Video Tutorial How to Make a Windows Kernel Mode Driver Tutorial

Hexui Undetected CSGO Cheats Sinkicheat PUBG Cheat

dretax

CIL Expert
Dank Tier VIP
Fleep Tier Donator
Mar 28, 2020
111
8,673
0
Game Name
N/A
Anticheat
N/A
How long you been coding/hacking?
7/3
Coding Language
C
This tutorial series will teach you everything you need to make a kernel driver on Windows.

This video gives you a basic insight on how kernel drivers work, how can you setup your Visual Studio to be able to make & compile one. It also shows you how to view debug output of your drivers.

What is a kernel mode driver & Kernel Mode vs Usermode

Regular .exe you run, execute in UserMode. The core functionality of the operating system and Input/Output is done in kernel mode, which is a privelages part of memory that is not accesible from usermode and executes with privelaged status on the CPU. The Usermode/Kernelmode construct is built into the CPU. Drivers are not just limited to Hardware Drivers, you can make a .sys driver to do anything you want in kernel mode.

Usermode processes don't have access to kernel mode processes and memory. That is how the CPU and Operating System are designed. If an anticheat is in usermode and has very good protections, you can write a kernel mode driver to either bypass those protections in user mode by patching the anticheat or by hiding your usermode cheat from it. Because coding for the kernel is more complicated and difficult, it's easiest just to use your kernel mode module to bypass the anticheat or hide your usermode cheat, and then do your regular cheating logic in your usermode module. Alternatively you can write your entire hack to run in kernel mode, which is more difficult.

Windows Kernel Driver Tutorial 1 - Setup & Hello World

Make sure you end debug string with a new line char, because I forgot It in the video.
One thing to note that wasn't covered is that the strings you pass to DbgPrintEx need to end with a newline character otherwise it won't flush to the output and you won't see anything. If you're following the tutorial then add it here:

DebugMessage("Rake says goodbye!\n");
Example Project to Learn from
Source Code - CSGO Kernel Driver Multihack

Resources
 

Attachments

Last edited:

neonplanet

Newbie
Meme Tier VIP
Dank Tier Donator
Sep 7, 2017
253
4,328
13
thanks for this tutorial my guy, was looking forward to making drivers to bypass anti cheats. :fleep:
 
  • Like
Reactions: dretax

Icew0lf

Software Ninjaneer
Dank Tier VIP
Fleep Tier Donator
Aug 20, 2013
639
17,558
43
awesome, looking forward to learn something from this series, very interesting topic and nice guidance through the single steps!
 

XdarionX

Dying Light Hacker
Dank Tier VIP
Dank Tier Donator
Mar 30, 2018
878
24,608
116
great job! but i would suggest to use UNREFERENCED_PARAMETER instead of completely disabling the warning
 
  • Like
Reactions: dretax

cs2380189

Humble Learner
Dank Tier Donator
Feb 2, 2018
1
354
0
I am just looking for a kernel driver tutorial and this is PERFECT. Can't wait to see next episodes.
 
  • Like
Reactions: dretax

KF1337

*copies code from tutorials, then breaks it.*
Dank Tier Donator
Full Member
Nobleman
Jan 30, 2020
152
3,603
0
Very nice introduction! I liked that you explained all the prerequirements that you need for a kernel driver!

So it seems you are making another kernel driver tutorial?
 
  • Like
Reactions: dretax

as21

Newbie
Full Member
Nobleman
Oct 16, 2016
86
553
0
BatlleEye = No detect

1 hour later

BatlleEye = Detect :ROFLMAO:
 
Last edited by a moderator:

__jtag

Full Member
May 30, 2020
2
138
0
Hi guys,

Very nice tutorial :). I managed to get it to work with the help of this article: OSR Dev Blog:Getting DbgPrint Output To Appear In Vista and Later.

One thing to note that wasn't covered is that the strings you pass to DbgPrintEx need to end with a newline character otherwise it won't flush to the output and you won't see anything. If you're following the tutorial then add it here:

DebugMessage("Rake says goodbye!\n");

Or you can just download the code provided in the attatchment. Lol.
 
  • Like
Reactions: Rake and dretax

dretax

CIL Expert
Dank Tier VIP
Fleep Tier Donator
Mar 28, 2020
111
8,673
0
Hi guys,

Very nice tutorial :). I managed to get it to work with the help of this article: OSR Dev Blog:Getting DbgPrint Output To Appear In Vista and Later.

One thing to note that wasn't covered is that the strings you pass to DbgPrintEx need to end with a newline character otherwise it won't flush to the output and you won't see anything. If you're following the tutorial then add it here:

DebugMessage("Rake says goodbye!\n");

Or you can just download the code provided in the attatchment. Lol.
Glad to see you got it working. Yeah, no idea why, but I forgot to add them in the video. The second episode has them included. :D
 

saadoxdev

Newbie
Full Member
Jan 22, 2018
10
168
0
1596191946579.png

@dretax Very smoth on explaining and Detailing stuff bud , This is Certainly not for begginers just in case some1 wondering ..
I will dig into using Vulnerable signed driver ( After i watch the second ) while you post the new vid ! Looking forward it .
 
Last edited:
  • Like
Reactions: dretax
Attention! Before you post:

Read the How to Ask Questions Guide
99% of questions are answered in the Beginner's Guide, do it before asking a question.

No Hack Requests. Post in the correct section.  Search the forum first. Read the rules.

How to make a good post:

  • Fill out the form correctly
  • Tell us the game name & coding language
  • Post everything we need to know to help you
  • Ask specific questions, be descriptive
  • Post errors, line numbers & screenshots
  • Post code snippets using code tags
  • If it's a large project, zip it up and attach it

If you do not comply, your post may be deleted.  We want to help, please make a good post and we will do our best to help you.

Community Mods