Search found 448 matches

by Vrtule
Fri Jan 25, 2019 10:13 pm
Forum: User-Mode Development
Topic: How to emulate LOW IL ?
Replies: 6
Views: 989

Re: How to emulate LOW IL ?

I have one question, only for myself education. Microsoft tells, that Low Sid ID is - "S-1-16-1024"; Yes, it is S-1-16-4096 . SIDs beginning with S-1-16- are used for mandatory integrity levels. The higher the third number, the higher the integrity level is. Actually (and just for the skae of curio...
by Vrtule
Wed Nov 14, 2018 12:18 pm
Forum: Newbie Questions
Topic: How i can use one Asm code to x86 and x64?
Replies: 3
Views: 1451

Re: How i can use one Asm code to x86 and x64?

You can write two ASM procedures: one for 32-bit and one for 64-bit platform, and use preprocessor macros (ifdefs) to compile only the procedure appropriate to the selected target.
by Vrtule
Sun Oct 14, 2018 8:28 pm
Forum: Newbie Questions
Topic: cpu/gpu contents
Replies: 1
Views: 1013

Re: cpu/gpu contents

Hello, Is there any equivalent of this function for gpus? For NVIDIA, you may use cudaGetDeviceCount and cudaGetDeviceProperties to get information about all CUDA-capable graphics cards installed. See this https://stackoverflow.com/questions/5689028/how-to-get-card-specs-programatically-in-cuda Sinc...
by Vrtule
Mon Sep 17, 2018 9:52 pm
Forum: Kernel-Mode Development
Topic: PG check
Replies: 4
Views: 2435

Re: PG check

PG is not in effect if the system runs in Debug mode and a kernel debugger is attached to it (I am not sure whether the Debug mode alone is sufficient).
by Vrtule
Mon Aug 27, 2018 8:22 pm
Forum: Newbie Questions
Topic: Windows Kernel Driver Signing issue (WFP/Inspect)
Replies: 1
Views: 1739

Re: Windows Kernel Driver Signing issue (WFP/Inspect)

IIRC you need to do the following:

1) enable Test Signing (bcdedit /set testsigning on),
2) insert the certificate used to test sign the driver into Trusted RootCertificate Authorities,
3) reboot.

I am not sure whether you also need to turn the Secure Boot off.
by Vrtule
Wed Aug 22, 2018 1:24 pm
Forum: Kernel-Mode Development
Topic: Injecting exe file into process fails on windows 7 but works on windows 10 / Exec library function fails, access denied
Replies: 4
Views: 4089

Re: Injecting exe file into process fails on windows 7 but works on windows 10 / Exec library function fails, access den

If I am reading your code correctly, you are resolving imports based on libraries loaded into your process, not the target one. Due to ASLR or a colision of base addresses of multiple DLLs, user32.dll may be placed on different virtual address in the target process.
by Vrtule
Sat Aug 18, 2018 3:03 pm
Forum: Newbie Questions
Topic: Export drivers
Replies: 14
Views: 13165

Re: Export drivers

So? .-.
So, what problem are you trying to solve? There is possibly a way other than export drivers.
by Vrtule
Thu Aug 16, 2018 10:10 pm
Forum: Newbie Questions
Topic: Export drivers
Replies: 14
Views: 13165

Re: Export drivers

Okay, this is a static linking, but i want a dynamic linking. It is still a dynamic linking but the system does it at driver load time. As far as I know, there is nothing like GetProcAddress in kernel. However, this is not a big issue, since you can find exported functions manually (or find a code ...
by Vrtule
Thu Aug 16, 2018 3:50 pm
Forum: Newbie Questions
Topic: Export drivers
Replies: 14
Views: 13165

Re: Export drivers

I expect the system load your export driver when another driver imports at least one of its (export driver's) symbols. The easiest way to import such a symbol is to use a .lib file created together with the "DLL" binary (well, I expect the linker creates one if the export driver exports at least one...