flat assembler
Message board for the users of flat assembler.

Index > Windows > can ring3 app modify IDT?

Author
Thread Post new topic Reply to topic
vid
Verbosity in development


Joined: 05 Sep 2003
Posts: 7105
Location: Slovakia
vid


Last edited by vid on 16 Feb 2006, 13:19; edited 1 time in total
Post 16 Feb 2006, 12:00
View user's profile Send private message Visit poster's website AIM Address MSN Messenger ICQ Number Reply with quote
MazeGen



Joined: 06 Oct 2003
Posts: 975
Location: Czechoslovakia
MazeGen
Quote:
tested them on w95b !!! some won't work under w98se or w98 or even winme

These tricks are possible only under old leaky win95 or so, I much doubt you can do similar things in win98, not speaking about winxp...
Post 16 Feb 2006, 13:08
View user's profile Send private message Visit poster's website Reply with quote
vid
Verbosity in development


Joined: 05 Sep 2003
Posts: 7105
Location: Slovakia
vid
they really allowed this in w95?!? Idiots.

A pozri si schranku vole vole... uz som ti odpisal.
Post 16 Feb 2006, 13:18
View user's profile Send private message Visit poster's website AIM Address MSN Messenger ICQ Number Reply with quote
MazeGen



Joined: 06 Oct 2003
Posts: 975
Location: Czechoslovakia
MazeGen
In win9x, you can easily switch to ring0, so many tricks are allowed...

Uz to tam mas voe
Jinak ted sem nekde cetl analyzu ze zadny jiny narody nez my nepouzivaji slovo v podobnym vyznamu jako my to vole...
Post 16 Feb 2006, 13:42
View user's profile Send private message Visit poster's website Reply with quote
vid
Verbosity in development


Joined: 05 Sep 2003
Posts: 7105
Location: Slovakia
vid
you can always install ring0 driver, no? if you have admin rights...

somarina, vsak amici maju nejake "man" (come on, maaaan), alebo hiphoperi "brotha"... aj ked to nieje celkom to iste.
Post 16 Feb 2006, 14:21
View user's profile Send private message Visit poster's website AIM Address MSN Messenger ICQ Number Reply with quote
LocoDelAssembly
Your code has a bug


Joined: 06 May 2005
Posts: 4633
Location: Argentina
LocoDelAssembly
In Win9x you can **always** load a driver, in Win9x everybody enjoys administrative privilegies.

Sorry, I will not put here nothing in strange language Razz
Post 16 Feb 2006, 15:09
View user's profile Send private message Reply with quote
Matrix



Joined: 04 Sep 2004
Posts: 1171
Location: Overflow
Matrix
i believe it is possible to get ring0 in xp too.
it has a cool help...
and a cool run program function...
Post 17 Feb 2006, 00:43
View user's profile Send private message Visit poster's website Reply with quote
LocoDelAssembly
Your code has a bug


Joined: 06 May 2005
Posts: 4633
Location: Argentina
LocoDelAssembly
Well in XP actually there is a way http://www.securiteam.com/windowsntfocus/5TP0B2KC0K.html . However note that you need SE_DEBUG_NAME privilegies for this.

There is others methods too but most of then needs admin privilegies, I think.
Post 17 Feb 2006, 00:49
View user's profile Send private message Reply with quote
Reverend



Joined: 24 Aug 2004
Posts: 408
Location: Poland
Reverend
In 29A zines there were some methods to enter ring 0
Post 17 Feb 2006, 10:42
View user's profile Send private message Visit poster's website Reply with quote
chris



Joined: 05 Jan 2006
Posts: 62
Location: China->US->China->?
chris
of cource you can *legally* enter ring0 through sysenter/syscall, but this will invoke the KiSystemCallEntry kernel routine. If you want to call your custom routines in ring0 you need a driver Wink
Post 22 Feb 2006, 04:17
View user's profile Send private message Reply with quote
r22



Joined: 27 Dec 2004
Posts: 805
r22
When Vista 64it comes out it will have a lock on all non signed drivers.

So we'll have to see if a ring0 exploit comes out for Vista 64bit, because it'll become a requirement if you want to mess around in the kernel. Unless you registers ($500/yr) with microsoft to get your drivers signed.
Post 22 Feb 2006, 05:42
View user's profile Send private message AIM Address Yahoo Messenger Reply with quote
0x4e71



Joined: 25 Feb 2004
Posts: 50
0x4e71
But wasn't there a way in NT to make your own callgate from ring3 and execute ring0 code all without using a driver, provided you are running as admin? Or has that been removed in 2k/xp?
I think I saw it described in a book.

+L
Post 23 Feb 2006, 19:37
View user's profile Send private message Reply with quote
Vasilev Vjacheslav



Joined: 11 Aug 2004
Posts: 392
Vasilev Vjacheslav
Post 26 Feb 2006, 05:52
View user's profile Send private message Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  


< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2020, Tomasz Grysztar.

Powered by rwasa.