Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

进入内核后捕获不了任何快捷键,瓦罗兰特反作弊已卸载 #208

Open
hunter40340340403 opened this issue Oct 8, 2024 · 3 comments
Open

进入内核后捕获不了任何快捷键,瓦罗兰特反作弊已卸载 #208

hunter40340340403 opened this issue Oct 8, 2024 · 3 comments

Comments

@hunter40340340403
Copy link

OpenArk Console
Copyright (C) 2019 BlackINT3 https://github.com/BlackINT3/OpenArk
[UNONE::FsReadFileDataW] [WARN] C:\Users\13431\AppData\Roaming\OpenArk\console\history.txt is empty file
[UNONE::PsGetProcessInfo64W] [ERR] VirtualOpenProcess pid:4 err:0
[ArkDrvApi::Process::OpenProcess] [ERR] OpenProcess by Kernel pid:4 err:5
[ArkDrvApi::Process::OpenProcessRoot] [ERR] OpenProcess by Kernel pid:4 err:0
[Kernel::InitKernelEntryView::::operator ()] [INFO] 操作系统 : Windows 11
[Kernel::InitKernelEntryView::::operator ()] [INFO] 主版本号 : 10
[Kernel::InitKernelEntryView::::operator ()] [INFO] 副版本号 : 0
[Kernel::InitKernelEntryView::::operator ()] [INFO] 发行编号 : 23H2
[Kernel::InitKernelEntryView::::operator ()] [INFO] 编译号 : 22631
[Kernel::InitKernelEntryView::::operator ()] [INFO] 主服务包 : 0
[Kernel::InitKernelEntryView::::operator ()] [INFO] 副服务包 : 0
[Kernel::InitKernelEntryView::::operator ()] [INFO] R3地址空间 : 0x10000 - 0x7FFFFFFEFFFF
[Kernel::InitKernelEntryView::::operator ()] [INFO] R0地址空间 : 0xFFFF080000000000 - 0xFFFFFFFFFFFFFFFF
[Kernel::InitKernelEntryView::::operator ()] [INFO] 页面大小 : 4 KB
[Kernel::InitKernelEntryView::::operator ()] [INFO] 物理内存 : 32 GB
[Kernel::InitKernelEntryView::::operator ()] [INFO] CPU核数 : 8
[Kernel::InitKernelEntryView::::operator ()] [INFO] 系统根目录 : C:\Windows
[Kernel::InitKernelEntryView::::operator ()] [INFO] 启动时间 : 2024-10-07 22:16:48 (0Day/0Hour/1Min)
[Kernel::InitKernelEntryView::::operator ()] [INFO] BootInfo : UEFI & SecureBoot
[Kernel::InitKernelEntryView::::operator ()] [INFO] HVM : VT Enabled
[OpenArk::onActionCheckUpdate] [INFO] requset server:http://file.blackint3.com:88/openark/version.txt
[Kernel::ParseKernelSymbol] [INFO] PDB: C:\Users\13431\AppData\Roaming\OpenArk\symbols\ci.pdb\fa02a19427250c164c7a5b18990e5fc51\ci.pdb
[Kernel::ParseKernelSymbol] [INFO] PDB: C:\Users\13431\AppData\Roaming\OpenArk\symbols\fltMgr.pdb\c2e26c16442664656024bc218bf3d3bc1\fltMgr.pdb
[Kernel::ParseKernelSymbol] [INFO] PDB: C:\Users\13431\AppData\Roaming\OpenArk\symbols\netio.pdb\5882b13e1c48a6899c9ffde9a3afc77a1\netio.pdb
[Kernel::ParseKernelSymbol] [INFO] PDB: C:\Users\13431\AppData\Roaming\OpenArk\symbols\ntkrnlmp.pdb\3e6c4de8fab123635b22ca5957c83a0a1\ntkrnlmp.pdb
[Kernel::ParseKernelSymbol] [INFO] PDB: C:\Users\13431\AppData\Roaming\OpenArk\symbols\win32k.pdb\6b0c7ceb867ea2a86b59201cc728bfe31\win32k.pdb
[Kernel::ParseKernelSymbol] [INFO] PDB: C:\Users\13431\AppData\Roaming\OpenArk\symbols\win32kbase.pdb\4a2af1b818f165d858a3bc7b5eeb719b1\win32kbase.pdb
[Kernel::ParseKernelSymbol] [INFO] PDB: C:\Users\13431\AppData\Roaming\OpenArk\symbols\win32kfull.pdb\8ff514be120176e720a04f58d7b38d611\win32kfull.pdb
[Kernel::onEnterKernelMode] [INFO] InstallDriver 1.
[Kernel::onEnterKernelMode] [INFO] InstallDriver 2.
[Kernel::onEnterKernelMode] [INFO] Enter KernelMode ok
[OpenArk::onActionCheckUpdate::::operator ()] [INFO] local appver:1.3.6, build:202405222254
[OpenArk::onActionCheckUpdate::::operator ()] [ERR] request http.err:0, net.err:99
@yixuan1912
Copy link

一样热键检测不到,其他功能似乎正常,不知道是不是win11 23H2版本的情况,使用了管理员权限并且在C盘打开的

image

OpenArk Console
Copyright (C) 2019 BlackINT3 https://github.com/BlackINT3/OpenArk
[UNONE::FsReadFileDataW] [WARN] C:\Users\74765\AppData\Roaming\OpenArk\console\history.txt is empty file
[UNONE::PsGetProcessInfo64W] [ERR] VirtualOpenProcess pid:4 err:0
[ArkDrvApi::Process::OpenProcess] [ERR] OpenProcess by Kernel pid:4 err:5 
[ArkDrvApi::Process::OpenProcessRoot] [ERR] OpenProcess by Kernel pid:4 err:0 
[Kernel::InitKernelEntryView::::operator ()] [INFO] 操作系统 : Windows 11 
[Kernel::InitKernelEntryView::::operator ()] [INFO] 主版本号 : 10 
[Kernel::InitKernelEntryView::::operator ()] [INFO] 副版本号 : 0 
[Kernel::InitKernelEntryView::::operator ()] [INFO] 发行编号 : 23H2 
[Kernel::InitKernelEntryView::::operator ()] [INFO] 编译号 : 22631 
[Kernel::InitKernelEntryView::::operator ()] [INFO] 主服务包 : 0 
[Kernel::InitKernelEntryView::::operator ()] [INFO] 副服务包 : 0 
[Kernel::InitKernelEntryView::::operator ()] [INFO] R3地址空间 : 0x10000 - 0x7FFFFFFEFFFF 
[Kernel::InitKernelEntryView::::operator ()] [INFO] R0地址空间 : 0xFFFF080000000000 - 0xFFFFFFFFFFFFFFFF 
[Kernel::InitKernelEntryView::::operator ()] [INFO] 页面大小 : 4 KB 
[Kernel::InitKernelEntryView::::operator ()] [INFO] 物理内存 : 16 GB 
[Kernel::InitKernelEntryView::::operator ()] [INFO] CPU核数 : 16 
[Kernel::InitKernelEntryView::::operator ()] [INFO] 系统根目录 : C:\WINDOWS 
[Kernel::InitKernelEntryView::::operator ()] [INFO] 启动时间 : 2024-10-09 14:05:01 (0Day/0Hour/6Min) 
[Kernel::InitKernelEntryView::::operator ()] [INFO] BootInfo : UEFI & SecureBoot & VBS 
[Kernel::InitKernelEntryView::::operator ()] [INFO] HVM : VT Disabled 
[OpenArk::onActionCheckUpdate] [INFO] requset server:http://file.blackint3.com:88/openark/version.txt 
[OpenArk::onActionCheckUpdate::::operator ()] [INFO] local appver:1.3.6, build:202405222254 
[OpenArk::onActionCheckUpdate::::operator ()] [INFO] server responsed:{
"err": 0,
"appver": "1.3.6",
"appbd": "202405222254",
"appcl": "LSDov5vlhoXmoLjmqKHlvI/mlK/mjIHnprvnur/njq/looMo5peg572R57uc5oOF5Ya1KQotIOWGheaguOWinuW8uu+8muaUr+aMgU5QRlMvTWFpbFNsb3QvTVVQ6L+H5ruk6amx5Yqo5p6a5Li+562JCi0g55WM6Z2i5LyY5YyW77ya5paw5aKe57mB5L2T5Lit5paH6K+t6KiA44CB5ZCv5Yqo6aG55pSv5oyB5aSa6YCJ5Yig6Zmk562JCi0gQlVH5L+u5aSN77yM5paw5aKe5LiA5Lqb5bel5YW3Ci0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQotIEVudGVyIGtlcm5lbCBtb2RlIHdvcmtzIGluIGFuIG9mZmxpbmUgZW52aXJvbm1lbnQobmV0d29yayB1bmF2YWlsYWJsZSkuCi0gSW1wb3ZlZCBrZXJuZWwgbWFuYWdlcjogQWRkZWQgTlBGUy9NYWlsU2xvdC9NVVAgbGlzdCBldGMuCi0gSW1wcm92ZWQgVUk6IEFkZGVkIHpoLXR3IGxhbmd1YWdlLCBhbmQgY2FuIGJlIGRlbGV0ZWQgaW4gYmF0Y2hlcy4KLSBCdWdmaXhlZCBhbmQgYWRkZWQgc29tZSB0b29scy4=",
"appurl": "https://github.com/BlackINT3/OpenArk/releases"
}

[OpenArk::onActionCheckUpdate::::operator ()] [INFO] OpenArk is latest.

@yuaotianAI
Copy link

我也是一样

OpenArk Console
Copyright (C) 2019 BlackINT3 https://github.com/BlackINT3/OpenArk
[UNONE::FsReadFileDataW] [WARN] C:\Users\yuaotian\AppData\Roaming\OpenArk\console\history.txt is empty file
[UNONE::PsGetProcessInfo64W] [ERR] VirtualOpenProcess pid:4 err:0
[ArkDrvApi::Process::OpenProcess] [ERR] OpenProcess by Kernel pid:4 err:5 
[ArkDrvApi::Process::OpenProcessRoot] [ERR] OpenProcess by Kernel pid:4 err:0 
[Kernel::InitKernelEntryView::::operator ()] [INFO] 操作系统 : Windows 11 
[Kernel::InitKernelEntryView::::operator ()] [INFO] 主版本号 : 10 
[Kernel::InitKernelEntryView::::operator ()] [INFO] 副版本号 : 0 
[Kernel::InitKernelEntryView::::operator ()] [INFO] 发行编号 : 
[Kernel::InitKernelEntryView::::operator ()] [INFO] 编译号 : 26257 
[Kernel::InitKernelEntryView::::operator ()] [INFO] 主服务包 : 0 
[Kernel::InitKernelEntryView::::operator ()] [INFO] 副服务包 : 0 
[Kernel::InitKernelEntryView::::operator ()] [INFO] R3地址空间 : 0x10000 - 0x7FFFFFFEFFFF 
[Kernel::InitKernelEntryView::::operator ()] [INFO] R0地址空间 : 0xFFFF080000000000 - 0xFFFFFFFFFFFFFFFF 
[Kernel::InitKernelEntryView::::operator ()] [INFO] 页面大小 : 4 KB 
[Kernel::InitKernelEntryView::::operator ()] [INFO] 物理内存 : 32 GB 
[Kernel::InitKernelEntryView::::operator ()] [INFO] CPU核数 : 24 
[Kernel::InitKernelEntryView::::operator ()] [INFO] 系统根目录 : C:\WINDOWS 
[Kernel::InitKernelEntryView::::operator ()] [INFO] 启动时间 : 2024-11-02 04:08:13 (0Day/0Hour/39Min) 
[Kernel::InitKernelEntryView::::operator ()] [INFO] BootInfo : UEFI & SecureBoot & VBS 
[Kernel::InitKernelEntryView::::operator ()] [INFO] HVM : VT Disabled 
[OpenArk::onActionCheckUpdate] [INFO] requset server:http://file.blackint3.com:88/openark/version.txt 
[OpenArk::onActionCheckUpdate::::operator ()] [INFO] local appver:1.3.6, build:202405222254 
[OpenArk::onActionCheckUpdate::::operator ()] [INFO] server responsed:{
"err": 0,
"appver": "1.3.6",
"appbd": "202405222254",
"appcl": "LSDov5vlhoXmoLjmqKHlvI/mlK/mjIHnprvnur/njq/looMo5peg572R57uc5oOF5Ya1KQotIOWGheaguOWinuW8uu+8muaUr+aMgU5QRlMvTWFpbFNsb3QvTVVQ6L+H5ruk6amx5Yqo5p6a5Li+562JCi0g55WM6Z2i5LyY5YyW77ya5paw5aKe57mB5L2T5Lit5paH6K+t6KiA44CB5ZCv5Yqo6aG55pSv5oyB5aSa6YCJ5Yig6Zmk562JCi0gQlVH5L+u5aSN77yM5paw5aKe5LiA5Lqb5bel5YW3Ci0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQotIEVudGVyIGtlcm5lbCBtb2RlIHdvcmtzIGluIGFuIG9mZmxpbmUgZW52aXJvbm1lbnQobmV0d29yayB1bmF2YWlsYWJsZSkuCi0gSW1wb3ZlZCBrZXJuZWwgbWFuYWdlcjogQWRkZWQgTlBGUy9NYWlsU2xvdC9NVVAgbGlzdCBldGMuCi0gSW1wcm92ZWQgVUk6IEFkZGVkIHpoLXR3IGxhbmd1YWdlLCBhbmQgY2FuIGJlIGRlbGV0ZWQgaW4gYmF0Y2hlcy4KLSBCdWdmaXhlZCBhbmQgYWRkZWQgc29tZSB0b29scy4=",
"appurl": "https://github.com/BlackINT3/OpenArk/releases"
}

[OpenArk::onActionCheckUpdate::::operator ()] [INFO] OpenArk is latest. 
[Kernel::ParseKernelSymbol] [INFO] PDB: C:\Users\yuaotian\AppData\Roaming\OpenArk\symbols\ci.pdb\6fb385d34f156df8e642963eaada742f1\ci.pdb 
[Kernel::ParseKernelSymbol] [INFO] PDB: C:\Users\yuaotian\AppData\Roaming\OpenArk\symbols\fltMgr.pdb\e191f065fef68f4936833791b3ad8b061\fltMgr.pdb 
[Kernel::ParseKernelSymbol] [INFO] PDB: C:\Users\yuaotian\AppData\Roaming\OpenArk\symbols\netio.pdb\0576ac119a2d95985823172256ac602c1\netio.pdb 
[Kernel::ParseKernelSymbol] [INFO] PDB: C:\Users\yuaotian\AppData\Roaming\OpenArk\symbols\ntkrnlmp.pdb\9556d14164004245674dc8117a97ee281\ntkrnlmp.pdb 
[Kernel::ParseKernelSymbol] [INFO] PDB: C:\Users\yuaotian\AppData\Roaming\OpenArk\symbols\win32k.pdb\4d2f028afcc41b35d49d3fe9bca035561\win32k.pdb 
[Kernel::ParseKernelSymbol] [INFO] PDB: C:\Users\yuaotian\AppData\Roaming\OpenArk\symbols\win32kbase.pdb\9b18e013a162b13743c61d40d33ea1491\win32kbase.pdb 
[Kernel::ParseKernelSymbol] [INFO] PDB: C:\Users\yuaotian\AppData\Roaming\OpenArk\symbols\win32kfull.pdb\5657e29a94ba65a74fcbae576cf546151\win32kfull.pdb 
[Kernel::onEnterKernelMode] [INFO] InstallDriver 1. 
[Kernel::onEnterKernelMode] [INFO] InstallDriver 2. 
[ArkDrvApi::IoControlDriver] [ERR] DeviceIoControl err:31 
[Kernel::onEnterKernelMode] [INFO] Enter KernelMode ok

image

@zhangbolily
Copy link

image

啊啊,原来大家都一样啊,我也是新的 Win11 23H2 系统,捕获不到任何全局快捷键的配置,头痛死了

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@zhangbolily @yixuan1912 @yuaotianAI @hunter40340340403