• Advertisement
Sign in to follow this  

Switching to Ring 0 (Kernel Mode) from User Mode

This topic is 4884 days old which is more than the 365 day threshold we allow for new replies. Please post a new topic.

If you intended to correct an error in the post then please contact us.

Recommended Posts

Is it possible, by a bug or a hack or something, to switch the processor to kernel mode (Ring 0 on Intel) while executing code in the User Mode? I just made a bet that it is possible with a teacher of me. Thanks for help

Share this post


Link to post
Share on other sites
Advertisement
Clicky - However that 'hack' is only available to admins, so it's not a hack. I remember reading about Ring0 switching on underground zine sites a few years ago. It used to be possible, not sure if it still is. Either way, XP SP2 is likely to throw a fit or your antivirus program will flag the application as a virus.

Share this post


Link to post
Share on other sites
Guest Anonymous Poster
Under windows95 and windows98 (perhaps ME as well, not sure) a bug makes it possible for any program to go ring 0, using some clever aseembly. Several successful viruses used this trick, for example the infamous win32.CIH/Chernobyl

Share this post


Link to post
Share on other sites
If the operating system you're running your code under is properly designed and implemented switching from a user level program to run ring 0 will be prevented by the processor's protection features. It throws an exception.

If your particular OS happens to be Windows.. I've heard that it is possible. I once checked out a special library written for this purpose. Don't know if it works, though.

In short, the switch is possible iff either there is a kernel bug to exploit or a special, hidden API exists for this purpose. :)

-- Jani

Share this post


Link to post
Share on other sites
Sign in to follow this  

  • Advertisement