Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Can not load driver #393

Open
oeroi opened this issue Jun 18, 2024 · 7 comments
Open

Can not load driver #393

oeroi opened this issue Jun 18, 2024 · 7 comments

Comments

@oeroi
Copy link

oeroi commented Jun 18, 2024
edited
Loading

Describe the bug
When using HyperDbg in VMware, there is an error message indicating that the driver failed to load with error 0x7f. DES has already been disabled using WinDbg, and both VBS and Hyper-V have been turned off.

To Reproduce

HyperDbg> .debug prepare serial 115200 com1
err, StartService failure (7f)
unable to install VMM driver
failed to install or load the driver

HyperDbg>

Expected behavior
Load Driver success

Screenshots
no

Desktop (please complete the following information):

  • VM OS: [e.g. Win 10 10.0.18363]
  • Processor [e.g. Intel i5 12600k]
@SinaKarvandi
Copy link
Member

Hi,
Thanks for creating this issue.

Well, based on the error,

ERROR_PROC_NOT_FOUND
    127 (0x7F)
    The specified procedure could not be found.

It seems the error is related to the target Windows. Is it a 32-bit Windows 10? or 64-bit?
Are you sure that HyperDbg is correctly compiled and are you using the latest version (v0.9)?

@oeroi
Copy link
Author

oeroi commented Jun 19, 2024

Thank you for your response.
The system is Windows 10 version 10.0.18363 64-bit. Whether using a self-compiled version of HyperDbg or the release version from GitHub v0.9, the result is the same.

@SinaKarvandi
Copy link
Member

My first guess is that since HyperDbg uses the latest Windows 11 SDK, Windows 10 19h2 (build 10.0.18363) is not compatible, though not sure. Can you lower the SDK version of the Visual Studio before building HyperDbg?

Another suggestion, maybe using the 'sc' command in Windows or OSR Driver loader to load the 'hprdbgkd.sys' can give us more information about why Windows won't allow HyperDbg to load normally.

@oeroi
Copy link
Author

oeroi commented Jun 22, 2024

It might be related to my virtual machine system. I have made anti-anti-VM check modifications to the system, such as altering the return values of CPUID, which might be causing the driver to fail to load.

@oeroi
Copy link
Author

oeroi commented Jun 22, 2024

I installed a new vm system, but the result is still the same.
Untitled

@oeroi
Copy link
Author

oeroi commented Jun 22, 2024

I'll try installing Windows 11 later and see if it works.

@SinaKarvandi
Copy link
Member

It might be related to my virtual machine system. I have made anti-anti-VM check modifications to the system, such as altering the return values of CPUID, which might be causing the driver to fail to load.

This could be the reason why it fails since HyperDbg checks for VMX features on CPUID.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@SinaKarvandi @oeroi