About
Articles
Book Store
Distributed RCE
Downloads
Event Calendar
Forums
Live Discussion
Reference Library
RSS Feeds
Search
Users
What's New
Customize Theme
bluegrey
blackgreen
metal
simple
Flag:
Tornado!
Hurricane!
Login:
Password:
Remember Me
Register
Other
: Tron
File Information
Category
Open Source
# Downloads
Version
Other
Yes
3,520
0.0.8
Download from OpenRCE
MD5 Sum: 7D3383A8AB6BC47B88BE50CD0E6CBBF8
Last updated on Oct 5, 2006.
Author Information
Username
Name
E-Mail
URL
AlanBradley
Alan Bradley
abradley
fastmail
fm
http://
Description
Tron is a kernel driver that you can load into a non-SMP x86-32 WinXP system in order to create hidden views of arbitrary userland memory.
Tron provides the following APIs:
1. ADD_CLOAK(pid, cloak_start, cloak_end, fake_start, fake_end)
2. REMOVE_CLOAK(pid, cloak_start, cloak_end)
3. ADD_ALLOWED(pid, code_start, code_end, cloak_start, cloak_end)
4. REMOVE_ALLOWED(pid, code_start, code_end)
5. HIDE_DLL_BY_NAME(pid, wchar_name, fake_start, fake_end)
6. HIDE_DLL_BY_HANDLE(pid, dll_handle, fake_start, fake_end)
7. WRITE_HIDDEN(pid, dest, src, write_len)
8. READ_HIDDEN(pid, read, outbuf, len)
9. CHANGE_TRUST(pid)
10. PATCH_SCHEDULER(IDASwapContextAddress)
Uses for Tron include:
- Setting invisible breakpoints with CLU
- Injecting invisible DLLs
- Concealing patches created with MS Detours
- Concealing IAT modifications
Please see the README.txt file for more information. Further information about this tool is also available from my ToorCon slides
http://www.openrce.org/repositories/users/AlanBradley/Tron-TC8.pdf
There are
29,880
total registered users.
Recently Created Topics
PaiMei stalker modul...
May/19
Attach to program us...
May/13
IDA PRO how to make ...
May/12
FACT: OpenRCE is dead.
May/08
Int 3 anti debug?
May/05
help needed - Beginn...
May/03
Attaching IDA Pro to...
Apr/27
File type
Apr/21
Debugging iphone app...
Apr/15
Attaching
Apr/12
Recent Forum Posts
Ollydbg 2.0 - Plugin...
openrce...
IDA PRO how to make ...
codeinject
FACT: OpenRCE is dead.
codeinject
IDA Resource Viewer ...
r2x64
FACT: OpenRCE is dead.
djnemo
FACT: OpenRCE is dead.
codeinject
FACT: OpenRCE is dead.
pedram
help needed - Beginn...
araujo
Attaching IDA Pro to...
codeinject
Int 3 anti debug?
codeinject
Recent Blog Entries
sweetyss
May/18
Adam Wainwright continues t...
lowpriority
Apr/13
OllyMigrate Plugin for Olly...
everdox
Mar/08
2 anti-trace mechanisms spe...
everdox
Mar/07
Advanced debugging techniques
everdox
Mar/06
Branch tracing and LBR acce...
More ...
Recent Blog Comments
clarisonic
on:
Apr/03
New version of Ollydbg!
clarisonic
on:
Apr/03
New version of Ollydbg!
trackerx90
on:
Mar/04
SuppressDebugMsg As Anti-De...
coachfactory
on:
Feb/25
Portable Executable Format ...
coachfactory
on:
Feb/25
A new Anti-Olly trick.
More ...
Imagery
SoySauce Blueprint
Jun 6, 2008
[+] expand
View Gallery
(11) /
Submit
![[+] expand](/imagery/files/soysauce_blueprint.gif){kind=link}