hi everyone

i am sorry for my bad english

is there any way to interrupts access without using sys file?

for example can i write kernel mode program in a dll?

or can i acess to interrupts with directly using assembly in windows?

please help me

interupts are dead in win32, especialy win64. you have winapi, there are some kernel interupts that today even in xp are raplaced by sysenter

do you see trap flag plugin in ollydbg?

it is in a dll that arrest of trapflag antidbg routine.

how do this plugin work with interrupts ?

is there any sys file for change cpu flags?

better learn something more before giving stupid examples, sorry but no interupts are used today, for int1 int3 there are today exceptions, its should also generate interrupt but this is handled by windows or ring0 drivers. so only thing you get in ring3 is exceptions, you can handle them by you routine,seh or veh. to set flags whats the problem?

pushf

pop eax

or eax,1

push eax

popf

and you set flags, problem is what will it generate, probably exception so you need to handle it.

another wat is GetThreadContext and SetThreadContext www.msdn.com

Edited August 9, 200718 yr by human