Drivers:

• CVE-2008-3431 Virtualbox 1.6.0? VBoxDrv.sys
• CVE-2013-3956 Novel ncpl.sys, nicm.sys, nscm.sys
• CVE-2016-? Capcom
  • https://github.com/tandasat/ExploitCapcom
  • https://github.com/FuzzySecurity/Capcom-Rootkit/blob/master/Driver/Capcom.sys
  • http://www.fuzzysecurity.com/tutorials/28.html

Shenanigans:

• modify g_CiEnabled to zero to disable driver signing enforcement

References:

• https://github.com/Ondrik8/exploit
• http://www.sekoia.fr/blog/windows-driver-signing-bypass-by-derusbi/
• https://j00ru.vexillium.org/2010/06/insight-into-the-driver-signature-enforcement/
• megathread: https://www.unknowncheats.me/forum/anti-cheat-bypass/334557-vulnerable-driver-megathread.html
• https://github.com/RedCursorSecurityConsulting/PPLKiller