About
Articles
Book Store
Distributed RCE
Downloads
Event Calendar
Forums
Live Discussion
Reference Library
RSS Feeds
Search
Users
What's New
Customize Theme
bluegrey
blackgreen
metal
simple
Flag:
Tornado!
Hurricane!
Login:
Password:
Remember Me
Register
Other
: Tron
File Information
Category
Open Source
# Downloads
Version
Other
Yes
3,154
0.0.8
Download from OpenRCE
MD5 Sum: 7D3383A8AB6BC47B88BE50CD0E6CBBF8
Last updated on Oct 5, 2006.
Author Information
Username
Name
E-Mail
URL
AlanBradley
Alan Bradley
abradley
fastmail
fm
http://
Description
Tron is a kernel driver that you can load into a non-SMP x86-32 WinXP system in order to create hidden views of arbitrary userland memory.
Tron provides the following APIs:
1. ADD_CLOAK(pid, cloak_start, cloak_end, fake_start, fake_end)
2. REMOVE_CLOAK(pid, cloak_start, cloak_end)
3. ADD_ALLOWED(pid, code_start, code_end, cloak_start, cloak_end)
4. REMOVE_ALLOWED(pid, code_start, code_end)
5. HIDE_DLL_BY_NAME(pid, wchar_name, fake_start, fake_end)
6. HIDE_DLL_BY_HANDLE(pid, dll_handle, fake_start, fake_end)
7. WRITE_HIDDEN(pid, dest, src, write_len)
8. READ_HIDDEN(pid, read, outbuf, len)
9. CHANGE_TRUST(pid)
10. PATCH_SCHEDULER(IDASwapContextAddress)
Uses for Tron include:
- Setting invisible breakpoints with CLU
- Injecting invisible DLLs
- Concealing patches created with MS Detours
- Concealing IAT modifications
Please see the README.txt file for more information. Further information about this tool is also available from my ToorCon slides
http://www.openrce.org/repositories/users/AlanBradley/Tron-TC8.pdf
There are
28,212
total registered users.
Recently Created Topics
Reverse Engineering ...
Jan/23
Career: DoD Agency I...
Jan/22
"Disappearing&q...
Jan/17
Career: Software Sec...
Jan/11
Where is the call st...
Jan/07
IDA Pro 6.1 Breakpoi...
Jan/01
How to create data s...
Dec/30
can i search all mod...
Dec/23
IDA symbol table exp...
Dec/20
An anti-attach trick
Dec/17
Recent Forum Posts
Reverse Engineering ...
NirIzr
"Disappearing&q...
NirIzr
Reverse Engineering ...
charlie
"Disappearing&q...
charlie
An anti-attach trick
Bass
An anti-attach trick
waleeda...
An anti-attach trick
Bass
An anti-attach trick
waleeda...
An anti-attach trick
Bass
Looking for value in...
NirIzr
Recent Blog Entries
Ludwig
Feb/04
chi on sale
Ludwig
Feb/04
Monster In The Vicinity Of ...
Ludwig
Feb/04
Supra footwear Online
waleedassar
Jan/31
Yet Another Anti-Debug Trick
RolfRolles
Jan/22
Finding Bugs in VMs with a ...
More ...
Recent Blog Comments
waleedassar
on:
Feb/01
Yet Another Anti-Debug Trick
NirIzr
on:
Jan/31
Yet Another Anti-Debug Trick
jackchen
on:
Jan/10
nike mercurial vapor iii
waleedassar
on:
Dec/27
A new Anti-Olly trick.
PeterFerrie
on:
Dec/27
A new Anti-Olly trick.
More ...
Imagery
SoySauce Blueprint
Jun 6, 2008
[+] expand
View Gallery
(11) /
Submit
![[+] expand](/imagery/files/soysauce_blueprint.gif){kind=link}