About Articles Book Store Distributed RCE Downloads Event Calendar Forums Live Discussion Reference Library RSS Feeds Search Users What's New


Customize Theme

Flag: Tornado! Hurricane!

Blogs >> GynvaelColdwind's Blog

Created: Tuesday, January 22 2008 04:06.26 CST Modified: Wednesday, January 23 2008 02:21.41 CST
Printer Friendly ...
ExcpHook 0.0.4 released
Author: GynvaelColdwind # Views: 9379

Hi,

I've made a couple of bug fixes on the ExcpHook, changed the version string, and here it is.

The last public version was 0.0.3, this is what has changed from that version:

0.0.3b -> 0.0.4
  * Reformated the driver code a little
  * Fixed BSoD on race condition when multiple threads tried to add
    an exception at the same time and the list was full
  * Fixed the driver sending not fully filled data to the app when
    the read request was handled at the same time as adding driver info
  * Resized the exception buffer to 128 exceptions
  * Added a new stress test to the Test Suite

0.0.3a -> 0.0.3b
  * ExcpHook.exe now searches for the driver in current directory and in the
    directory where the exe file is placed.

0.0.3 -> 0.0.3a
  * Changed KiDispatchException signature to be more generic (thx goes to
    Frank Boldewin)


The 0.0.4 version can be downloaded from this site.

Any comments are welcomed (bug reports / feature requests / anything).

I'll focus on implementing new features in the 0.0.5 version.

Well, that's it ;>
G.C.


Blog Comments
frankboldewin Posted: Wednesday, January 23 2008 00:18.19 CST
thanx for sharing.

really looking forward to the verbose output feature, like
disasm/hex-bytes combination snippets of the exception area. ;)

GynvaelColdwind Posted: Wednesday, January 23 2008 00:57.45 CST
thx for taking time to comment ;>

I'll try to add the disasm/hex-bytes features, as well as registry and stack display, in 0.0.5 version.

Oh, there is a typo there.. its 0.0.4 and not 4.0.0 ;>

djnemo Posted: Friday, January 25 2008 10:31.44 CST
thanks again dear GynvaelColdwind but i think when it's with source ,it's better to have some comment in source

GynvaelColdwind Posted: Friday, January 25 2008 13:05.58 CST
@djnemo
There are 'some' comments ;>
Hehe but of course You are correct sir ;> I'm adding 'add many comments' to the todo list ;>

frankboldewin Posted: Friday, January 25 2008 17:09.02 CST
confusius says:

well written code does not need comments. :D

GynvaelColdwind Posted: Saturday, January 26 2008 01:57.31 CST
@frankboldewin
Wasn't that Oscar Wilde ? ;>>>
Anyway, as u know currently the code of ExcpHook is far from 'well written' ;>>



Add New Comment
Comment:









There are 31,313 total registered users.


Recently Created Topics
[help] Unpacking VMP...
Mar/12
Reverse Engineering ...
Jul/06
hi!
Jul/01
let 'IDAPython' impo...
Sep/24
set 'IDAPython' as t...
Sep/24
GuessType return une...
Sep/20
About retrieving the...
Sep/07
How to find specific...
Aug/15
How to get data depe...
Jul/07
Identify RVA data in...
May/06


Recent Forum Posts
Finding the procedur...
rolEYder
Question about debbu...
rolEYder
Identify RVA data in...
sohlow
let 'IDAPython' impo...
sohlow
How to find specific...
hackgreti
Problem with ollydbg
sh3dow
How can I write olly...
sh3dow
New LoadMAP plugin v...
mefisto...
Intel pin in loaded ...
djnemo
OOP_RE tool available?
Bl4ckm4n


Recent Blog Entries
halsten
Mar/14
Breaking IonCUBE VM
oleavr
Oct/24
Anatomy of a code tracer
hasherezade
Sep/24
IAT Patcher - new tool for ...
oleavr
Aug/27
CryptoShark: code tracer ba...
oleavr
Jun/25
Build a debugger in 5 minutes
More ...


Recent Blog Comments
nieo on:
Mar/22
IAT Patcher - new tool for ...
djnemo on:
Nov/17
Kernel debugger vs user mod...
acel on:
Nov/14
Kernel debugger vs user mod...
pedram on:
Dec/21
frida.github.io: scriptable...
capadleman on:
Jun/19
Using NtCreateThreadEx for ...
More ...


Imagery
SoySauce Blueprint
Jun 6, 2008

[+] expand

View Gallery (11) / Submit