Bâshrat the Sneaky Posted January 5, 2005 Share Posted January 5, 2005 I've been thinking... (hehe yes I do think ) And I'm convinced it must be possible to entirely disable DriverSigningPolicy. (so no more AutoIt script that automatically clicks 'continue anyway' when a WHQL violation screen pops up.The facts:1. Windows looks in the registry how it should react when you try to install a driver that's not WHQL signed. It looks in the HKCU and HKLM registers (also HKU\.Default?) The safest value is used. 2. Driver Signing Policy Is Automatically Elevated for Unsigned DriversThis behavior occurs because your computer is configured to display a warning message whenever an installation program tries to install a device driver that does not have a digital signature. Windows automatically raises the driver signing policy from Ignore to Warn whenever an installation program tries to install a device driver that does not have a digital signature. This is a function of Windows File Protection to promote the overall stability of the operating system.sourceConclusion:So we'd have to disable WFP completely in order to install _any_driver_ without problems.So how could we do that? Raverod provides a patched SFCOS.dll Here's the topicOr just use nLite to patch it!Now the question: am I really missing some point here or hasn't anyone noticed this option? Link to comment Share on other sites More sharing options...
Readiosys Posted January 5, 2005 Share Posted January 5, 2005 Do you mean it actually works or did you not test it yet ?It would be really interesting.For example, apply the patch during the Windows installation and then restore the original version after the drivers have been installed. Link to comment Share on other sites More sharing options...
Bâshrat the Sneaky Posted January 5, 2005 Author Share Posted January 5, 2005 Do you mean it actually works or did you not test it yet ?It would be really interesting.For example, apply the patch during the Windows installation and then restore the original version after the drivers have been installed.I did not test this yet. It's pure theory. Read the blue text .Do you understand me? I think I *have* to be wrong, because it 'look' so obvious... So I think I must be missing something.Edit: if THIS works, then I've got some other things to make this a completely new method. Link to comment Share on other sites More sharing options...
big poppa pump Posted January 5, 2005 Share Posted January 5, 2005 This method is not going to work!I have my WFP disabled and have tried installing ATI Beta drivers with one of my previous slipstreamed DVD's. It installs every other driver except the video driver since the beta drivers are not WHQL compliant. Link to comment Share on other sites More sharing options...
Bâshrat the Sneaky Posted January 5, 2005 Author Share Posted January 5, 2005 This method is not going to work!I have my WFP disabled and have tried installing ATI Beta drivers with one of my previous slipstreamed DVD's. It installs every other driver except the video driver since the beta drivers are not WHQL compliant.And did you only disable WFP or did you also disable DriverSigningPolicy? You have to do both... WFP just prevents that you can disable DriverSigningPolicy in a easy way. Link to comment Share on other sites More sharing options...
big poppa pump Posted January 5, 2005 Share Posted January 5, 2005 I know that! Why would I install an unsigned driver if I did not disable driversigning policy??? Link to comment Share on other sites More sharing options...
Bâshrat the Sneaky Posted January 6, 2005 Author Share Posted January 6, 2005 I know that! Why would I install an unsigned driver if I did not disable driversigning policy???No offense man!How did you disable the DriverSigningPolicy? Only in your winnt.sif? Link to comment Share on other sites More sharing options...
big poppa pump Posted January 6, 2005 Share Posted January 6, 2005 Yes, Driversigning is disabled in winnt.sif and I use the hacked sfc_os.dll to disable WFP. Link to comment Share on other sites More sharing options...
Bâshrat the Sneaky Posted January 7, 2005 Author Share Posted January 7, 2005 Yes, Driversigning is disabled in winnt.sif and I use the hacked sfc_os.dll to disable WFP.But you can disable the DriverSigningPolicy in another way as well, at least that's what I think. (came up with this myself, read nowhere about it, so I'm not sure, not tested yet)Windows XP searches the setting for DriverSigninPolicy. It looks in the HKCU and HKLM registers (also HKU\.Default?) The safest value is used. So what if we would change this default value? That would be possible: editing the HIVEDEF.INF and the HIVESFT.INF files in your I386 directory.That might make the difference IMO... Link to comment Share on other sites More sharing options...
big poppa pump Posted January 7, 2005 Share Posted January 7, 2005 Hmmm, that may be possible. I can test it out later this evening and see if that actually works. Link to comment Share on other sites More sharing options...
Bâshrat the Sneaky Posted January 7, 2005 Author Share Posted January 7, 2005 Hmmm, that may be possible. I can test it out later this evening and see if that actually works.Thank you very much for testing!Here are the entries you should add/change:change:fromHKLM,"SOFTWARE\Microsoft\Driver Signing",,0x00000010HKLM,"SOFTWARE\Microsoft\Non-Driver Signing",,0x00000010toHKLM,"SOFTWARE\Microsoft\Driver Signing",,0x00000000HKLM,"SOFTWARE\Microsoft\Non-Driver Signing",,0x00000000if not working, try to add these:HKCU,"SOFTWARE\Microsoft\Driver Signing",,0x00000000HKCU,"SOFTWARE\Microsoft\Non-Driver Signing",,0x00000000HKU,".DEFAULT\SOFTWARE\Microsoft\Driver Signing",,0x00000000HKU,".DEFAULT\SOFTWARE\Microsoft\Non-Driver Signing",,0x00000000HKCU,"SOFTWARE\Policies\Microsoft\Windows NT\Driver Signing\BehaviorOnFailedVerify",,0x000000a question to the registry-experts: in the registry it's in fact this key:HKLM,"SOFTWARE\Microsoft\Driver Signing\Policy",,0x00000010then why is itHKLM,"SOFTWARE\Microsoft\Driver Signing",,0x00000010in the HIVESFT.INF? Link to comment Share on other sites More sharing options...
Bâshrat the Sneaky Posted January 9, 2005 Author Share Posted January 9, 2005 I've got another idea: Windows prefers the drivers in driver.cab over the ones we add, because sometimes the .cat file is missing, right?Then, what if we would remove every cat file out of driver.cab? Then Windows would choose our drivers! Because Windows choose drivers to install like this: (highest rule = first rule)1. Driver signed2. Driver versionDo I sound like a fool now? Or is this again something nobody has ever noticed before? Link to comment Share on other sites More sharing options...
Enabled2k Posted May 11, 2005 Share Posted May 11, 2005 where is the winnt.sif file located?-thx Link to comment Share on other sites More sharing options...
djbe Posted May 11, 2005 Share Posted May 11, 2005 have you ever made an unattended cd/dvd?please visit unattended.msfn.org Link to comment Share on other sites More sharing options...
edmoncu Posted May 17, 2005 Share Posted May 17, 2005 i was wondering how was the progress of this method? will try to experiment on this one...edit: tried it myself, but it still asks me about now being digitally signed. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now