Hello,
Is checking the values of register(eax,ebx) while hooking INT 2E is possible.I got code from book "undoc winnt". for this is i have to write device driver.I am new to this so how to write device driver.I have .c file with me
Sify Mail - now with Anti-virus protection powered by Trend Micro, USA.
Know more at http://mail.sify.com
Sify Power mail- a Premium Service from Sify Mail!
know more at http://mail.sify.com
Windows XP and later do not use the INT 2E mechanism for making kernel
service calls. There is a 99% you can do what you want to do without
resorting to undocumented techniques. What exactly do you want to do?
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of thomas mathew
Sent: Monday, May 26, 2003 9:43 PM
To: NT Developers Interest List
Subject: [ntdev] Checking values of register (eax,ebx) while
hooking INT 2EHello,
Is checking the values of register(eax,ebx) while hooking
INT 2E is possible.I got code from book “undoc winnt”. for
this is i have to write device driver.I am new to this so how
to write device driver.I have .c file with me-Thomas
Sify Mail - now with Anti-virus protection powered by Trend
Micro, USA. Know more at http://mail.sify.comSify Power mail- a Premium Service from Sify Mail!
know more at http://mail.sify.com
You are currently subscribed to ntdev as: xxxxx@nryan.com
To unsubscribe send a blank email to xxxxx@lists.osr.com
Hello,
By hooking INT 2E, i will try to return it without doing anything so that my purpose of Hooking GDI system call is solved.
have u never used genericptr_t or wintype.h file becz these are required in my program.
-Thomas
:
Windows XP and later do not use the INT 2E mechanism for making kernel
service calls. There is a 99% you can do what you want to do without
resorting to undocumented techniques. What exactly do you want to do?
- Nick Ryan
> -----Original Message-----
> From: xxxxx@lists.osr.com
> [mailto:xxxxx@lists.osr.com] On Behalf Of thomas mathew
> Sent: Monday, May 26, 2003 9:43 PM
> To: NT Developers Interest List
> Subject: [ntdev] Checking values of register (eax,ebx) while
> hooking INT 2E
>
>
> Hello,
> Is checking the values of register(eax,ebx) while hooking
> INT 2E is possible.I got code from book “undoc winnt”. for
> this is i have to write device driver.I am new to this so how
> to write device driver.I have .c file with me
>
> -Thomas
> -------------------------------------------------
> Sify Mail - now with Anti-virus protection powered by Trend
> Micro, USA. Know more at http://mail.sify.com
>
> Sify Power mail- a Premium Service from Sify Mail!
> know more at http://mail.sify.com
>
>
> —
> You are currently subscribed to ntdev as: xxxxx@nryan.com
> To unsubscribe send a blank email to xxxxx@lists.osr.com
>
You are currently subscribed to ntdev as: xxxxx@sify.com
To unsubscribe send a blank email to xxxxx@lists.osr.com
Sify Mail - now with Anti-virus protection powered by Trend Micro, USA.
Know more at http://mail.sify.com
Sify Power mail- a Premium Service from Sify Mail!
know more at http://mail.sify.com
At least hook KeServiceDescriptorTable, not the IDT itself. XP uses
the SYSENTER opcode for syscalls, which uses some MSR instead of IDT
entry.
Max
----- Original Message -----
From: “thomas mathew”
To: “NT Developers Interest List”
Cc:
Sent: Tuesday, May 27, 2003 10:28 AM
Subject: [ntdev] RE: Checking values of register (eax,ebx) while
hooking INT 2E
> Hello,
> By hooking INT 2E, i will try to return it without doing
anything so that my purpose of Hooking GDI system call is solved.
>
> have u never used genericptr_t or wintype.h file becz these are
required in my program.
>
> -Thomas
>
> :
>
> > Windows XP and later do not use the INT 2E mechanism for making
kernel
> > service calls. There is a 99% you can do what you want to do
without
> > resorting to undocumented techniques. What exactly do you want to
do?
> >
> > - Nick Ryan
> >
> > > -----Original Message-----
> > > From: xxxxx@lists.osr.com
> > > [mailto:xxxxx@lists.osr.com] On Behalf Of thomas
mathew
> > > Sent: Monday, May 26, 2003 9:43 PM
> > > To: NT Developers Interest List
> > > Subject: [ntdev] Checking values of register (eax,ebx) while
> > > hooking INT 2E
> > >
> > >
> > > Hello,
> > > Is checking the values of register(eax,ebx) while hooking
> > > INT 2E is possible.I got code from book “undoc winnt”. for
> > > this is i have to write device driver.I am new to this so how
> > > to write device driver.I have .c file with me
> > >
> > > -Thomas
> > > -------------------------------------------------
> > > Sify Mail - now with Anti-virus protection powered by Trend
> > > Micro, USA. Know more at http://mail.sify.com
> > >
> > > Sify Power mail- a Premium Service from Sify Mail!
> > > know more at http://mail.sify.com
> > >
> > >
> > > —
> > > You are currently subscribed to ntdev as: xxxxx@nryan.com
> > > To unsubscribe send a blank email to
xxxxx@lists.osr.com
> > >
> >
> >
> >
> > —
> > You are currently subscribed to ntdev as: xxxxx@sify.com
> > To unsubscribe send a blank email to
xxxxx@lists.osr.com
> >
>
> -------------------------------------------------
> Sify Mail - now with Anti-virus protection powered by Trend Micro,
USA.
> Know more at http://mail.sify.com
>
> Sify Power mail- a Premium Service from Sify Mail!
> know more at http://mail.sify.com
>
>
> —
> You are currently subscribed to ntdev as: xxxxx@storagecraft.com
> To unsubscribe send a blank email to
xxxxx@lists.osr.com