Can't Use in Win 11 22H2 about kdmapper HOT 13 CLOSED

Probably some antivirus/anticheat is intercepting intel driver to remove the vulnerability making the driver unusable, I can confirm that it works fine in that windows build

from kdmapper.

doesnt work for me there is no anti cheat in background
i have an AMD Processor

from kdmapper.

doesnt work for me there is no anti cheat in background i have an AMD Processor

i am also having this problem same version.

from kdmapper.

Make sure you have:
All Antivirus uninstalled (Is possible that some modules to protect the kernel remain active even with protection disabled)
FACEIT, Vanguard and other anticheats uninstalled, this anticheats can't be disabled and some of them are working in background, and they can intercept the IOCTL of vulnerable drivers to modify it behavior like antivirus
HVCI (Memory protection) Disabled
Vulnerable driver list disabled
less common but can give you issues: make sure there is no any real iqvw64e driver installed in your system

If you did all this steps and still don't work you may try to disable virtualization in your BIOS if enabled to prevent any tool from using virtualization to protect the system

if still don't work, send a report of your system running "msinfo32 /nfo ./report.nfo" and I will try to check when I can

from kdmapper.

Make sure you have: All Antivirus uninstalled (Is possible that some modules to protect the kernel remain active even with protection disabled) FACEIT, Vanguard and other anticheats uninstalled, this anticheats can't be disabled and some of them are working in background, and they can intercept the IOCTL of vulnerable drivers to modify it behavior like antivirus HVCI (Memory protection) Disabled Vulnerable driver list disabled less common but can give you issues: make sure there is no any real iqvw64e driver installed in your system

If you did all this steps and still don't work you may try to disable virtualization in your BIOS if enabled to prevent any tool from using virtualization to protect the system

if still don't work, send a report of your system running "msinfo32 /nfo ./report.nfo" and I will try to check when I can

followed every step still doesnt work
virtualization doesnt exist in my BIOS, i disabled the Vulnerable driver list in regedit and i also checked if core isolation is disabled and it is
the other stuff is already disabled (i checked it)

it says "Failed to register and start service for the vulnerable driver"

from kdmapper.

Show us the error code or a capture, but definitely that error isn't related with this issue

from kdmapper.

you're getting STATUS_INVALID_DEVICE_REQUEST, are you sure you haven't loaded iqvw64e.sys or an old version of it somehow?

from kdmapper.

Show us the error code or a capture, but definitely that error isn't related with this issue

when i launch kdmapper with my driver it just cloese at NtUnloadDriver status 0x0

from kdmapper.

You must run kdmapper under a admin access console if you want to see the output

from kdmapper.

Show us the error code or a capture, but definitely that error isn't related with this issue

[<] Loading vulnerable driver, Name: IaMxivpzjrhgdL
[+] NtLoadDriver Status 0x0
[+] PiDDBLock Ptr 0xfffff8046853efac
[+] PiDDBCacheTable Ptr 0xfffff8046853f0e8
[+] PiDDBLock Locked
[+] Found Table Entry = 0xFFFF810A775B2360
[+] PiDDBCacheTable Cleaned
[+] g_KernelHashBucketList Found 0xFFFFF8046C8C2088
[+] g_HashCacheLock Locked
[+] Found In g_KernelHashBucketList: IaMxivpzjrhgdL
[+] g_KernelHashBucketList Cleaned
[+] MmUnloadedDrivers Cleaned: IaMxivpzjrhgdL
[+] WdFilter.sys not loaded, clear skipped
[+] Image base has been allocated at 0xFFFF98026E322000
[+] Skipped 0x1000 bytes of PE Header
[+] Load config directory wasn't found, probably StackCookie not defined, fix cookie skipped
[<] Calling DriverEntry 0xFFFF98026E322000
[+] Callback example called
[+] DriverEntry returned 0x0
[<] Unloading vulnerable driver
[+] NtUnloadDriver Status 0x0
[+] Vul driver data destroyed before unlink
[+] success

using the HelloWorld driver example, DebugView doesnt show anything

from kdmapper.

Show us the error code or a capture, but definitely that error isn't related with this issue

[<] Loading vulnerable driver, Name: IaMxivpzjrhgdL [+] NtLoadDriver Status 0x0 [+] PiDDBLock Ptr 0xfffff8046853efac [+] PiDDBCacheTable Ptr 0xfffff8046853f0e8 [+] PiDDBLock Locked [+] Found Table Entry = 0xFFFF810A775B2360 [+] PiDDBCacheTable Cleaned [+] g_KernelHashBucketList Found 0xFFFFF8046C8C2088 [+] g_HashCacheLock Locked [+] Found In g_KernelHashBucketList: IaMxivpzjrhgdL [+] g_KernelHashBucketList Cleaned [+] MmUnloadedDrivers Cleaned: IaMxivpzjrhgdL [+] WdFilter.sys not loaded, clear skipped [+] Image base has been allocated at 0xFFFF98026E322000 [+] Skipped 0x1000 bytes of PE Header [+] Load config directory wasn't found, probably StackCookie not defined, fix cookie skipped [<] Calling DriverEntry 0xFFFF98026E322000 [+] Callback example called [+] DriverEntry returned 0x0 [<] Unloading vulnerable driver [+] NtUnloadDriver Status 0x0 [+] Vul driver data destroyed before unlink [+] success

using the HelloWorld driver example, DebugView doesnt show anything

are you sure you're capturing kernel in DebugView? DriverEntry returned STATUS_SUCCESS, so i don't feel like this is a kdmapper issue

from kdmapper.

Show us the error code or a capture, but definitely that error isn't related with this issue

[<] Loading vulnerable driver, Name: IaMxivpzjrhgdL [+] NtLoadDriver Status 0x0 [+] PiDDBLock Ptr 0xfffff8046853efac [+] PiDDBCacheTable Ptr 0xfffff8046853f0e8 [+] PiDDBLock Locked [+] Found Table Entry = 0xFFFF810A775B2360 [+] PiDDBCacheTable Cleaned [+] g_KernelHashBucketList Found 0xFFFFF8046C8C2088 [+] g_HashCacheLock Locked [+] Found In g_KernelHashBucketList: IaMxivpzjrhgdL [+] g_KernelHashBucketList Cleaned [+] MmUnloadedDrivers Cleaned: IaMxivpzjrhgdL [+] WdFilter.sys not loaded, clear skipped [+] Image base has been allocated at 0xFFFF98026E322000 [+] Skipped 0x1000 bytes of PE Header [+] Load config directory wasn't found, probably StackCookie not defined, fix cookie skipped [<] Calling DriverEntry 0xFFFF98026E322000 [+] Callback example called [+] DriverEntry returned 0x0 [<] Unloading vulnerable driver [+] NtUnloadDriver Status 0x0 [+] Vul driver data destroyed before unlink [+] success

using the HelloWorld driver example, DebugView doesnt show anything

Kdmapper work fine in that case

from kdmapper.

I will close this issue since no more updates and looks more like an issue in people configuration or wrong usage

from kdmapper.