{"id":20961542,"url":"https://github.com/apetenchea/ksh","last_synced_at":"2025-04-23T02:01:57.157Z","repository":{"id":193548083,"uuid":"689016823","full_name":"apetenchea/ksh","owner":"apetenchea","description":"Windows Kernel Mode Shell","archived":false,"fork":false,"pushed_at":"2023-09-17T17:57:57.000Z","size":97,"stargazers_count":4,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-03-29T21:04:39.872Z","etag":null,"topics":["kernel","python","windows"],"latest_commit_sha":null,"homepage":"","language":"C","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/apetenchea.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2023-09-08T15:44:07.000Z","updated_at":"2024-11-30T15:38:23.000Z","dependencies_parsed_at":null,"dependency_job_id":"3a93ddcf-1cc6-4c4a-a134-457b574bd856","html_url":"https://github.com/apetenchea/ksh","commit_stats":null,"previous_names":["apetenchea/ksh"],"tags_count":2,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/apetenchea%2Fksh","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/apetenchea%2Fksh/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/apetenchea%2Fksh/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/apetenchea%2Fksh/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/apetenchea","download_url":"https://codeload.github.com/apetenchea/ksh/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":250354494,"owners_count":21416752,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["kernel","python","windows"],"created_at":"2024-11-19T02:14:12.103Z","updated_at":"2025-04-23T02:01:56.524Z","avatar_url":"https://github.com/apetenchea.png","language":"C","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003cdiv align=\"center\"\u003e\n  \u003ca href=\"https://github.com/apetenchea/ksh\"\u003e\n    \u003cimg src=\"media/logo.png\" alt=\"Logo\"\u003e\n  \u003c/a\u003e\n\n\u003ch3 align=\"center\"\u003eKernel Shell\u003c/h3\u003e\n  \u003cp\u003e\n    Because your Windows machine should listen to you!\n  \u003c/p\u003e\n\u003c/div\u003e\n\n\u003cdetails\u003e\n  \u003csummary\u003eContents\u003c/summary\u003e\n  \u003col\u003e\n    \u003cli\u003e\n      \u003ca href=\"#about\"\u003eAbout\u003c/a\u003e\n      \u003cul\u003e\n        \u003cli\u003e\u003ca href=\"#motivation\"\u003eMotivation\u003c/a\u003e\u003c/li\u003e\n        \u003cli\u003e\u003ca href=\"#features\"\u003eFeatures\u003c/a\u003e\u003c/li\u003e\n      \u003c/ul\u003e\n    \u003c/li\u003e\n    \u003cli\u003e\n      \u003ca href=\"#getting-started\"\u003eGetting Started\u003c/a\u003e\n      \u003cul\u003e\n        \u003cli\u003e\u003ca href=\"#prerequisites\"\u003ePrerequisites\u003c/a\u003e\u003c/li\u003e\n        \u003cli\u003e\u003ca href=\"#installation\"\u003eInstallation\u003c/a\u003e\u003c/li\u003e\n      \u003c/ul\u003e\n    \u003c/li\u003e\n    \u003cli\u003e\u003ca href=\"#usage\"\u003eUsage\u003c/a\u003e\u003c/li\u003e\n    \u003cli\u003e\u003ca href=\"#contributing\"\u003eContributing\u003c/a\u003e\u003c/li\u003e\n      \u003cul\u003e\n        \u003cli\u003e\u003ca href=\"#building\"\u003eBuilding\u003c/a\u003e\u003c/li\u003e\n        \u003cli\u003e\u003ca href=\"#testing\"\u003eTesting\u003c/a\u003e\u003c/li\u003e\n        \u003cli\u003e\u003ca href=\"#formatting\"\u003eFormatting\u003c/a\u003e\u003c/li\u003e\n      \u003c/ul\u003e\n    \u003cli\u003e\u003ca href=\"#disclaimer\"\u003eDisclaimer\u003c/a\u003e\u003c/li\u003e\n    \u003cli\u003e\u003ca href=\"#license\"\u003eLicense\u003c/a\u003e\u003c/li\u003e\n  \u003c/ol\u003e\n\u003c/details\u003e\n\n## About\n\n**ksh** is a kernel-mode Windows driver paired with a user-land Python script,\ncrafted to empower users with unparalleled control over their system.\n\n### Motivation\nAt its core, the project is driven by two primary motivations:\n1. **User Autonomy:** Modern operating systems, especially from Windows 10 onwards,\n    have taken a more protective stance, restricting users from certain operations\n    on their own machines. While this is often in the interest of security and stability,\n    it sometimes feels like the system is impeding power users from performing advanced tasks.\n    **ksh** seeks to break these chains, giving back users the freedom to dictate what they\n    can and cannot do on their machines.\n2. **Fun:** Diving deep into the internals of the OS and maneuvering data at the kernel level\n    is a rewarding experience. Writing drivers is not just about the end utility but also about\n    the thrill of exploration.\n\n### Features\n- **File Manipulation:** Basic operations like `rm`, `mv`, and `cp` are executed with the power\n    and flexibility of kernel-level operations, bypassing many of the restrictions imposed by\n    user-mode utilities.\n- **Process Control:** Tools like `pkill` become more potent.\n- **Editing Registry Keys:** A minimalist `regedit`, from kernel mode.\n\n## Getting Started\n\n### Prerequisites\n- Windows 10 (x64)\n- The driver is only signed with a test certificate, so you will need to enable test mode\n    on your machine. This can be done by running the following command in an elevated command prompt:\n    ```shell\n    bcdedit.exe -set TESTSIGNING ON\n    ```\n    Note: This will require a reboot. **In case you're using BitLocker, be sure to have your recovery key at hand.**\n- Python 3\n\n### Installation\n- Install Python requirements\n    ```shell\n    pip install -r requirements.txt\n    ```\n- Load the driver\n    ```shell\n    sc create ksh type=kernel binPath=\"path\\to\\ksh.sys\"\n    ```\n- Start the driver\n    ```shell\n    sc start ksh\n    ```\n- Verify that the service is running\n    ```shell\n    sc query ksh\n    ```\n- Additionally, you can add the driver to the system's boot sequence. Make sure you've tested it first!\n    ```shell\n    sc config ksh start=boot\n    ```\n- When you're bored, you can stop the driver and unload it\n    ```shell\n    sc stop ksh\n    sc config ksh start=demand\n    sc delete ksh\n    ```\n\n## Usage\n- Check the driver status\n    ```shell\n    python ksh.py test\n    ```\n- Move a file\n    ```shell\n    python ksh.py mv C:\\Users\\user\\file.txt C:\\Users\\user\\Documents\\file.txt\n    ```\n- Copy a file\n    ```shell\n    python ksh.py cp C:\\Users\\user\\file.txt C:\\Users\\user\\Documents\\file.txt\n    ```\n- Delete a file\n    ```shell\n    python ksh.py rm C:\\Users\\user\\file.txt\n    ```\n- Kill a process\n    ```shell\n    python ksh.py pkill -n notepad.exe\n    ```\n- Edit a registry key\n    ```shell\n    python ksh.py regedit -k \"HKEY_LOCAL_MACHINE\\SOFTWARE\\MyKey\" -v \"MyValue\" -t REG_SZ -d \"MyData\"\n    ```\n\n## Contributing\n\nContributions are always welcome! Feel free to open an issue or submit a pull request.\n\n### Building\n- First, you need to install Visual Studio. I am using Visual Studio 2019 version 16.11.16. Other versions might work as well. \n- In order to build the driver component, you also need to install the Windows Driver Kit (WDK).  Here, I have\n  used [WDK for Windows 10, version 2004](https://go.microsoft.com/fwlink/?linkid=2128854).\n- Check out Microsoft's\n  [other-wdk-downloads page](https://learn.microsoft.com/en-us/windows-hardware/drivers/other-wdk-downloads).\n- Load the `driver.sln` solution in Visual Studio.\n- Set the configuration to `Release` and the platform to `x64`.\n- Before building the solution, run `bcdedit.exe -set TESTSIGNING ON` in an elevated command prompt. This allows the\n  driver to be loaded with a real signature, and is going to be automatically signed with a test certificate during the\n  build process. **In case you're using BitLocker, be sure to have your recovery key at hand before rebooting.**\n\n### Testing\n```shell\npy.test test.py\n```\n\n### Formatting\n- C: `clang-format -i -style=Microsoft *.h *.c`\n- Python: `black *.py`\n\n## Disclaimer\n\n1. **Test Mode**  \n    This driver requires the Windows \"Test Mode\" to be enabled in order to run. It's important to understand\n    that operating in Test Mode can make your system vulnerable. In Test Mode, Windows will load any unsigned driver,\n    which exposes your system to potential threats. Please be cautious and understand the risks before enabling Test Mode.\n    After you're done using the driver, don't forget to disable Test Mode:\n    ```shell\n    bcdedit.exe -set TESTSIGNING OFF\n    ```\n2. **Potential System Damage**  \n   Working with kernel-mode drivers carries inherent risks. Always ensure you know what the driver and any associated\n   software are doing.\n3. **Running experiments**  \n   If you are experimenting or are unsure about the effects of this driver, it is highly recommended to run it in a\n   controlled environment, such as a virtual machine.\n\n## License\nDistributed under the MIT License. See `LICENSE` for more information.","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fapetenchea%2Fksh","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fapetenchea%2Fksh","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fapetenchea%2Fksh/lists"}