Page 2 of 2 FirstFirst 12
Results 16 to 26 of 26

Thread: rr0d: rasta ring 0 debugger

  1. #16
    Is there a binary installer for RR0D?

  2. #17
    hi Aquatic,

    hehe the simple answer is no. rr0d consists of a kernel module so there is no real way around compiling this module. i think noone really wants to compile and make packages for all sorts of "standard" kernels shipped by the major distros - which is still limited to those exact kernel etc versions then (and just too many ppl build their own very specific kernels) so this makes too limited sense imho and is a bit dangerous as ppl for sure will come and just complain "why does rr0d not work on my 2.x.y.z fscking kernel? why do you choose rh and not mandriva blaablaaalblaaaa.

    on the bright side it is really not hard to compile.
    i am new to rr0d myself but that i can answer i think and if the rasta gods are good with me hehe. of course the rasta man himself _only_ knows if there will be a binary installer. i personally doubt it makes sense at all hehe

    did u try to compile it?

    cheers, 0xf001

  3. #18
    I'm not using Linux, I'm using XP. I've never used Linux before.

    I would rather compile this myself though, unless Serpilliere can post some kind of MD5 of the compiled files.
    Last edited by Aquatic; October 25th, 2005 at 12:23.

  4. #19
    hehe its ok aquatic,

    nice you are interested. pls let me explain, there can not be a binary download. the kernel module must match _your_ kernel. there are addresses as entrypoints to kernel functions used. these addresses are different on eachs kernel that is why it is getting compiled and "linked" against your current kernel.

    if you ie tell me what linux u are wanting to use it might be possible i can compile 4 u. but that can not be a real solution hehe, better is you compile it yourself. but dont b afraid it is not difficult. you even need not understand it perfectly to make it work. during time you will get used then to the compile yourself way. it is quite exciting in the beginning and you learn a lot.

    once you installed gnu/linux and have difficulties compiling we are here to help

    aaah - maybe i dint understand your post at all hehe. is it you want to use it on win? hm better post your questions in the tools of the trade section then i guess. i watch it as well hehehe

    regards, 0xf001

  5. #20
    Sorry, I should of said that I don't want to use it with Linux.
    Last edited by Aquatic; October 25th, 2005 at 18:38.

  6. #21
    Serpilliere
    Guest

    rr0d back

    yup!

    Sorry for not answering before. I was just thinking about the video driver. I made some research on "how the hell can i do a generik video driver on windows and linux". i will explain this later.

    So first 0xf001, your site is cool. i love the disco stuff on the title. Next, I read you have made some very interesting things on the parser. In fact, it sounds great.
    But i have another news. Pierre, the best rasta man of the Droids corp is a kind of super teacher in a hight school (in fact its real job is gogo danser in a very known company but erf, don't say that to his students). And the rasta man proposes to two of its students to build some script engine in rr0d. And those students decided to challenge this. I don't have at this time a clue of what it will result in, but the goal should be to have some script engine like olly does... but in ring0 man.
    I don't know if those both little rasta men will start a script engine from scratch and resetting the command parser once again. I don't know if they will do a sort of lex & yacc port for ring0 or if they will just build a script parser & executer, so i don't want you think the current parser you are writting will be obsolet. i don't want you think you are in concurence with them. I just wanted to inform you that we are not alone, working on rr0d dev


    For Aquatic, i think i actually can build a binary of rr0D for windows XP. Because every Win are the same, a binary should be oki for them. The only truble im front of is the adress of the Frame buffer ie the graphic zone. This is dependant of many thinks (graphic card, video driver, ...) and as i said before, i don't have any technical solution at this time to solve this problem. The way i do actually sux. browsing the whole ram searching some bytes looking like pixel is *not* acceptable. But man, don't worry, one day, i will hurt my head when cleaning the toilets, and i will find a solution (or re-inventing the flux capacitor. dunno.)

    Just to inform you that some code has been updated in rr0d. some bug on the segmentation have been fixed, and a little port of the stdlib, for those who complained their was no str* in rr0d. This is now done. The convention used is to call them rr0d_strlen for strlen, because on some OS the compilator complains because this interfers with previous def. (but not on other Os like win, that why this solution.)

    By the way f001, where can a i find your parser to test it? can you upload or link it pleaze?
    tx

    pfffiouu, long post, but that was a while
    Last edited by Serpilliere; October 30th, 2005 at 05:19.
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  7. #22
    Serpilliere
    Guest
    oh by the way,

    Does anyone has already had a look at the xorg or xfree sources ?
    Does anyone knows a bit on how they store addresses or strutures when they do *not* use frame buffer?

    I know rtfm, read the source, but erf. if a rasta has already played with that...
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  8. #23
    hey rasta man,

    please guide me - i am a bit feeling unsure whether i shall continue with the parser now hehe. its a standalone "app" expecting the "input line" as cmd arg. it then evaluates the line and prints out debug info about what it would do etc.
    yes i will send you the source you can decide then if you want to use it.
    ah to stdlib, i implemented the main strN functions i needed. basically counterparts or new functions but the thing is they all use N
    (strncpy, strncat, ...) just to piss of the buffer hackers

    for da screen, hmm i don't understand your question hehe. i mean not using a framebuffer there's the console text mode video u allready use - i get sthg wrong i thinnk

    cheers, 0xf001

  9. #24
    Serpilliere
    Guest
    oki.

    The fact is that i have included just last week a little stdlib in the source of rr0d. (because you are not supposed to have strlen and company in ring0 (in fact not in every kenels))
    So i think we have done dup work for this. It doesn't really matter: i ripped the code from a stdlib... :=)

    A list of the current implemented functions is in the file Utils.h (on the cvs for exemple http://cvs.droids-corp.org/cgi-bin/viewcvs.cgi/rr0d/0.3/utils.h)

    For the screen, don't bother with that. It has no link with the parser. (it was another problem)

    For the parser, i propose (if you agree) you to work with the two little rasta men of Pierre. Their goal is to do a script interpretor for rr0d so its a bit liked to a parser. I think they didn't start the job right no, so you know a bit more on rr0d compared to them. But it could be a great team

    If you want to concentrate only on the parser for the moment, there is no problem. keep going on


    I haven't meet them, i haven't got their mail yet.

    maybe soon

    +
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  10. #25
    doki, 8)

    i continue parsing, ... and hehe i went pretty much through utils.[ch], video.[ch], keyboard.[ch], command.[ch], etc .... da whole mess so to say in order to understand what i claim to do hehe

    as i sayed i want to unify all _command_ related functions etc into possibly 1 .c and 1.h file, propably the _parser_ could stay standalone that will show then hehe.

    hey thats cool to get support!! in case of any blonde student girl needing direct support or probably a deep introduction, into rr0d, and some optional other topics - just send them to me !! LoL

    and the las idea for now: why not link libc statically into rr0d hehehehehe

    cheers, 0xf001

  11. #26
    Serpilliere
    Guest
    hi man,

    In fact, they are rasta men (not rasta women) so i think you should keep being handy .
    For linking the stdlib, if i remember well, under windows you simply cannot include stdlib in your header.
    May the rasta gods help you in your task. R4sta'hem all.

    remote Serpilliere
    I promise that I have read the FAQ and tried to use the Search to answer my question.

Similar Threads

  1. ring-3 error
    By MasterMind07 in forum Tools of Our Trade (TOT) Messageboard
    Replies: 0
    Last Post: March 27th, 2007, 01:08
  2. ring(0) protection techonology!
    By muratselim in forum The Newbie Forum
    Replies: 1
    Last Post: December 30th, 2005, 17:57
  3. App better than ring-0?
    By Aquatic in forum The Newbie Forum
    Replies: 5
    Last Post: May 31st, 2004, 06:35
  4. Need to track 99% resource usage by cracked prog... ring 0
    By zambuka42 in forum Advanced Reversing and Programming
    Replies: 3
    Last Post: May 6th, 2004, 17:03
  5. ASPR Hacking in user mode (ie. not ring 0!)
    By squidge in forum Malware Analysis and Unpacking Forum
    Replies: 39
    Last Post: March 16th, 2003, 08:19

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •