Here’s a shot in the dark–
Has anyone attempted to implement hook code similar to
that described in Schreiber’s book “Undocumented W2K Secrets”
on W2K, or (importantly) updated for WXP and, assuming an understanding
of
and a reasonable comfort level with that approach, would care to share a
war story or two on any area of difficulty encountered in the process?
Bob Loewer
>> anyone attempted to implement hook code similar to that described in
Schreiber’s book
Fully in the dark. I have no ideea about whats in that book. So wouldnt be
better to describe the actual technique ?
Ciao
----- Original Message -----
From: “Bob Loewer”
To: “NT Developers Interest List”
Sent: Tuesday, August 13, 2002 5:21 PM
Subject: [ntdev] Schreiber’s Book Code
>
> Here’s a shot in the dark–
>
> Has anyone attempted to implement hook code similar to
> that described in Schreiber’s book “Undocumented W2K Secrets”
> on W2K, or (importantly) updated for WXP and, assuming an understanding
> of
> and a reasonable comfort level with that approach, would care to share a
> war story or two on any area of difficulty encountered in the process?
>
> Bob Loewer
>
>
>
>
>
>
> —
> You are currently subscribed to ntdev as: xxxxx@rdsor.ro
> To unsubscribe send a blank email to %%email.unsub%%
>
I have read this book. Please don’t ship any products built with the
information in this book. They are obviously undocumented and can change
from release to release.
–
Nar Ganapathy
Windows Core OS group
This posting is provided “AS IS” with no warranties, and confers no rights.
“Dan Partelly” wrote in message news:xxxxx@ntdev…
>
> >> anyone attempted to implement hook code similar to that described in
> Schreiber’s book
>
> Fully in the dark. I have no ideea about whats in that book. So wouldnt be
> better to describe the actual technique ?
>
> Ciao
>
> ----- Original Message -----
> From: “Bob Loewer”
> To: “NT Developers Interest List”
> Sent: Tuesday, August 13, 2002 5:21 PM
> Subject: [ntdev] Schreiber’s Book Code
>
>
> >
> > Here’s a shot in the dark–
> >
> > Has anyone attempted to implement hook code similar to
> > that described in Schreiber’s book “Undocumented W2K Secrets”
> > on W2K, or (importantly) updated for WXP and, assuming an understanding
> > of
> > and a reasonable comfort level with that approach, would care to share a
> > war story or two on any area of difficulty encountered in the process?
> >
> > Bob Loewer
> >
> >
> >
> >
> >
> >
> > —
> > You are currently subscribed to ntdev as: xxxxx@rdsor.ro
> > To unsubscribe send a blank email to %%email.unsub%%
> >
>
>
>
>
Yeah, stick to the documented techniques, as long it is possible. If you
state your final goal,
someone on this list will be most likely able to point you a good documented
way to accomplish this, providing it exists. Still , even if in not exists a
documented way, some ppl
here are still able to cast some light.
I had a discussion with one of my friends several minutes ago about this
book, and it turned out that like most books on undocumented NT, it
completly ommits the fact that NT is an operating system which is capable of
SMP, thus many of the code there *can* (but not necessarely) contain
conceptual flaws. Be carefull.
Ciao, Dan
----- Original Message -----
From: “Nar Ganapathy[MS]”
Newsgroups: ntdev
To: “NT Developers Interest List”
Sent: Tuesday, August 13, 2002 7:58 PM
Subject: [ntdev] Re: Schreiber’s Book Code
> I have read this book. Please don’t ship any products built with the
> information in this book. They are obviously undocumented and can change
> from release to release.
>
> –
> Nar Ganapathy
> Windows Core OS group
> This posting is provided “AS IS” with no warranties, and confers no
rights.
>
> “Dan Partelly” wrote in message
news:xxxxx@ntdev…
> >
> > >> anyone attempted to implement hook code similar to that described in
> > Schreiber’s book
> >
> > Fully in the dark. I have no ideea about whats in that book. So wouldnt
be
> > better to describe the actual technique ?
> >
> > Ciao
> >
> > ----- Original Message -----
> > From: “Bob Loewer”
> > To: “NT Developers Interest List”
> > Sent: Tuesday, August 13, 2002 5:21 PM
> > Subject: [ntdev] Schreiber’s Book Code
> >
> >
> > >
> > > Here’s a shot in the dark–
> > >
> > > Has anyone attempted to implement hook code similar to
> > > that described in Schreiber’s book “Undocumented W2K Secrets”
> > > on W2K, or (importantly) updated for WXP and, assuming an
understanding
> > > of
> > > and a reasonable comfort level with that approach, would care to share
a
> > > war story or two on any area of difficulty encountered in the process?
> > >
> > > Bob Loewer
> > >
> > >
> > >
> > >
> > >
> > >
> > > —
> > > You are currently subscribed to ntdev as: xxxxx@rdsor.ro
> > > To unsubscribe send a blank email to %%email.unsub%%
> > >
> >
> >
> >
> >
>
>
>
> —
> You are currently subscribed to ntdev as: xxxxx@rdsor.ro
> To unsubscribe send a blank email to %%email.unsub%%
>
Thanks for the guidance.
–Bob
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Dan Partelly
Sent: Tuesday, August 13, 2002 2:05 PM
To: NT Developers Interest List
Subject: [ntdev] Re: Schreiber’s Book Code
Yeah, stick to the documented techniques, as long it is possible. If you
state your final goal,
someone on this list will be most likely able to point you a good
documented
way to accomplish this, providing it exists. Still , even if in not
exists a
documented way, some ppl
here are still able to cast some light.
I had a discussion with one of my friends several minutes ago about this
book, and it turned out that like most books on undocumented NT, it
completly ommits the fact that NT is an operating system which is
capable of
SMP, thus many of the code there *can* (but not necessarely) contain
conceptual flaws. Be carefull.
Ciao, Dan
----- Original Message -----
From: “Nar Ganapathy[MS]”
Newsgroups: ntdev
To: “NT Developers Interest List”
Sent: Tuesday, August 13, 2002 7:58 PM
Subject: [ntdev] Re: Schreiber’s Book Code
> I have read this book. Please don’t ship any products built with the
> information in this book. They are obviously undocumented and can
change
> from release to release.
>
> –
> Nar Ganapathy
> Windows Core OS group
> This posting is provided “AS IS” with no warranties, and confers no
rights.
>
> “Dan Partelly” wrote in message
news:xxxxx@ntdev…
> >
> > >> anyone attempted to implement hook code similar to that described
in
> > Schreiber’s book
> >
> > Fully in the dark. I have no ideea about whats in that book. So
wouldnt
be
> > better to describe the actual technique ?
> >
> > Ciao
> >
> > ----- Original Message -----
> > From: “Bob Loewer”
> > To: “NT Developers Interest List”
> > Sent: Tuesday, August 13, 2002 5:21 PM
> > Subject: [ntdev] Schreiber’s Book Code
> >
> >
> > >
> > > Here’s a shot in the dark–
> > >
> > > Has anyone attempted to implement hook code similar to
> > > that described in Schreiber’s book “Undocumented W2K Secrets”
> > > on W2K, or (importantly) updated for WXP and, assuming an
understanding
> > > of
> > > and a reasonable comfort level with that approach, would care to
share
a
> > > war story or two on any area of difficulty encountered in the
process?
> > >
> > > Bob Loewer
> > >
> > >
> > >
> > >
> > >
> > >
> > > —
> > > You are currently subscribed to ntdev as: xxxxx@rdsor.ro
> > > To unsubscribe send a blank email to %%email.unsub%%
> > >
> >
> >
> >
> >
>
>
>
> —
> You are currently subscribed to ntdev as: xxxxx@rdsor.ro
> To unsubscribe send a blank email to %%email.unsub%%
>
—
You are currently subscribed to ntdev as: xxxxx@jamesbimen.com
To unsubscribe send a blank email to %%email.unsub%%
Yeah, I have an in-house driver that does basically what Sven describes
in his book. It works on all of {XP|2K|NT4}. We also did something on
9x, but that was a hell of a hack; mail me if you’re interested. Also,
look at www.sysinternals.com for regmon - get the source code - there’s
an implementation of a similar technique in there. Mark Russinovich
(sysinternals guy) wrote this up in an old issue of Dr. Dobb’s. You can
still download the article from their website.
Although this has been quite stable for us for over a year and on
hundreds of installations, the standard disclaimer about dirty kernel
hacks in production code applies. 
-sd
On Tue, 2002-08-13 at 09:21, Bob Loewer wrote:
Here’s a shot in the dark–
Has anyone attempted to implement hook code similar to
that described in Schreiber’s book “Undocumented W2K Secrets”
on W2K, or (importantly) updated for WXP and, assuming an understanding
of
and a reasonable comfort level with that approach, would care to share a
war story or two on any area of difficulty encountered in the process?Bob Loewer
You are currently subscribed to ntdev as: xxxxx@positivenetworks.net
To unsubscribe send a blank email to %%email.unsub%%
Steve Dispensa
Chief Technology Officer
Positive Networks