flat assembler
Message board for the users of flat assembler.
Index
> Windows > can ring3 app modify IDT? |
Author |
|
vid 16 Feb 2006, 12:00
Last edited by vid on 16 Feb 2006, 13:19; edited 1 time in total |
|||
16 Feb 2006, 12:00 |
|
vid 16 Feb 2006, 13:18
they really allowed this in w95?!? Idiots.
A pozri si schranku vole vole... uz som ti odpisal. |
|||
16 Feb 2006, 13:18 |
|
MazeGen 16 Feb 2006, 13:42
In win9x, you can easily switch to ring0, so many tricks are allowed...
Uz to tam mas voe Jinak ted sem nekde cetl analyzu ze zadny jiny narody nez my nepouzivaji slovo v podobnym vyznamu jako my to vole... |
|||
16 Feb 2006, 13:42 |
|
vid 16 Feb 2006, 14:21
you can always install ring0 driver, no? if you have admin rights...
somarina, vsak amici maju nejake "man" (come on, maaaan), alebo hiphoperi "brotha"... aj ked to nieje celkom to iste. |
|||
16 Feb 2006, 14:21 |
|
LocoDelAssembly 16 Feb 2006, 15:09
In Win9x you can **always** load a driver, in Win9x everybody enjoys administrative privilegies.
Sorry, I will not put here nothing in strange language |
|||
16 Feb 2006, 15:09 |
|
Matrix 17 Feb 2006, 00:43
i believe it is possible to get ring0 in xp too.
it has a cool help... and a cool run program function... |
|||
17 Feb 2006, 00:43 |
|
LocoDelAssembly 17 Feb 2006, 00:49
Well in XP actually there is a way http://www.securiteam.com/windowsntfocus/5TP0B2KC0K.html . However note that you need SE_DEBUG_NAME privilegies for this.
There is others methods too but most of then needs admin privilegies, I think. |
|||
17 Feb 2006, 00:49 |
|
Reverend 17 Feb 2006, 10:42
In 29A zines there were some methods to enter ring 0
|
|||
17 Feb 2006, 10:42 |
|
chris 22 Feb 2006, 04:17
of cource you can *legally* enter ring0 through sysenter/syscall, but this will invoke the KiSystemCallEntry kernel routine. If you want to call your custom routines in ring0 you need a driver
|
|||
22 Feb 2006, 04:17 |
|
r22 22 Feb 2006, 05:42
When Vista 64it comes out it will have a lock on all non signed drivers.
So we'll have to see if a ring0 exploit comes out for Vista 64bit, because it'll become a requirement if you want to mess around in the kernel. Unless you registers ($500/yr) with microsoft to get your drivers signed. |
|||
22 Feb 2006, 05:42 |
|
0x4e71 23 Feb 2006, 19:37
But wasn't there a way in NT to make your own callgate from ring3 and execute ring0 code all without using a driver, provided you are running as admin? Or has that been removed in 2k/xp?
I think I saw it described in a book. +L |
|||
23 Feb 2006, 19:37 |
|
Vasilev Vjacheslav 26 Feb 2006, 05:52
|
|||
26 Feb 2006, 05:52 |
|
< Last Thread | Next Thread > |
Forum Rules:
|
Copyright © 1999-2024, Tomasz Grysztar. Also on GitHub, YouTube.
Website powered by rwasa.