Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #Include "windows.bi"
- Dim Shared NtSystemDebugControl As Function(As Integer, As Any Ptr, As Dword, As Any Ptr, As Dword, As Dword Ptr) As Long
- Type CALL_GATE Field = 1
- addrlo As Word
- Seg As Word
- arg:5 As Byte
- u:3 As Byte
- typ:5 As Byte
- dpl:2 As Byte
- pres:1 As Byte
- addrhi As Word
- End Type
- Type gdtrStruct Field = 1
- limit As Word
- base As Dword
- End Type
- Type VIRTUAL1 Field = 1
- A As Any Ptr
- B As Any Ptr
- C As Dword
- End Type
- #Define Virtual(_a_, _b_, _c_, _d_) Scope: Var v = Type<VIRTUAL1>((_a_), (_b_), (_c_)): NtSystemDebugControl((_d_), @v, SizeOf(v), 0, 0, 0): End Scope
- Sub Ring0(cs As Dword, text As ZString Ptr)
- *text = !"A1MER.dll"
- Asm mov eax, cr0
- Asm
- leave
- .byte 0xCA ' retf 4
- .word 4
- End Asm
- End Sub
- Dim As Word farcall(3) = {0, 0, gate Shl 3}
- Dim As ZString Ptr param = CAllocate(100)
- Dim As Long result
- //lägg till så den läser wire
- Asm
- push [param]
- call fword Ptr [farcall]
- mov [result], eax
- End Asm
- Dim As LongInt c = 0
- Virtual(gdtr.base + gate * 8, @c, 8, 9)
- Print !"\n" & *param & !"\nCR0 = " & Hex(result, 8)
- Sleep
- DeAllocate(param)
- Return 0
- End Function
- Function Main() As Integer
- NtSystemDebugControl = GetProcAddress(LoadLibrary("ntdll"), "NtSystemDebugControl")
- Dim As TOKEN_PRIVILEGES pv, po
- pv.PrivilegeCount = 1
- pv.Privileges(0).Attributes = SE_PRIVILEGE_ENABLED
- Dim As HANDLE t
- Dim As Dword no
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
