Menu
▾
▴
RE: [line-devel] int 80 and line operation
|
From: Michael S. <ms...@ac...> - 2001-04-18 16:46:45
|
No. I dont really have a place to put it. I can send it to you or ftp it or whatever Mike -----Original Message----- From: Michael Vines [mailto:mi...@bl...] Sent: Wednesday, April 18, 2001 12:39 PM To: Michael Stout Cc: lin...@li... Subject: Re: [line-devel] int 80 and line operation On Wed, 18 Apr 2001, Michael Stout wrote: > > I've been able to hook int 80 in a kernel mode device driver and send the > eax register and the process ID via a local procedure call to a user mode > application. which can be debugged using vc++. sending the other registers > shouldnt be a problem. > > Theres also some code that creates a process and emptys it out so that It is > free to have raw linux executables mapped into it. > > this is developed with vc++ and the NT ddk. It runs under 4.0 and 2000 > I really dont have much time to mess around with this anymore and > would be happy have help with it. > > My thoughts on how to advance the project > 1) Modify the kernel level driver to pass all the registers to the port > a) the ring0 prolog for the interrupt handler trashes a register. > b) slight modifications to passing the data through the port. > 2) figure out why the kernel mode driver fails to initialize the first time > it is loaded. > 3) Merge the port server with the user-mode application that calls the > kernel mode driver to set up the interrupt handler > 4) Merge the code to create an empty process into the user-mode application > 5) poke into that process an int 80 that calls execve > 6) go nuts implementing apis in the user mode code. > 7) move code into the kernel mode device driver so system calls dont have to > jump into and out of kernel mode all the time. That sounds really interesting. Is the code available online somewhere? Mike |
