Dear friends
In user mode application we can use “system” function to easily do some
tasks (change directory, open application &…).Is it possible to run shell
codes in kernel mode and how?
Cheers
Jack
No
From: xxxxx@lists.osr.com [mailto:xxxxx@lists.osr.com] On Behalf Of Jack sa
Sent: Thursday, May 28, 2009 8:15 AM
To: Windows System Software Devs Interest List
Subject: [ntdev] system() function in kernel mode!
Dear friends
In user mode application we can use “system” function to easily do some tasks (change directory, open application &…).Is it possible to run shell codes in kernel mode and how?
Cheers
Jack
— NTDEV is sponsored by OSR For our schedule of WDF, WDM, debugging and other seminars visit: http://www.osr.com/seminars To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer
Jack sa wrote:
Dear friends
In user mode application we can use “system” function to easily do some
tasks (change directory, open application &…).Is it possible to run
shell codes in kernel mode and how?
As an aside, I’d hardly call using ‘system’ an easy way for user mode
code to change directory. Using the API to change directory would be the
easy way, as well as being vastly more efficient.
>In user mode application we can use “system” function to easily do some tasks (change directory,
open application &…).Is it possible to run shell codes in kernel mode and how?
No. Even starting an EXE from kernel mode is a very major task and cannot be done without relying on undocumented stuff heavily, and I would un-recommend trying this in any commercial product.
BTW - there is no notion of “current directory” in NT kernel, it is all user-mode Win32. In NT kernel, you only have relative file opens.
–
Maxim S. Shatskih
Windows DDK MVP
xxxxx@storagecraft.com
http://www.storagecraft.com