About
Articles
Book Store
Distributed RCE
Downloads
Event Calendar
Forums
Live Discussion
Reference Library
RSS Feeds
Search
Store
Users
What's New
Customize Theme
bluegrey
blackgreen
metal
simple
Flag:
Tornado!
Hurricane!
Login:
Password:
Remember Me
Register
Other
: Tron
File Information
Category
Open Source
# Downloads
Version
Other
Yes
2,294
0.0.8
Download from OpenRCE
MD5 Sum: 7D3383A8AB6BC47B88BE50CD0E6CBBF8
Last updated on Oct 5, 2006.
Author Information
Username
Name
E-Mail
URL
AlanBradley
Alan Bradley
abradley
fastmail
fm
http://
Description
Tron is a kernel driver that you can load into a non-SMP x86-32 WinXP system in order to create hidden views of arbitrary userland memory.
Tron provides the following APIs:
1. ADD_CLOAK(pid, cloak_start, cloak_end, fake_start, fake_end)
2. REMOVE_CLOAK(pid, cloak_start, cloak_end)
3. ADD_ALLOWED(pid, code_start, code_end, cloak_start, cloak_end)
4. REMOVE_ALLOWED(pid, code_start, code_end)
5. HIDE_DLL_BY_NAME(pid, wchar_name, fake_start, fake_end)
6. HIDE_DLL_BY_HANDLE(pid, dll_handle, fake_start, fake_end)
7. WRITE_HIDDEN(pid, dest, src, write_len)
8. READ_HIDDEN(pid, read, outbuf, len)
9. CHANGE_TRUST(pid)
10. PATCH_SCHEDULER(IDASwapContextAddress)
Uses for Tron include:
- Setting invisible breakpoints with CLU
- Injecting invisible DLLs
- Concealing patches created with MS Detours
- Concealing IAT modifications
Please see the README.txt file for more information. Further information about this tool is also available from my ToorCon slides
http://www.openrce.org/repositories/users/AlanBradley/Tron-TC8.pdf
Active in Last 5 Minutes
igorsk
Invisible
Invisible
There are
16,537
total registered users.
Recently Created Topics
how to crate a PATC...
Mar/10
wsnpoem audio.dll
Mar/09
suggestions - RE tra...
Mar/09
Requesting Suggestio...
Mar/06
Force enable debug p...
Mar/05
upgrading new image ...
Mar/03
upgrading new image ...
Mar/03
upgrading new image ...
Mar/03
Can some one give me...
Mar/02
Error in generating ...
Feb/28
Recent Forum Posts
wsnpoem audio.dll
zhane
suggestions - RE tra...
Silkut
how to crate a PATC...
Silkut
suggestions - RE tra...
RolfRolles
wsnpoem audio.dll
debbie
Requesting Suggestio...
secursig
Requesting Suggestio...
phn1x
how to get executabl...
RabidCi...
how to get executabl...
RabidCi...
Force enable debug p...
Silkut
Recent Blog Entries
RolfRolles
Mar/08
Compiler Optimizations for ...
ReWolf
Mar/04
When memory management goes...
thesprawler
Feb/20
log1949.txt -- Wondering ho...
thesprawler
Feb/20
log1949.log -- created on C...
thesprawler
Feb/17
Trying to reverse the firmw...
More ...
Recent Blog Comments
wildinto
on:
Mar/10
Compiler Optimizations for ...
Orr
on:
Mar/10
Compiler Optimizations for ...
bughoho
on:
Mar/09
Compiler Optimizations for ...
cliffwolf
on:
Mar/08
Compiler Optimizations for ...
Orr
on:
Mar/08
When memory management goes...
More ...
Imagery
SoySauce Blueprint
Jun 6, 2008
[+] expand
View Gallery
(11) /
Submit
![[+] expand](/imagery/files/soysauce_blueprint.gif){kind=link}