Blog customization, old PHP advisories
Hey there!
Today, I would like to post a less-technical text, discussing two issues I have recently came across, or been busy with; don't worry though, as CSRSS Write-Up: IPC (part 2/3) is on the way. The first matter is about recent changes applied to the blog appearance and functionality, while the latter regards the results of a source-code audit performed by me and my Hispasec colleagues (Gynvael Coldwind and Icewall) something like a year ago (last summer 
).
Windows CSRSS cross-version API Table
Hello!
It seems like half a year has passed since I published the Win32k.SYS system call table list on the net. During this time (well, it didn't take so long 
) I managed to gather enough information to release yet another API list - this time, concerning an user-mode application - CSRSS (Client/Server Runtime SubSystem). As a relatively common research subject, I think a table of this kind can make things easier for lots of people.
Win32k.SYS system call table
Everyone who has ever had some serious contact with how the Windows kernel mechanisms work, was probably in need to access a complete system call number list (together with the handlers' definitions). As one of the most important part of the communication process between user's applications and kernel, SSDT is commonly used for both clearly practical purposes (such as hooking system services in order to modify the OS behavior in certain situations), as well as theoretical research or discussions.
TraceHook v0.0.1 release
Having some free time, I managed to apply some minor fixed to the TraceHook - I also decided to publish it, by the way. If there will be any bug reports / improvement suggestions, I will be more motivated to return to its development
Blog management changes
Welcome to the blog on my own hosting!
I have recently decided to add multi-language support to the blog, which obviously required the WordPress system to be moved to my own hosting (the one provided by wordpress.com lacks many important features, like the possibility to install plugins (which turned out to be very useful, by the way)). What is more, some other handy plugins have been installed as well, including code highlighting, modified t heme and a few other, not visible to the user himself.
Right from now, every new post is supposed to be available in the polish language version first. However, I will do my best to translate them as soon as possible. Hope you will like the new features!
Hello world!
Welcome to my new tech blog!
Seems like I finally decided to create a place to store the ideas that might become forgotten otherwise, so here you are. Even though I had some trouble choosing between polish/english/both versions, I eventually chose the one making the contents readable by a wider people range.
What you will hopefully be able to find here is various Reverse Engineering stories and research results, some computer-related problems being currently handled with, upcoming events and their reports, as well as any other things that could come up to my mind, worth being published
That's all for now, feel free to criticise and post comments, which I encourage you to do.
Pages
Projects
Recent Posts
- Kernel exploitation – r0 to r3 transitions via KeUserModeCallback
- Windows CSRSS Write Up: Inter-process Communication (part 2/3)
- Blog customization, old PHP advisories
- Windows CSRSS Write Up: Inter-process Communication (part 1/3)
- Windows CSRSS Write Up: the basics (part 1/1)
Recent Comments
- j00ru: @NCR: Mmm… you should know it, already?;D
- NCR: @j00ru: what could it be?
- j00ru: @frank boldewin: thanks mate @NCR: Ahaha, yeah ;D I’ve got something for ya btw.
- NCR: Hey!, you did it!, you wrote it! thanks!
- frank boldewin: excellent writeup dude!