Hacking the Windows S Mode

Enderman

learning technology disable ender show enderman endermanch malware s mode tech trojan turn off tutorial virus windows windows 10 windows 10 s windows 11 windows 7 windows xp

description

Huge thanks to Goldengamer842 for the following idea!

Hello, my friends! Let's hit 10000 likes? Check out my website! https://malwarewatch.org Today I am going to show you how to hack a Windows 10 S Mode system to run .exe and sideload .dll applications. Is that worth it? Probably not. Is that awesome? Hell yes. The way S Mode works is really simple, Microsoft just took their application control implementation and simply turned the Windows Defender Code Integrity service on with a signed Microsoft policy.

DIY:

Enter group policy editor, find the Device Guard policy. It is located in \Computer Configuration\Administrative Templates\System.
Disable both settings.
Find the winsipolicy.p7b files in %systemroot%\Boot\EFI and %systemroot%\WinSxS and delete both files.
Reboot into PE (you will not be able to access ESP normally as no Command Prompt is available).
Mount ESP (EFI System Partition), locate winsipolicy.p7b in %root%\EFI\Microsoft\Boot and delete it as well.
Profit!

Links: Windows 10 S (Installer): https://dl.malwarewatch.org/multipurpose/Windows10SInstaller5932.exe Windows 10 S (ESD): https://dl.malwarewatch.org/multipurpose/16299.125.171213-1220.rs3_release_svc_refresh_CLIENTCONSUMER_RET_X64FRE_en-us.esd

Windows 10 S (Hacked): https://dl.malwarewatch.org/multipurpose/Windows10SHacked.wim Install command: dism.exe /apply-image /imagefile:windows10shacked.wim /index:1 /applydir:?:
Install tutorial: https://youtu.be/JxJ6a-PY1KA

Device Guard (in Russian): https://www.outsidethebox.ms/18937/ WDAC: https://learn.microsoft.com/en-us/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control P7B: https://learn.microsoft.com/en-us/windows/security/threat-protection/windows-defender-application-control/disable-windows-defender-application-control-policies

Password: mysubsarethebest

Timestamps: 0:00 - Intro 0:22 - History of S Mode 1:36 - Acquiring the image 2:59 - Installing 4:14 - Early ideas 5:14 - Boot Command Prompt Exploit (BCPE) 6:30 - Boot Task Manager Exploit (BTME) 7:25 - Major breakthrough 8:09 - Device Guard settings 9:29 - WDAC Policies 11:06 - Malware removal 13:00 - Outcome 13:36 - Final product 15:36 - Outro

Still have any questions? Send them to realendermanch@gmail.com! Wish you to have a great day!

#endermanch #experiments #windows ... https://www.youtube.com/watch?v=qUvBSt66Wpk

created

2023-05-25

staked

0.74906948 LBC

license

Copyrighted (contact publisher)

File size

72443527 Bytes