I want to run a driver on windows 10 with a revoked certificate. If I create the driver using
sc create driver1 binpath="path" type=kernel
and then execute
sc start driver1
I get
[SC] StartService FAILED 2148204812:
A certificate was explicitly revoked by its issuer.
This is definitely, because this driver is vulnerable and I want to run it for analysis / debugging reasons. I also had to disable windows defender for that.
However it seems like there is no way to allow revoked drivers. I also tried to remove the revoke certificate, but it is always reinstalling itself.
Then I tried to just remove the signature using
.signtool.exe remove /s /v path
And it is in fact showing no signature anymore in the properties menu. But even after removing the signature and setting windows to test mode, it is still saying the certificate got revoked. I can’t imagine how, because the signature is gone.
Any ideas how I could make the driver running ?
