These tricks are possible only under old leaky win95 or so, I much doubt you can do similar things in win98, not speaking about winxp...

they really allowed this in w95?!? Idiots.

A pozri si schranku vole vole... uz som ti odpisal.

In win9x, you can easily switch to ring0, so many tricks are allowed...

Uz to tam mas voe
Jinak ted sem nekde cetl analyzu ze zadny jiny narody nez my nepouzivaji slovo v podobnym vyznamu jako my to vole...

you can always install ring0 driver, no? if you have admin rights...

somarina, vsak amici maju nejake "man" (come on, maaaan), alebo hiphoperi "brotha"... aj ked to nieje celkom to iste.

In Win9x you can **always** load a driver, in Win9x everybody enjoys administrative privilegies.

Sorry, I will not put here nothing in strange language

i believe it is possible to get ring0 in xp too.
it has a cool help...
and a cool run program function...

Well in XP actually there is a way http://www.securiteam.com/windowsntfocus/5TP0B2KC0K.html . However note that you need SE_DEBUG_NAME privilegies for this.

There is others methods too but most of then needs admin privilegies, I think.

In 29A zines there were some methods to enter ring 0

of cource you can *legally* enter ring0 through sysenter/syscall, but this will invoke the KiSystemCallEntry kernel routine. If you want to call your custom routines in ring0 you need a driver

When Vista 64it comes out it will have a lock on all non signed drivers.

So we'll have to see if a ring0 exploit comes out for Vista 64bit, because it'll become a requirement if you want to mess around in the kernel. Unless you registers ($500/yr) with microsoft to get your drivers signed.

But wasn't there a way in NT to make your own callgate from ring3 and execute ring0 code all without using a driver, provided you are running as admin? Or has that been removed in 2k/xp?
I think I saw it described in a book.

+L

try this one...

http://ry.pl/~omega/asm/ring0nt.zip