#1
|
|||
|
|||
Execution Code by using real CPU! no Emulation!!
Hi every body,
I know there are many CPU emulator free and open source around the web. But I like to execute code by real CPU for its speed. I think I can run code by making a new thread inside my program. Problem is program can not work with making a memory access virtualization and Stack memory virtualization. In on sentence, what should I do for emulation access to memory? How can I detect when Instruction Pointer come to access to memory? Some one said to me I muss play with exception. Is it true? If yes, how can I do? Vodu, |
#2
|
|||
|
|||
Yes, it's true.
Try playing with VirtualProtectEx() using PAGE_GUARD as new access protection. Any following attempt to read from or write to a guarded page causes the system to raise a STATUS_GUARD_PAGE exception. Anyway, I don't think that if you raise an exception at every memory access you will be faster than emulating the CPU or single stepping through your code... Best regards, bilbo |
#3
|
|||
|
|||
Quote:
Quote:
|
#4
|
|||
|
|||
I would love to know how VMWare works, but I don't know...
By the way, I have never tried to reverse it, because it refuses to run on an old AMD K6 I have, and I don't like this... Quote:
Regards, bilbo |
#5
|
|||
|
|||
VMWare use ring-0. Do you know how we can make an exception handling process by using a sys file. Is there any sample in DDK? How it detect memory access and privilged commend? VMWARE and VPC2004 both only work on 2000 and XP. they do not work on Win2003 and Win98.!?
It seem they dont use exception handling in ring-3... |
#6
|
|||
|
|||
Old VirtualPC (before Microsoft buy Conetix) works on every Windows OS. I tested it on a Win98. VMWare never works on Win9x, only NT kernel OS.
Old VirtualPC (version 5 or earlier) uses .vxd or .sys pedending of kernel. I think using full CPU emulation is only one possibilty to create working x86 virtual machine. So operation on Ring0 is required. And think about target-system-independent mode (real, protected or V86). BTW why VirtualPC don't work on Win2k3? I didn't test it but if it really don't work - we can use Microsoft Virtual Server 2005, specially designed for 2k3. |
#7
|
|||
|
|||
VMWare Workstation works with Windows 2000/XP/2003 as well as many flavors of Linux:
http://www.vmware.com/support/ws5/doc/intro_hostreq_ws.html#wp1000805 If you'd like to play around with memory access, in a similar fashion to a virtual machine, you may want to have a look at Bochs, a Free Open Source emulator, which can be found here: http://bochs.sourceforge.net/ Looking at its source code might help you find what you're looking for |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Code execution exploit to run Doom inside Doom (for DOS) | CarrotStickCam | Source Code | 0 | 11-04-2022 01:47 |
The Legend of Zelda Ultimate Glitch Explained [Arbitrary Code Execution] | mcp | General Discussion | 1 | 09-20-2016 16:48 |
Stack execution .. is it blocked on Windows??? | yaa | General Discussion | 5 | 12-03-2007 21:22 |
How to execute a snippet of code before the main execution! | Android | General Discussion | 8 | 10-04-2006 01:22 |
Execution protection in WinXP SP2 | nine | General Discussion | 1 | 12-16-2003 04:11 |