Results 1 to 3 of 3

Thread: Updated Ollybone plugin

  1. #1

    Updated Ollybone plugin

    Hey,

    I was working on TLB desync these days ( la Tron/Shadow Walker).
    My major problem was to port that code on SMP system. (see the thread here http://www.kernelmode.info/forum/viewtopic.php?f=14&t=353 ).
    I finaly resolved my problem (thanks Alex to pointed me PHunter code).
    A friend, also send me a link to ollybone plugin that is using that method but the SMP compatibility was a bit dirty.
    So I decided to update it using the nice SMP interrupt hooking code from PHunter.
    Looks to work nicely on a 2 cores/Win 7 box.

    Should be very nice to update it to work on PAE system and on 64bits system.

    Cheers,

    Orkblutt
    Attached Files Attached Files

  2. #2
    processor.c & processor.h ? Ms-Rem's code is always top notch. I hope Alex sent you the PHunter v1.1 source.

    Maybe you will port it to x64?

    Best Regards,

    -Fyyre


    Quote Originally Posted by Orkblutt View Post
    Hey,

    I was working on TLB desync these days ( la Tron/Shadow Walker).
    My major problem was to port that code on SMP system. (see the thread here http://www.kernelmode.info/forum/viewtopic.php?f=14&t=353 ).
    I finaly resolved my problem (thanks Alex to pointed me PHunter code).
    A friend, also send me a link to ollybone plugin that is using that method but the SMP compatibility was a bit dirty.

    So I decided to update it using the nice SMP interrupt hooking code from PHunter.
    Looks to work nicely on a 2 cores/Win 7 box.

    Should be very nice to update it to work on PAE system and on 64bits system.

    Cheers,

    Orkblutt
    ebp~

  3. #3
    Hey Fyyre,

    Yes...Ms-Rem rocks
    Idk if I have PHunter v1.1... Didn't found version in the code.

    For x64, I even don't know if TLB desynchronisation is possible. But why not give it a try...
    I'll prefer atm to make it working on PAE enabled systems. See the other link Alex linked on km.info: http://www.rootkit.com/board.php?did=edge734&closed=0&lastx=15
    And also Deroko's "Dream Of Every Reverser" sources.

    All the best,

    Orkblutt

Similar Threads

  1. Updated APIScan
    By OpenRCE_Sirmabus in forum Blogs Forum
    Replies: 1
    Last Post: November 25th, 2007, 03:40

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •