Windows Vista and unexported kernel symbols (Part II, 32bits version)
by Matthieu Suiche on Jan.31, 2007, under Articles, Reverse Engineering, Windows
This paper exposes part II of my previous article about Windows Vista and internals structures. This one is talking about the 32bits version and aims to show new authencity tricks.
Download it from the following link:
Windows_Vista_32bits_and_unexported_kernel_symbols.pdf
Cheers,
1 comment for this entry:
February 1st, 2007 on 5:14 am
ReactOS implements *all* of this to the letter, and the source code is in C and GPLed, so I’m not quite sure on why you went through the trouble of reversing it yourself and publishing it with unofficial structure definitions/constant names… nevertheless, a good read and I guess you learnt a lot while reversing it, but the final copy could’ve used the ROS code.