Around the same time microsoft let slip out a checked build of nt at some
winhec or other that had full symbols with it. Lots of people had access to
it and the word was out that many, if not all, of the undocumented kernel
ddi and data structures could be fully recovered from the build.
=====================
Mark Roddy DDK MVP
Windows 2003/XP/2000 Consulting
Hollis Technology Solutions 603-321-1032
www.hollistech.com
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Oliver
Schneider
Sent: Monday, August 08, 2005 7:34 PM
To: Windows System Software Devs Interest List
Subject: [ntdev] Re: Re:[ntdev] Referencing a RegKey Object
from handleDan,
> Im indeed fond as well of that book, and curious … how the author
> which claims that used reverse engineering to write that
book had so
> much clarvoyance to name 98% of structure members the same way as
> later we seen them in Windbg, at later times. He surely
must have some
> kind of paranormal powers.
> He is one with the force.
Have a look into the book of Sven B. Schreiber as well. He
also names many of the structures similarly. This is not
amazing at all because if you got a grasp of the naming
scheme you will likely choose a similar name.
Furthermore checked build of Windows NT existed at that time
as well … and yes, Sven B. Schreiber was one of those who
decrypted the mysterious PDB format and therefore learned a
lot from resources provided by Microsoft.Cheers,
Oliver
–
May the source be with you, stranger
ICQ: #281645
URL: http://assarbad.net
Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256You are currently subscribed to ntdev as:
xxxxx@hollistech.com To unsubscribe send a blank email to
xxxxx@lists.osr.com