int 8h
Calm Before the Storm

A basic overview on ARP poisoning with sample code for a simple ARP poisoner in C with libpcap.

Protected processes are a new feature in the Windows Vista kernel with the purpose of preventing malicious users from ripping premium multimedia content off next generation DVDs. Processes which are protected are immune to DLL injection and debug attempts from all users; even the Administrator. However, the implemenation of protected processes is flawed. This talk demonstrates how protected processes can be "unprotected" at runtime and how evil malicious processes can be "protected" at runtime.