About
Articles
Book Store
Distributed RCE
Downloads
Event Calendar
Forums
Live Discussion
Reference Library
RSS Feeds
Search
Users
What's New
Customize Theme
bluegrey
blackgreen
metal
simple
Flag:
Tornado!
Hurricane!
Login:
Password:
Remember Me
Register
Other
: Tron
File Information
Category
Open Source
# Downloads
Version
Other
Yes
6,909
0.0.8
Download from OpenRCE
MD5 Sum: 7D3383A8AB6BC47B88BE50CD0E6CBBF8
Last updated on Oct 5, 2006.
Author Information
Username
Name
E-Mail
URL
AlanBradley
Alan Bradley
abradley
fastmail
fm
http://
Description
Tron is a kernel driver that you can load into a non-SMP x86-32 WinXP system in order to create hidden views of arbitrary userland memory.
Tron provides the following APIs:
1. ADD_CLOAK(pid, cloak_start, cloak_end, fake_start, fake_end)
2. REMOVE_CLOAK(pid, cloak_start, cloak_end)
3. ADD_ALLOWED(pid, code_start, code_end, cloak_start, cloak_end)
4. REMOVE_ALLOWED(pid, code_start, code_end)
5. HIDE_DLL_BY_NAME(pid, wchar_name, fake_start, fake_end)
6. HIDE_DLL_BY_HANDLE(pid, dll_handle, fake_start, fake_end)
7. WRITE_HIDDEN(pid, dest, src, write_len)
8. READ_HIDDEN(pid, read, outbuf, len)
9. CHANGE_TRUST(pid)
10. PATCH_SCHEDULER(IDASwapContextAddress)
Uses for Tron include:
- Setting invisible breakpoints with CLU
- Injecting invisible DLLs
- Concealing patches created with MS Detours
- Concealing IAT modifications
Please see the README.txt file for more information. Further information about this tool is also available from my ToorCon slides
http://www.openrce.org/repositories/users/AlanBradley/Tron-TC8.pdf
There are
31,313
total registered users.
Recently Created Topics
[help] Unpacking VMP...
Mar/12
Reverse Engineering ...
Jul/06
hi!
Jul/01
let 'IDAPython' impo...
Sep/24
set 'IDAPython' as t...
Sep/24
GuessType return une...
Sep/20
About retrieving the...
Sep/07
How to find specific...
Aug/15
How to get data depe...
Jul/07
Identify RVA data in...
May/06
Recent Forum Posts
Finding the procedur...
rolEYder
Question about debbu...
rolEYder
Identify RVA data in...
sohlow
let 'IDAPython' impo...
sohlow
How to find specific...
hackgreti
Problem with ollydbg
sh3dow
How can I write olly...
sh3dow
New LoadMAP plugin v...
mefisto...
Intel pin in loaded ...
djnemo
OOP_RE tool available?
Bl4ckm4n
Recent Blog Entries
halsten
Mar/14
Breaking IonCUBE VM
oleavr
Oct/24
Anatomy of a code tracer
hasherezade
Sep/24
IAT Patcher - new tool for ...
oleavr
Aug/27
CryptoShark: code tracer ba...
oleavr
Jun/25
Build a debugger in 5 minutes
More ...
Recent Blog Comments
nieo
on:
Mar/22
IAT Patcher - new tool for ...
djnemo
on:
Nov/17
Kernel debugger vs user mod...
acel
on:
Nov/14
Kernel debugger vs user mod...
pedram
on:
Dec/21
frida.github.io: scriptable...
capadleman
on:
Jun/19
Using NtCreateThreadEx for ...
More ...
Imagery
SoySauce Blueprint
Jun 6, 2008
[+] expand
View Gallery
(11) /
Submit
![[+] expand](/imagery/files/soysauce_blueprint.gif){kind=link}