[_Lynn]

could someone post some material where i can learn and understand how segment selectors in windows correspond to their GDT index and how to navigate and understand the GDT properly> maybe i just having bad luck.. i not seem to be able to find decent documentation.

thanks. sorry for english

[everdox]

hello,

I don't know if you have checked the intel manual but there is some decent information there.

Check volume 3A.

:D

[Gunnerofarsenal]

This book gives one of the best explanations I have read

http://www.amazon.com/Rootkit-Arsenal-E ... 1598220616

[Kayaker]

Hi,

Sometimes it's useful to have a visual representation

How Windows NT uses GDT to implement "kernel mode" and "user mode"
http://www.reverse-engineering.info/Sys ... /usw/1.htm

There's a similar graphic for the IDT

Interrupt Descriptor Table and SoftICE "IDT" command
http://www.reverse-engineering.info/Sys ... /usw/4.htm


This is a mirror of a page I had created from some documentation on SoftIce commands from a Numega programmer (Tsuyoshi Watanabe). You can view them individually from the first link below, or download a zip of the complete page at the second link if interested.

http://www.reverse-engineering.info/Sys ... ation/usw/

http://www.woodmann.com/forum/showthrea ... l-commands