OpenRCE

About Articles Book Store Distributed RCE Downloads Event Calendar Forums Live Discussion Reference Library RSS Feeds Search Users What's New

Customize Theme

Flag: Tornado! Hurricane!

Created: Monday, September 4 2006 12:10.59 CDT

Printer Friendly ...

Current Projects

Author: AlexIonescu

# Views: 1851

I've been quite busy lately, but here's an update on my current projects for those of you who are interested:

* ReactOS - Recently finished re-writing the Ob (Object Manager) and Ps (Process Manager), now looking into Ke (Kernel) code. I've been modifying the boot sequence to make it more like NT, and re-wrote IRQ/Interrupt support within the HAL and communication with the kernel itself.

* Native Library and Development Kit - The NDK is ready for release, and I'm just waiting on Pedram to give me a heads up on when he'll have some time to look into adding it to the site. Until then, I'll probably add it to my repository and submit an article on it. Expect one this weekend.

The NDL (Library) is still being worked on however. It will allow you to do various sorts of things extremly easy, such as taking keyboard input, which in Native Mode isn't that simple. The NDL will ultimately allow you to write a fully-featured console-boot application (console-boot refers to the screen on which autochk/chkdsk runs when it detects disk damage on startup). In this mode, there is no GUI loaded, no other processes except yours, and you can even make yourself resident in memory before executing the GUI. Because your code runs at SYSTEM privileges, the system is wide open, and using something like LPC would allow you to communicate with Win32 applications running at any privilege level (basically for setting up your own monitoring or system-level applicaiton).

* NDK and NDL GUI: This is a relatively new project I've been working on which will allow you to code:
1) GUI and console applications inside Windows, using only native code. Microsoft and all the big NT gurus will tell you that this is impossible, but it's not. This research has also provided me with a lot of insight into potential vulnerabilities in the GUI subsystems, as well as several global pointers that can be easily overridden for exploits.
2) An entirely new GUI Server for Windows. Just like the non-GUI NDL allows you to write a boot-console application, the NDL-GUI will allow you to write a GUI application, meaning that you'll be loading your own GUI environment and application. Right now I've managed to get the blue desktop screen and the mouse, but a lot of work is still required. The NDK/L-GUI probably won't be ready for another year.

If you have any questions, suggestions, ideas or comments, please let me know!

There are 31,314 total registered users.

Recently Created Topics
[help] Unpacking VMP...	Mar/12
Reverse Engineering ...	Jul/06
hi!	Jul/01
let 'IDAPython' impo...	Sep/24
set 'IDAPython' as t...	Sep/24
GuessType return une...	Sep/20
About retrieving the...	Sep/07
How to find specific...	Aug/15
How to get data depe...	Jul/07
Identify RVA data in...	May/06

Recent Forum Posts
Finding the procedur...	rolEYder
Question about debbu...	rolEYder
Identify RVA data in...	sohlow
let 'IDAPython' impo...	sohlow
How to find specific...	hackgreti
Problem with ollydbg	sh3dow
How can I write olly...	sh3dow
New LoadMAP plugin v...	mefisto...
Intel pin in loaded ...	djnemo
OOP_RE tool available?	Bl4ckm4n

Recent Blog Entries
	halsten	Mar/14
Breaking IonCUBE VM
	oleavr	Oct/24
Anatomy of a code tracer
	hasherezade	Sep/24
IAT Patcher - new tool for ...
	oleavr	Aug/27
CryptoShark: code tracer ba...
	oleavr	Jun/25
Build a debugger in 5 minutes
More ...

Recent Blog Comments
	nieo on:	Mar/22
IAT Patcher - new tool for ...
	djnemo on:	Nov/17
Kernel debugger vs user mod...
	acel on:	Nov/14
Kernel debugger vs user mod...
	pedram on:	Dec/21
frida.github.io: scriptable...
	capadleman on:	Jun/19
Using NtCreateThreadEx for ...
More ...

Imagery

SoySauce Blueprint
Jun 6, 2008

[+] expand

View Gallery (11) / Submit