we can use the instruction "lgdt" in a vxd on win98

will this work on win xp?
Posted on 2006-06-15 10:46:48 by kenn
VxDs don't run on NT, and of course you can't use the instruction from usermode either.

You'll need to write a .sys driver - look up "KMD - kernel mode drivers" or "WDM - windows driver model". Four-F's KMDKit might be interesting to you.

Now the question comes, why do you want to override the GDT?
Posted on 2006-06-15 12:34:50 by f0dder
Why use LGDT?

I need to change an .exe file to a .dll.

I think that's do-able, but .exe's generally load at 0x400000 so I need to make the .dll load somewhere else, like 0x1000000 maybe.

That's no problem, either, but the .exe has hard-coded intructions that refer to memory around 0x400000 and the rebase stuff is stripped out so the .exe (now .dll) will no longer run at the new address.

But if I change the "base address" entry in the GDT, I think I can trick the .dll into thinking it's still at 0x400000.  (That's my theory anyway!)


Posted on 2006-06-15 15:38:29 by kenn
First of all, if you want to change an exe file to a dll, recompile from source. Even if you have permission to change somebody else's .exe to .dll, it's not going to be as simple as that - they work in different ways, although they're both PE files.

GDT won't help you with this task anyway.
Posted on 2006-06-15 15:59:17 by f0dder
LOL. kenn, GTDs don't have much to do with address translation. IN 64-bit mode code/data selectors are forced to flat mode (base:0, size: 0FFFFFFFFFF...). Changing GDTs in 32-bit mode would crash the system due to paging. Even if -with some miracle- would you make it 'not crash', it wouldn't run, because every OTHER module would be mapped incorrectly.
Posted on 2006-06-15 16:17:25 by ti_mo_n