create a thread for a user mode process through kernel mode

#14570 by programmer.cpp1986
Wed Jul 11, 2012 5:10 am

I wanna create a thread for a user mode process through kernel mode driver, how do i implement this?

Username

programmer.cpp1986

Posts

7

Joined

Wed May 23, 2012 7:47 am

Re: create a thread for a user mode process through kernel m

#14571 by EP_X0FF
Wed Jul 11, 2012 5:19 am

Native thread?

Ring0 - the source of inspiration

Username

EP_X0FF

Rank

Global Moderator

Posts

4947

Joined

Sun Mar 07, 2010 5:35 am

Location

Russian Federation

Contact

Re: create a thread for a user mode process through kernel m

#14572 by programmer.cpp1986
Wed Jul 11, 2012 5:24 am

no I wanna inject my code to a process through kernel driver.

Username

programmer.cpp1986

Posts

7

Joined

Wed May 23, 2012 7:47 am

Re: create a thread for a user mode process through kernel m

#14578 by EP_X0FF
Wed Jul 11, 2012 2:02 pm

This sounds like malicious behaviour. Check the TDL3 source code. It uses dll injection from kernel mode via APC. http://www.kernelmode.info/forum/viewto ... 5518#p5518

Ring0 - the source of inspiration

Username

EP_X0FF

Rank

Global Moderator

Posts

4947

Joined

Sun Mar 07, 2010 5:35 am

Location

Russian Federation

Contact

Re: create a thread for a user mode process through kernel m

#14591 by frank_boldewin
Wed Jul 11, 2012 4:44 pm

also check out twisters keusermodecallback implementation and article.

http://wasm.ru/article.php?article=keumc

http://wasm.ru/pub/21/files/ke_user_mode_callback.rar

Username

frank_boldewin

Posts

116

Joined

Thu Apr 22, 2010 8:59 am

Location

germany

Contact

Re: create a thread for a user mode process through kernel m

#14631 by R00tKit
Sat Jul 14, 2012 7:15 am

another sample for user mode callback
Inject DLL в процесс из kernel-mode
http://forum.antichat.ru/showthread.php?t=108515

@R00tkitSMM

Username

R00tKit

Posts

129

Joined

Tue Nov 16, 2010 8:23 pm

Contact