1. 5
  1.  

  2. 1

    As I miss low-level Ring0 debuggers like SoftIce, I clicked this title way too fast.

    Now I’m disappointed. Are we going to see any other software to interrupt your machine (and inspect/control however you like) in the future?

    1. 1

      As I miss low-level Ring0 debuggers like SoftIce,

      It was hard to tell from the video what exactly was going on. The wikipedia page two links away describes it as

      SoftICE is a kernel mode debugger for Microsoft Windows up to Windows XP. Crucially, it is designed to run underneath Windows such that the operating system is unaware of its presence. Unlike an application debugger, SoftICE is capable of suspending all operations in Windows when instructed. For driver debugging this is critical due to how hardware is accessed and the kernel of the operating system functions. Because of its low-level capabilities, SoftICE is also popular as a software cracking tool.

      So, one main point for my project is to have a live editor for the process/program being “debugged”. I don’t know how machine-level inspection and control would help here.

      Are we going to see any other software to interrupt your machine (and inspect/control however you like) in the future?

      What do you mean by any other software? The idea was to make a debugger from scratch from syscalls and up (well, almost since a wrapper is used).

      If instead you mean run multiple debuggers at once, currently ptrace prevent more than one from attaching to one process. I did think of attaching a debugger to the debugger itself though.

      From your experience, is it quick to make machine level interrupts and inspectors? And then to get the desired macroscopic effects? (For me, assembly was already borderline