How can i access to ring-0 ? (win2k)
Posted on 2003-08-27 03:06:06 by Criminal2
via kmd. Four-F has some tutorials on how to create kmd. It is hosted on hutch's forum if I am not wrong.
Posted on 2003-08-27 03:14:27 by roticv
what is "hutch's forum " uRL ?
Posted on 2003-08-27 03:17:09 by Criminal2
Posted on 2003-08-27 03:34:03 by roticv
Posted on 2003-08-27 06:14:28 by Criminal2
You can access ring0 without kmd
Posted on 2003-08-31 13:21:07 by Chrishka

You can access ring0 without kmd

more info, please :rolleyes:
Posted on 2003-08-31 20:07:43 by S.T.A.S.
I think I got to ask before throwing this out here, I read the rules, and I gotta admit I'm not sure about this stuff being legal or not
Posted on 2003-09-01 03:03:11 by Chrishka

I think I got to ask before throwing this out here, I read the rules, and I gotta admit I'm not sure about this stuff being legal or not

If you're ever unsure about wether you could post a certain thing, use your private messaging and PM a moderator or administrator and wait for their response.
Posted on 2003-09-01 03:11:02 by S.T.A.S.
Thanks S.T.A.S.
Posted on 2003-09-01 04:27:01 by Chrishka
usually depends on the context, if you're using what could be defined as 'malicious' means to achieve it then I'd advise against it. We don't support viri or trojan software here.

So you can go ahead and post it, we will notify you anyway if we think it's 'risky' or anything :)
Posted on 2003-09-01 05:31:33 by Hiroshimator
Whether the code is malicious or not, going ring0 without a driver _will_ be risky - it's not so cool depending on undocumented features, security flaws, et cetera.

Post the code anyway, it's always interesting to look at. Just don't use dirty stuff in release products.
Posted on 2003-09-01 10:00:06 by f0dder
you can access the ring0 through the call gate but you must have the system privilege.
Posted on 2003-09-02 02:10:53 by xiawolf

You will always be stuck with this problem that the later OS versions formally exclude ring 0 access from application level ring 3 programming. It was done because the access that was allowed in earlier version was used among other things for virus code and did a lot of damage.

You may find the odd hole in various vesions of Windows that allows it but it will never be reliable. If you have a valid need for ring 0 access, write a device driver for the OS version you have in mind.

Posted on 2003-09-02 02:21:16 by hutch--
You can access ring0 through call gates, but you don't need any privilege. The trick is using the object '\device\physicalmemory'. Applications can't open it with read/write access, but they can write a new access control list (?!) and give full access to this object for anyone.
Posted on 2003-09-02 06:17:51 by Chrishka