About Articles Book Store Distributed RCE Downloads Event Calendar Forums Live Discussion Reference Library RSS Feeds Search Users What's New


Customize Theme

Flag: Tornado! Hurricane!

Blogs >> AlexIonescu's Blog

Created: Tuesday, October 31 2006 14:04.24 CST  
Printer Friendly ...
Lack of Time hurts more then anything
Author: AlexIonescu # Views: 1634

Just thought I should make a little update, since I've been a bit under the radar lately.

Since I've started school, life's been much harder to manage... 5 courses a week + tutorials + labs + assignments + midterms is quite a lot compared to what I was used to.

But I've still found time to write some code and participate in some activities. Interesting things for the OpenRCE community:

- TinyKRNL now has a working ftdisk.sys driver as well. We're very close to having the whole storage stack finished, which means that the kernel will follow after. The storage stack represents 70% of the driver work we have to do.
- I've almost completely implemented Dbgk support for ReactOS. Dbgk is the component of the NT Kernel which handles User-Mode Debugging. I'm writing on article on this right now, since I felt really motivated. It will discuss what happens with your Debug APIs in kernel32, and how the debug system is implemented. I'm hoping this will give you some ideas/insight on stuff like PyDbg.
- I've also started implementing LPC (Local Procedure Call) support. This used to be one of the most undocumented and buggiest pieces of code in the Kernel. However it's a great library to use for inter-process communication, and it's the backend for things like RPC, as well as LSA Security, Custom Exceptions and Thread Termination notifications. I don't have the time to write up an article on this, but in the future, I think this will be an area of interest to many. LPC's nicest use is cross-privilege communication, since it supports fully secure bidirectional communication between, say, a LOCAL_SYSTEM process running in the background, and a Guest account user. It's also fully native code so it's usable from native apps.

The NDK has been through some updates and ReactOS's svn server currently has the latest copy. I will sync it with Tiny's tonight, if the servers are back up, since they've been both down for maintenance. However, it's very likely one or both of the projects will be moving to Google Code. The guy who was supposed to be working on the Tiny site disaappeared again, so if you visit, I apologize for the bugs/some outdated information.

And finally, when Pedram is ready to do the move, I'll help him out to get the NDK referenced online and the other things we talked about.




Add New Comment
Comment:









There are 31,314 total registered users.


Recently Created Topics
[help] Unpacking VMP...
Mar/12
Reverse Engineering ...
Jul/06
hi!
Jul/01
let 'IDAPython' impo...
Sep/24
set 'IDAPython' as t...
Sep/24
GuessType return une...
Sep/20
About retrieving the...
Sep/07
How to find specific...
Aug/15
How to get data depe...
Jul/07
Identify RVA data in...
May/06


Recent Forum Posts
Finding the procedur...
rolEYder
Question about debbu...
rolEYder
Identify RVA data in...
sohlow
let 'IDAPython' impo...
sohlow
How to find specific...
hackgreti
Problem with ollydbg
sh3dow
How can I write olly...
sh3dow
New LoadMAP plugin v...
mefisto...
Intel pin in loaded ...
djnemo
OOP_RE tool available?
Bl4ckm4n


Recent Blog Entries
halsten
Mar/14
Breaking IonCUBE VM
oleavr
Oct/24
Anatomy of a code tracer
hasherezade
Sep/24
IAT Patcher - new tool for ...
oleavr
Aug/27
CryptoShark: code tracer ba...
oleavr
Jun/25
Build a debugger in 5 minutes
More ...


Recent Blog Comments
nieo on:
Mar/22
IAT Patcher - new tool for ...
djnemo on:
Nov/17
Kernel debugger vs user mod...
acel on:
Nov/14
Kernel debugger vs user mod...
pedram on:
Dec/21
frida.github.io: scriptable...
capadleman on:
Jun/19
Using NtCreateThreadEx for ...
More ...


Imagery
SoySauce Blueprint
Jun 6, 2008

[+] expand

View Gallery (11) / Submit