Frontpage
Forums
Tutorials
Members
Calendar
Subscription
Donate
Links
Contact 
Help
find string"D.r.i.v.e.r. S.i.g.n.i.n.g. P.o.l.i.c.y.s.e.e.k. d"
replace"s.e.e.k.d" with"I.g.n.o.r.e"
Disable Driver Signing Policy during setup?
Rate Topic:
#1
- Member
-
- Group: Members
- Posts: 108
- Joined: 06-November 03
Posted 20 November 2003 - 11:34 PM
Use hex edit to hack syssetup.dll:
find string"D.r.i.v.e.r. S.i.g.n.i.n.g. P.o.l.i.c.y.s.e.e.k. d"
replace"s.e.e.k.d" with"I.g.n.o.r.e"
find string"D.r.i.v.e.r. S.i.g.n.i.n.g. P.o.l.i.c.y.s.e.e.k. d"
replace"s.e.e.k.d" with"I.g.n.o.r.e"
Back to top
#2
- Member
-
- Group: Members
- Posts: 109
- Joined: 11-November 03
Posted 20 November 2003 - 11:57 PM
Why not just add the following line to your unattended installation answer file:
[Unattended]
DriverSigningPolicy=Ignore
This causes unattended setup to ignore unsigned drivers.
[Unattended]
DriverSigningPolicy=Ignore
This causes unattended setup to ignore unsigned drivers.
#3
- MSFN SuperB
-
- Group: Members
- Posts: 5,070
- Joined: 13-October 03
- OS:Windows 7 x64
-
Country:
Posted 21 November 2003 - 01:39 AM
i believe mstests method removes all the driver signing stuff
not only the unattended setup but when u install a driver through windows...
not only the unattended setup but when u install a driver through windows...
#4
- Stellar Underachiever
-
- Group: Members
- Posts: 155
- Joined: 24-October 03
Posted 21 November 2003 - 02:41 AM
If you want to turn off the driver signing protection in Windows (post-setup), go to My Computer -> Properties -> Hardware -> Driver Signing and change the option to Ignore. This changes HKCU\Software\Microsoft\Driver Signing\Policy to 0. If you also check the Administrator option to make this the system default, it will make the same change in the HKLM branch.
The values are as follows:
Disable: 0
Warn: 1
Block: 2
The system defaults to storing these values as a REG_DWORD in the HKCU branch and as a REG_BINARY in the HKLM but it doesn't matter what form the value takes. Also, the HKCU value is only honored if it is equal to or greater than the HKLM value.
Note, however, that as a protective measure, the HKLM registry value simply cannot be changed at will. This would allow sneaky (dishonest) hardware manufacturers to switch the policy to Ignore just before installing, slip their poorly-written drivers in, and then optionally return the value to what it was before. The protection involves some sort of hash maintained at HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\PrivateHash. You can watch this value change if you modify the policy through the GUI but I highly doubt that we could figure out the algorithm that would allow us to change this value at will (and make the PrivateHash agree). If there is a discrepancy between the Driver Signing Policy value (when put through the hash algorithm along with whatever other values are "protected" in this manner) and the actual hash value, the Policy value is changed back to its default, namely 1 or Warn.
The values are as follows:
Disable: 0
Warn: 1
Block: 2
The system defaults to storing these values as a REG_DWORD in the HKCU branch and as a REG_BINARY in the HKLM but it doesn't matter what form the value takes. Also, the HKCU value is only honored if it is equal to or greater than the HKLM value.
Note, however, that as a protective measure, the HKLM registry value simply cannot be changed at will. This would allow sneaky (dishonest) hardware manufacturers to switch the policy to Ignore just before installing, slip their poorly-written drivers in, and then optionally return the value to what it was before. The protection involves some sort of hash maintained at HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\PrivateHash. You can watch this value change if you modify the policy through the GUI but I highly doubt that we could figure out the algorithm that would allow us to change this value at will (and make the PrivateHash agree). If there is a discrepancy between the Driver Signing Policy value (when put through the hash algorithm along with whatever other values are "protected" in this manner) and the actual hash value, the Policy value is changed back to its default, namely 1 or Warn.
#5
Posted 21 November 2003 - 03:58 AM
yes but , is there a way to answer "yes continue" and not ignoring them ?
that's a problem to me cause i load raid drivers with f6 and because unattended installation ignore the policy it just won't get in xp after installation ends .
i giger that when i try to install xp from an old xp cd without winnt.sif and ask me in the midlle of installation about the drivers i load from floppy .
that's a problem to me cause i load raid drivers with f6 and because unattended installation ignore the policy it just won't get in xp after installation ends .
i giger that when i try to install xp from an old xp cd without winnt.sif and ask me in the midlle of installation about the drivers i load from floppy .
#6
- *shrug*
-
- Group: Members
- Posts: 685
- Joined: 11-September 03
Posted 21 November 2003 - 05:07 AM
Oh thankyou again MStest. I install a lot of BETA drivers and drivers that aren't WHQL'd (nVidia beta's mainly).
This means that EVERY install that I do means that Driver Signing is off and I don't need a WINNT.SIF file
EDIT: Hmm, would be nice if I could find that in the hex though...
Closest I get is D.r.i.v.e.r.S.i.g.n.i.n.g. .s.e.e.k. . .
This means that EVERY install that I do means that Driver Signing is off and I don't need a WINNT.SIF file
EDIT: Hmm, would be nice if I could find that in the hex though...
Closest I get is D.r.i.v.e.r.S.i.g.n.i.n.g. .s.e.e.k. . .
#7
- Member
-
- Group: Members
- Posts: 193
- Joined: 29-October 03
Posted 21 November 2003 - 09:00 AM
This is a good way to turn off DriverSigningPolicy even without unattended install nor registry change
#8
- gosh 2.0
-
- Group: Patrons
- Posts: 2,347
- Joined: 03-October 03
- OS:none specified
-
Country:
Posted 21 November 2003 - 09:31 AM
Has anyone tried that? You can't replace a hex with bigger characters. ie if something is 5 characters you can only replace it with something 5 characters or less otherwise the file gets corrupted.
-gosh
-gosh
#9
- Friend of MSFN
-
- Group: Members
- Posts: 718
- Joined: 12-November 03
Posted 21 November 2003 - 11:37 AM
RaveRod, on Nov 21 2003, 05:07 AM, said:
Oh thankyou again MStest. I install a lot of BETA drivers and drivers that aren't WHQL'd (nVidia beta's mainly).
This means that EVERY install that I do means that Driver Signing is off and I don't need a WINNT.SIF file
EDIT: Hmm, would be nice if I could find that in the hex though...
Closest I get is D.r.i.v.e.r.S.i.g.n.i.n.g. .s.e.e.k. . .
This means that EVERY install that I do means that Driver Signing is off and I don't need a WINNT.SIF file
EDIT: Hmm, would be nice if I could find that in the hex though...
Closest I get is D.r.i.v.e.r.S.i.g.n.i.n.g. .s.e.e.k. . .
change it to a noop code (90) and it will just skip even checking for driver signing all together and forever more.
"D.r.i.v.e.r. S.i.g.n.i.n.g. P.o.l.i.c.y.s.e.e.k. d" = "90.90.90.90.90.90. 90.90.90.90.90.90.90. 90.90.90.90.90.90.90.90.90.90. 90"
worked for me
#10
- Member
-
- Group: Members
- Posts: 193
- Joined: 29-October 03
Posted 21 November 2003 - 03:57 PM
couldn't find the string in my syssetup.dll
#11
- Senior Member
-
- Group: Members
- Posts: 649
- Joined: 16-November 03
Posted 23 November 2003 - 09:05 AM
Mstest,
could you post/upload your edited syssetup.dll
could you post/upload your edited syssetup.dll
#12
- Senior Member
-
- Group: Members
- Posts: 649
- Joined: 16-November 03
Posted 11 December 2003 - 05:47 PM
Someone succeeded in hexediting syssetup.dll??
#13
Posted 11 December 2003 - 06:09 PM
what ?? WHaaat ???? WHAAAAATTTT ???
hex editing ? policies ??
take this code
HKLM,"SOFTWARE\Microsoft\Driver Signing","Policy",0x00000001,00
and plant it in HIVESFT.INF file in I386 Folder under [AddReg] Section.
hex editing ? policies ??
take this code
HKLM,"SOFTWARE\Microsoft\Driver Signing","Policy",0x00000001,00
and plant it in HIVESFT.INF file in I386 Folder under [AddReg] Section.
#14
- The MSFN Banana
-
- Group: Patrons
- Posts: 5,767
- Joined: 17-August 01
- OS:ME
-
Country:
Posted 11 December 2003 - 06:31 PM
You sure that works? SFC could revert any changes at the 8 Min stage of Windows Setup.
#15
- Advanced Member
-
- Group: Members
- Posts: 357
- Joined: 21-October 01
Posted 11 December 2003 - 06:47 PM
not if you have sfc disabled already, but i cant even find that string in the file....anyone want to upload a hacked one so i can run a compare?
#16
Posted 12 December 2003 - 06:53 AM
SFC wont run if u do that hack
Just add that line under [AddReg] Section and go install your win xp / 2k3
Just add that line under [AddReg] Section and go install your win xp / 2k3
#17
- Member
-
- Group: Members
- Posts: 237
- Joined: 14-February 06
Posted 05 July 2007 - 12:24 PM
@Alienboo
I have used your method and works great during unattend, however when I sysprep the machine it reverts back.
I have used your method and works great during unattend, however when I sysprep the machine it reverts back.
#18
- reverse engineering guru
-
- Group: Members
- Posts: 331
- Joined: 19-October 06
Posted 07 July 2007 - 12:20 AM
p4ntb0y, on Jul 5 2007, 09:24 PM, said:
@Alienboo
I have used your method and works great during unattend, however when I sysprep the machine it reverts back.
I have used your method and works great during unattend, however when I sysprep the machine it reverts back.
Because sysprep also has a DriverSigningPolicy in SYSPREP.INF, if you don't set that to Ignore explicitly it reverts it back by default.
#19
- MSFN Junkie
-
- Group: Super Moderator
- Posts: 3,266
- Joined: 24-September 03
- OS:Windows 7 x64
-
Country:
Posted 07 July 2007 - 12:59 PM
from deploy.chm:
Quote
To install unsigned drivers during Sysprep, include the following lines in the Sysprep.inf file:
[Unattended]
UpdateInstalledDrivers = Yes
The DriverSigningPolicy entry in the [Unattended] section specifies how unsigned drivers process during unattended Setup. For testing purposes only, you can set DriverSigningPolicy = Ignore. For computers that you manufacture, you must use the default setting (DriverSigningPolicy = Warn) or the higher policy (DriverSigningPolicy = Block) to ensure that end users who download new or updated unsigned drivers are warned first about the potential problems that can occur.
After Sysprep finishes, the DriverSigningPolicy entry is set automatically to Warn unless Sysprep.inf contains DriverSigningPolicy = Block.
[Unattended]
UpdateInstalledDrivers = Yes
The DriverSigningPolicy entry in the [Unattended] section specifies how unsigned drivers process during unattended Setup. For testing purposes only, you can set DriverSigningPolicy = Ignore. For computers that you manufacture, you must use the default setting (DriverSigningPolicy = Warn) or the higher policy (DriverSigningPolicy = Block) to ensure that end users who download new or updated unsigned drivers are warned first about the potential problems that can occur.
After Sysprep finishes, the DriverSigningPolicy entry is set automatically to Warn unless Sysprep.inf contains DriverSigningPolicy = Block.
#20
- Member
-
- Group: Members
- Posts: 237
- Joined: 14-February 06
Posted 08 July 2007 - 04:50 AM
Just to let you know I have included DriverSigningPolicy = "Ignore"
The reason I need to are...
A some drivers I have that are pnp do not have cat files.
B there is a well known documented problem with sysprep not loading PCI/bus PNP Drivers even when the DriverSigningPolicy = "Ignore"is applied to the sysprep.inf.
From the MS KB which I cant seem to find at the moment states the fix is to sysprep the machinethat has the problem in my case it's a laptop with some HIB, Texas controller cards for Smartcards.
or get digitally signined drivers.
hence why I need a way to disable driver signing totally without hacking dll files this is why I went with Alienboo's post.
It seems that sysprep resets the disable driversigningpolicy and then reads the setting that you state in the sysprep.inf file.
Oh the laptop in question is are HP nc6220 and nc6400
The reason I need to are...
A some drivers I have that are pnp do not have cat files.
B there is a well known documented problem with sysprep not loading PCI/bus PNP Drivers even when the DriverSigningPolicy = "Ignore"is applied to the sysprep.inf.
From the MS KB which I cant seem to find at the moment states the fix is to sysprep the machinethat has the problem in my case it's a laptop with some HIB, Texas controller cards for Smartcards.
or get digitally signined drivers.
hence why I need a way to disable driver signing totally without hacking dll files this is why I went with Alienboo's post.
It seems that sysprep resets the disable driversigningpolicy and then reads the setting that you state in the sysprep.inf file.
Oh the laptop in question is are HP nc6220 and nc6400
- ← Enable Auto-hide taskbar & Quick Launch IF YOU ARE LOGGED IN.
- Unattended Windows 2000/XP/2003
- Micron TransPort T1000 and ClientPro 365 →
