OpenRCE

About Articles Book Store Distributed RCE Downloads Event Calendar Forums Live Discussion Reference Library RSS Feeds Search Store Users What's New

Customize Theme

Flag: Tornado! Hurricane!

Created: Tuesday, January 22 2008 04:06.26 CST Modified: Wednesday, January 23 2008 02:21.41 CST

Printer Friendly ...

ExcpHook 0.0.4 released

Author: GynvaelColdwind

# Views: 3443

Hi,

I've made a couple of bug fixes on the ExcpHook, changed the version string, and here it is.

The last public version was 0.0.3, this is what has changed from that version:



0.0.3b -> 0.0.4

  * Reformated the driver code a little

  * Fixed BSoD on race condition when multiple threads tried to add

    an exception at the same time and the list was full

  * Fixed the driver sending not fully filled data to the app when

    the read request was handled at the same time as adding driver info

  * Resized the exception buffer to 128 exceptions

  * Added a new stress test to the Test Suite



0.0.3a -> 0.0.3b

  * ExcpHook.exe now searches for the driver in current directory and in the

    directory where the exe file is placed.



0.0.3 -> 0.0.3a

  * Changed KiDispatchException signature to be more generic (thx goes to 

    Frank Boldewin)

The 0.0.4 version can be downloaded from this site.

Any comments are welcomed (bug reports / feature requests / anything).

I'll focus on implementing new features in the 0.0.5 version.

Well, that's it ;>
G.C.

Blog Comments

frankboldewin	Posted: Wednesday, January 23 2008 00:18.19 CST
thanx for sharing. really looking forward to the verbose output feature, like disasm/hex-bytes combination snippets of the exception area. ;)

GynvaelColdwind	Posted: Wednesday, January 23 2008 00:57.45 CST
thx for taking time to comment ;> I'll try to add the disasm/hex-bytes features, as well as registry and stack display, in 0.0.5 version. Oh, there is a typo there.. its 0.0.4 and not 4.0.0 ;>

djnemo	Posted: Friday, January 25 2008 10:31.44 CST
thanks again dear GynvaelColdwind but i think when it's with source ,it's better to have some comment in source

GynvaelColdwind	Posted: Friday, January 25 2008 13:05.58 CST
@djnemo There are 'some' comments ;> Hehe but of course You are correct sir ;> I'm adding 'add many comments' to the todo list ;>

frankboldewin	Posted: Friday, January 25 2008 17:09.02 CST
confusius says: well written code does not need comments. :D

GynvaelColdwind	Posted: Saturday, January 26 2008 01:57.31 CST
@frankboldewin Wasn't that Oscar Wilde ? ;>>> Anyway, as u know currently the code of ExcpHook is far from 'well written' ;>>

There are 21,677 total registered users.

Recently Created Topics
PyEmu error when cal...	Sep/02
Restore Themida/Winl...	Sep/02
Anti-olly technique	Aug/30
RAR Password	Aug/29
Heap protection on W...	Aug/23
Why Inline asm in C+...	Aug/20
Bypassing OllyAdvance	Aug/17
Error in logic for g...	Aug/17
Has anyone seen this...	Aug/17
ARM Executable - Pat...	Aug/16

Recent Forum Posts
reverse engineering ...	raiden56
pydbg, memory breakp...	Researc...
RAR Password	Ineedhelp
RAR Password	cod
Heap protection on W...	voila
Heap protection on W...	j00ru
Heap protection on W...	voila
Heap protection on W...	j00ru
Heap protection on W...	psylocn
Why Inline asm in C+...	ronnie2...

Recent Blog Entries
	meshmesh	Sep/01
Is it legal??
	waleedassar	Aug/30
Anti-olly technique
	QvasiModo	Aug/24
WinAppDbg 1.4 is out!
	artemblagodarenko	Aug/18
Dataflow-0.2.0 released. Ne...
	grzonu	Aug/17
Bypassing OllyAdvanced
More ...

Recent Blog Comments
	tosanjay on:	Sep/02
PyEmu 0.0.2
	GynvaelColdwind on:	Sep/01
Is it legal??
	PeterFerrie on:	Aug/31
Anti-olly technique
	dennis on:	Aug/26
Dr. Gadget IDAPython plugin
	halsten on:	Aug/19
Dataflow-0.2.0 released. Ne...
More ...

Imagery

SoySauce Blueprint
Jun 6, 2008

[+] expand

View Gallery (11) / Submit