HyperDBG doesn't want to load its driver on my machine about hyperdbg HOT 16 CLOSED

Hi,
Thanks for creating this issue.

I don't know Russian, but I used a translator and it seems Hyper-V is enabled in your system. HyperDbg can't run whenever a hypervisor like hyper-v is already running in the system. Nested virtualization with hyper-v is not supported yet.

from hyperdbg.

You can ignore these, I used another hypervisor and it works perfectly

from hyperdbg.

That's great!

from hyperdbg.

That's great!

Wait a second, I didn't mean that I solved my problem I just said that other github repo with hypervisor works for me but I still want to use hyperdbg

from hyperdbg.

@SinaKarvandi

from hyperdbg.

Oh sorry, I thought you solved the problem.

There are two possible scenarios for this error.

The first thing is that you should check whether hyper-v is enabled or not. If it's enabled, then you should disable it and try it again. If it's not the case, there might be a possible mis-check in the HyperDbg that we can easily trace to find the error. I think the error is more likely to be caused by the first scenario, but in case if you're sure that your system is not under hyper-v then let me know so I can provide detailed instructions on how to trace and find the cause of this error.

For the second scenario, we need you to be able to compile the driver (not using pre-compiled binaries).

from hyperdbg.

Oh sorry, I thought you solved the problem.

There are two possible scenarios for this error.

The first thing is that you should check whether hyper-v is enabled or not. If it's enabled, then you should disable it and try it again. If it's not the case, there might be a possible mis-check in the HyperDbg that we can easily trace to find the error. I think the error is more likely to be caused by the first scenario, but in case if you're sure that your system is not under hyper-v then let me know so I can provide detailed instructions on how to trace and find the cause of this error.

For the second scenario, we need you to be able to compile the driver (not using pre-compiled binaries).

I am sure that I have hyper-v disabled, I don't have it in windows components list and I am able to load other hypervisors. And yeah, its no big deal for me to compile it

from hyperdbg.

Okay, the problem is that something prevents the HyperDbg driver from loading. It can be either driver signature enforcement, HVCI, etc. which might not be your case as you already disabled these mechanisms.

The error originally comes from this line:

It means that StartService function failed to load the driver. Thus, it was not a fault of HyperDbg driver routines, but the problem is probably with the driver itself. A scenario can be a problem with the signing of the driver, maybe the way that the driver is signed does not work in your current configuration, in this case, you might change the Driver Signing from the visual studio :

Another possible mistake here might be because the Test Signing time is not valid in your settings.

Please take a look at:
https://community.osr.com/discussion/128563/startservice-fail-on-vista64
It has some examples that might be helpful for us.

Please change these value and signing methods and let me know if it fixed the problem or not.

from hyperdbg.

Test Signing time is not valid in your settings

So I successfully compiled entire project myself, but it still fails to run, trying to find out what might be wrong

from hyperdbg.

Finally fixed it, I followed the "Temporarily Disable DSE" step and I managed to run the hypervisor. Thanks for your time and dedication!

from hyperdbg.

Well, that's great. But by temporarily disabling DSE PatchGuard will still run on the computer and you cannot use some PatchGuard incompatible commands like !syscall and !sysret but overall it should be fine.

from hyperdbg.

Well, that's great. But by temporarily disabling DSE PatchGuard will still run on the computer and you cannot use some PatchGuard incompatible commands like !syscall and !sysret but overall it should be fine.

I disabled DSE using WinDbg from your tutorial thanks a lot. I don't have questions anymore.

from hyperdbg.

That's cool! Looking forward to hearing your feedback to improve HyperDbg.

from hyperdbg.

Hi, Thanks for creating this issue.

I don't know Russian, but I used a translator and it seems Hyper-V is enabled in your system. HyperDbg can't run whenever a hypervisor like hyper-v is already running in the system. Nested virtualization with hyper-v is not supported yet.

@SinaKarvandi It is supported,
https://learn.microsoft.com/en-us/virtualization/hyper-v-on-windows/user-guide/nested-virtualization

from hyperdbg.

Hi,

I'm not sure. The last time that I tested it, it didn't work.

Here are some of my efforts in adding the support for hyper-v (was unsuccessful).
https://github.com/HyperDbg/HyperDbg/tree/hypev-support

Why do we have a problem with Hyper-V? It's explained in this chain of tweets:
https://twitter.com/Intel80x86/status/1523033338407235585?s=20

Hyper-V is the worst hypervisor that I've ever worked with. They were just adding so many unnecessary must-do(s) for the hypervisor developers that even KVM developers have a hard time adding the support for Hyper-V and this is ridiculous because we support both physical machine and VMware Workstation (when something works on the physical machine, it should also work on a truly nested virtualization environment), which is not the case for Hyper-V.

So, I don't know, maybe it works. I try to see if the behavior of the hypervisor is changed after 1-2 years and will publicly announce if our efforts were successful.

from hyperdbg.

Btw, was it a question? or do you mean that you test it and it was supported? @CycloneRing

from hyperdbg.