Press "Enter" to skip to content

Why you should not always trust MSDN: Finding Real Access Rights Needed By Handles

Sinaei 0

Introduction Hi guys, The title of this topic is somehow weird, if you think everything in MSDN is 100% match with what Microsoft implemented in Windows (like what I used to think), you’re definitely wrong, this post shows some proofs and in the last part, I’ll give you a solution to ACCESS_RIGHTS problem. Before starting let’s talk about some backgrounds about “ACCESS_MASK“. Most of the explanations derived from here. Backgrounds The ACCESS_MASK data type is a DWORD value that defines standard, specific, and generic…

Hypervisor From Scratch – Part 6: Virtualizing An Already Running System

Sinaei 10

Introduction Hello and welcome to the 6th part of the tutorial Hypervisor From Scratch. In this part, I try to give you an idea of how to virtualize an already running system using Hypervisor. Like other parts, this part is really dependent to the previous parts so make sure to read them first. Overview In the 6th part, we’ll see how we can virtualize our currently running system by configuring VMCS, then we use monitoring features to detect execution of…

PacketScript overview: A Lua scripting engine for in-kernel packet processing

Shahriar 0

As I was surfing the net, trying to find a way to prototype network protocols or features in Linux. I stumbled upon PacketScript. PacketScript is the an implementation of the Lua VM inside Linux kernel. Such implementations aren’t new ,luak and lunatik have been existed for some time. However what makes PacketScript different is the ability to mangle network packets with Lua. Not just running Lua code in kernel. as a matter of fact PacketScript uses lunatik underneath as its…

Call Gates’ Ring Transitioning in IA-32 Mode

Sinaei 0

Have you ever thought how transitions between different rings performed? Well, SYSENTER & SYSCALL used in modern OSs for transitioning between ring 3 to ring 0 but if there are other rings, then what’s Intel solution for entering them? The answer is call gates. The rest of this topic described how to use call gates in modern processors. 80386 and its successors have 4 levels protections which isolate and protect user programs from each other and the operating system. It…

Hypervisor From Scratch – Part 5: Setting up VMCS & Running Guest Code

Sinaei 9

Introduction Hello and welcome back to the fifth part of the “Hypervisor From Scratch” tutorial series. Today we will be configuring our previously allocated Virtual Machine Control Structure (VMCS) and in the last, we execute VMLAUNCH and enter to our hardware-virtualized world! Before reading the rest of this part, you have to read the previous parts as they are really dependent. The full source code of this tutorial is available on GitHub : [https://github.com/SinaKarvandi/Hypervisor-From-Scratch] Most of this topic derived from…