Penetration Testing mailing list archives
Running Ring3 command from Ring0 in Windows?
From: Jun Koi <junkoi2004 () gmail com>
Date: Thu, 4 Jun 2009 01:39:32 +0900
Hi, I am looking for a way to execute Ring3 command (for ex, "net user passwd" to change password of an user) from Ring0 of Windows. The motivation of this is that I can exploit Windows kernel, and can execute my code there. So far so good. But I am not content with executing in Ring0 only, and want to run some code in Ring3, too. The code can be injected by me, or I just simply run an existent command tool (like cmd.exe) Could anybody recommend any technique to achieve this? (I am on Windows XP, but generic techniques that can also work on other version of Windows are even more appreciated :-) Thanks a lot, J ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- Running Ring3 command from Ring0 in Windows? Jun Koi (Jun 03)
- Re: Running Ring3 command from Ring0 in Windows? Jeffrey Walton (Jun 03)
- Re: Running Ring3 command from Ring0 in Windows? H D Moore (Jun 04)
- Re: Running Ring3 command from Ring0 in Windows? Jun Koi (Jun 08)
- Re: Running Ring3 command from Ring0 in Windows? H D Moore (Jun 08)
- Re: Running Ring3 command from Ring0 in Windows? Jun Koi (Jun 08)