DllMain and its uncovered possibilites

Aww, another month or even more has apparently passed just in front of my eyes. As some of you might have realized, the school time have already ended (something like two weeks ago), thus allowing me to carry out some more research and remember about this blog. I expect some more posts to be written in the very next days, hope this will succeed.

In this particular post, I would like to describe some curiosities I found inside the kernel32.dll (and KernelBase.dll in case of Windows 7 RC) and ntdll.dll default Windows libraries. Not only want I to share the ideas that occured to me during this small research, but also I would like to hear some new techniques of making use of what I found. Feel free to add new facts/ideas regarding this post, as I could overlook some obvious assumption or things like this. Remember this is not and shouldn’t be considered a thorough report. To make everything clear, the entire post covers the situation on x86 versions of Microsoft Windows systems.

Read more

Recent conferences’ reports

It seems like the blog has been dead for more than two months, mainly due to kind of wrong priority hierarchy – there was always something interesting to research, even when I should be busy writing a next interesting post on my blog ;)

The recent weeks haven’t been wasted at all, as the site state might suggest. Thanks go to the SecNews admin for dropping a line about this place, a few days ago – the sudden visit rate increase was really motivational to keep on posting here. Since now, I’ll try to redesign my priorities so as to spend more time on the blog development, but life will show how will I handle it.

What I am going to describe today is not a technical subject at all (though strongly related to). During recent times I’ve been present at a few really well-organised conferences (though not every I wanted to attend), all of which I am going to mention here. The most popular one, CONFidence 2009 will be described in detail while the other ones will only be briefly introduced to the reader.

Read more

Extending Total Commander with some minor functionality

As a loyal standard Windows shell (explorer.exe) user I often encounter some problems with the number of opened Windows on one desktop. Since my current notebook hardly ever goes down, so does the user’s shell. After a few working evenings, I often have difficulty localizing the desired windows. Having something like 40-50 of them, it is usually a hard task to switch between internet browser, IDA, programming IDE, virtual machines, file manager and so on. The worst thing for me turned out to be looking for the TotalCommander window (being used the most frequently). A situation like this was obviously causing much of a time waste and consequently frustration.

I came up with a few available solutions, listed below:

  1. Having the taskbar items sorted at any time, thus making the current work state much clearer.
  2. Creating a set of system-wide hotkeys, each responsible for setting focus on the associated window or a group of windows.
  3. Start using some kind of Virtual Desktop software and reorganize the whole work environment.

All of them sound pretty good, in fact, and each is worth being described in detail. What is more, there is a great amount of free software designed just to help users with such problems. However, what everyone should already know is that the best solution is the made-by-myself one ;-)

Read more

Process termination issues

The first technical post here is about the process of terminating applications on Windows system. I have been researching this subject for the last few days, during which a number of interesting (yet unknown) facts has appeared. Some of the solution ideas regarding particular problems are presented here, though I am sure there are many nice ways of dealing with those – feel free to post your ideas below ;>

Read more

Hello world!

Welcome to my new tech blog!

Seems like I finally decided to create a place to store the ideas that might become forgotten otherwise, so here you are. Even though I had some trouble choosing between polish/english/both versions, I eventually chose the one making the contents readable by a wider people range.

What you will hopefully be able to find here is various Reverse Engineering stories and research results, some computer-related problems being currently handled with, upcoming events and their reports, as well as any other things that could come up to my mind, worth being published ;-)

That’s all for now, feel free to criticize and post comments, which I encourage you to do.