|
How to use EXECUTE interrupt?
Hi,
This is the interrupt I want to use. But I don't know what DS: DX should point to. What's "DS: DX = pointer to an ASCIIZ filename" ? Is there anybody who can explain and let me know what ASCIIZ filename is? Quote:
Code:
pushadHow can I apply this code withput getting any exception? Also does changing the behaviour of CR0 register cause any problem for other programs or not? I mean is this register global for all processes or is it just for the process that I'm running and changing CR0 in it? Thanks in advance. Regards, Zest. |
An "ASCIIZ" String means nothing more than an ASCII String terminated by a "zero". It works just like normal C strings or like the "PCHAR" type in Pascal.
The "MOV" instruction with control registers can be only executed at a privilege level 0 or it will cause an general protection error. If you are trying to execute it at Ring-0, it may still crash with invalid bit combinations in CR0. But honestly I think you have no idea what you're doing and just found a few pieces of code which looked "cool" to you. |
Hi Markus,
Thanks for explanation. In fact,you are really frank.(That's what I appreciate indeed). The piece of code you see is not written by me. The coder of this snippet of code had claimed that every one could use this code to patch a program which is running. So I decided to use this method and see if it's possible and doable. Now,you say that I should run this code in Ring0. So I just don't know how to switch to Ring0 when I'm in Ring3 executing and running my program in which this snippet of code is implemented. I hope there is a way to switch to Ring0 and apply the patch to the running program and then come back to Ring3. If so,let me know how. As for the first part,I want to ,make a file with Overlay. That's why I asked about EXECUTION INTERRUPT. What I understood from your post is that something like the following code should do the task. Code:
.DATABest Regards, Zest. |
why don't you use CreateProcessA/W apis to execute program instead??
cr0 - write protection bit is used when you need to patch in r0 memory instead of changing protection in pde/pte... if you wanna patch in r3 then simple use WriteProcessMemory and VirtualProtectEx... of course, if you wanna make your patch "sticky" then you might wanna check anti-bpm by yates or this article from codeproject : http://www.codeproject.com/system/NoDeleteDelay.asp |
int 21 is from dos and you dont use it anymore in windows, dos is dead.
there isnt any way to switch to ring0 in xp, 9x is very easy. only way to use ring0 is code your own ring0 driver aka .sys but deroko already told you best way from ring3. ds is data segment used in dos. now they all point into same segment. in 64bit env they are dead due amd and intel used cs ds es fs gs segment bits for memory range. to not change gdt table item size, so we saved 3 bits and can page 8x more memory. dont waste time for old and useless things |
Hi,
Thanks for your explanation. The code I use is for DOS and I just want to learn how we can implement Overlays. That's why I asked for help and ofcourse I can't use CreateProcessA/W apis. The purpose is just learning and understanding the idea of overlays in DOS. Also thanks for explanation of 64bit environments. Regards, Zest. |
and where you use it? i think vista will not even have dos
|
| All times are GMT +8. The time now is 01:42. |
Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2026, vBulletin Solutions, Inc.
Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX