11-16 23:59:15 (2Day/21Hour/57Min)
[Kernel::InitKernelEntryView::::operator ()] [INFO] BootInfo : UEFI
[Kernel::InitKernelEntryView::::operator ()] [INFO] HVM : VT Enabled
[OpenArk::onActionCheckUpdate] [INFO] requset server:https://file.blackint3.com:88/openark/version.txt
[OpenArk::onActionCheckUpdate::::operator ()] [INFO] local appver:1.3.2, build:202311111651
[OpenArk::onActionCheckUpdate::::operator ()] [INFO] server responsed:{
"err": 0,
"appver": "1.3.2",
"appbd": "202311111651",
"appcl": "6L+b56iL5aKe5by677ya5aKe5YqgUFBM44CB5YaF5a2Y5omr5o+P44CB57q/56iL566h55CG44CB5qih5Z2X5Y246L2944CB5Y+l5p+E5o+Q5p2D562J5ZCE56eN5Yqf6IO9CuWGheaguOWinuW8uu+8muWinuWKoOemgeeUqC/lkK/nlKjlm57osIPvvIxEdW1w6amx5Yqo44CB5raI5oGv6ZKp5a2Q44CB5by65Yig5paH5Lu244CB5paH5Lu2L+azqOWGjOihqOeuoeeQhuOAgeWQr+WKqOmhueOAgeiuoeWIkuS7u+WKoeOAgeacjeWKoeeuoeeQhuetieWQhOenjeWKn+iDvQrnlYzpnaLlop7lvLrvvJrkvJjljJZVSe+8jOWkp+W5heaPkOWNh+a1geeVheaApwrmlK/mjIHmnIDmlrBXaW4xMQpCVUfkv67lpI3vvIzov5jmnInlhbblroPlvojlpJrmnKrmj5Dlj4rnmoTlip/og70KS2VlcCBTaW1wbGUsIEtlZXAgRXZvbHV0aW9uYXJ5IQotLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0KSW1wb3ZlZCBwcm9jZXNzIG1hbmFnZXI6IEFkZGVkIFBQTCxNZW1vcnlTY2FuLFRocmVhZCx1bmxvYWQgbW9kdWxl44CBY2hhbmdlIGhhbmRsZSBhY2Nlc3MgZXRjLgpJbXBvdmVkIGtlcm5lbCBtYW5hZ2VyOiBBZGRlZCBrZXJuZWwgZmVhdHVyZXMsIGVuYWJsZS9kaXNhYmxlIGNhbGxiYWNrLCBEdW1wIGRyaXZlcixNZXNzYWdlSG9vayxGb3JjZURlbGV0ZSxGaWxlL1JlZy9Cb290IG1hbmFnZXIgZXRjLgpJbXByb3ZlZCBVSSBzdWJzdGFudGlhbGx5LgpTdXBwb3J0IHdpbjExIGxhdGVzdCByZWxlYXNlLgpCdWdmaXhlZCBhbmQgbWFueSBvdGhlciB1bm1lbnRpb25lZCBmZWF0dXJlcy4K",
"appurl": "https://github.com/BlackINT3/OpenArk/releases"
}

[OpenArk::onActionCheckUpdate::::operator ()] [INFO] OpenArk is latest.
[UNONE::ObLoadDriverW] [ERR] NtLoadDriver service:\Registry\Machine\System\CurrentControlSet\Services\OpenArkDrv64 err:c0000603
[UNONE::ObLoadDriverW] [ERR] NtLoadDriver service:\Registry\Machine\System\CurrentControlSet\Services\OpenArkDrv64 err:c0000428
[Kernel::ParseKernelSymbol] [INFO] PDB: C:\Users\Octopus home\AppData\Roaming\OpenArk\symbols\ci.pdb\818AA8443EB56C9F8DB07EC500C948C31\ci.pdb
[Kernel::ParseKernelSymbol] [INFO] PDB: C:\Users\Octopus home\AppData\Roaming\OpenArk\symbols\fltMgr.pdb\C6B7358770920641714F8F39943309AC1\fltMgr.pdb
[Kernel::ParseKernelSymbol] [INFO] PDB: C:\Users\Octopus home\AppData\Roaming\OpenArk\symbols\netio.pdb\A6FB7302AF03576B8E72B1E88E1987F31\netio.pdb
[Kernel::ParseKernelSymbol] [INFO] PDB: C:\Users\Octopus home\AppData\Roaming\OpenArk\symbols\ntkrnlmp.pdb\C7DF30B22252078525B414CC51B257D31\ntkrnlmp.pdb
[Kernel::ParseKernelSymbol] [INFO] PDB: C:\Users\Octopus home\AppData\Roaming\OpenArk\symbols\win32k.pdb\4861D9D8CC375CC7E28E23C9A6E302D71\win32k.pdb
[Kernel::ParseKernelSymbol] [INFO] PDB: C:\Users\Octopus home\AppData\Roaming\OpenArk\symbols\win32kbase.pdb\FA1C050675BBD0FD1087FC16B64484121\win32kbase.pdb
[Kernel::ParseKernelSymbol] [INFO] PDB: C:\Users\Octopus home\AppData\Roaming\OpenArk\symbols\win32kfull.pdb\A98E77AA58C330578F7A4BB1F1532FC11\win32kfull.pdb
[Kernel::onEnterKernelMode] [INFO] InstallDriver with new workaround.
[Kernel::onEnterKernelMode] [ERR] InstallDriver C:\Users\Octopus home\AppData\Roaming\OpenArk\kernel\OpenArkDrv64.sys err
@BlackINT3 BlackINT3 added fixed This issue is fixed, wait for release kernel-mode-error labels Nov 23, 2023
@BlackINT3
Copy link
Owner

v1.3.4 Beta fixed, join QQ group download it.

@incredibleIdea
Copy link

I already download the v1.3.4Beta. But it still report this error.
734be7d42a5a8c18ba7c6f1cee972cf3

When i tried to run again after remove OpenArk directory in the Roaming. I got error like this
38c7e4a4d151c2066f42aa15752ab4cb

By the way.It's my system
a920ee83383ef205a12b47a44749223c

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
fixed This issue is fixed, wait for release kernel-mode-error
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@incredibleIdea @BlackINT3 @EvilOctopusFu