Jump to content

Ximonite

Member
  • Posts

    173
  • Joined

  • Last visited

  • Days Won

    3
  • Donations

    10.00 USD 
  • Country

    United States

Posts posted by Ximonite

  1. As of recently, MSFN is in a dire state and the amount of time we have left here is unknown.

    If you want to stay up to date on any projects of mine, I recommend you visit EclecBoard, which is a forum created by a friend of mine.

    Even if you're not specifically interested in my works, you should still check EclecBoard out, since they have been getting many new members recently.

  2. On 2/17/2022 at 3:11 AM, windows2 said:

    Ximonite is in the process of creating a new extended kernel . I advise you now to use the BlackWingCat Extended kernel.

     

    Yes, I recommend BlackWingCat's kernel for now, but I'm aiming to have development versions of the major KernelXE upgrade I have mentioned from time to time here available for people to test in the next few months.

  3. On 4/24/2021 at 11:37 PM, piotrhn said:

    whats progress of rewriting KernelXE ?

    I am fairly close to being able to test keyed events and have lots of smaller additions ready to test. I hope to have a technical preview KernelXE available sometime in June and a full release done before September. I also plan on making a page on my website for KernelXE because I don’t want KernelXE to suddenly become unavailable because of something happening on MSFN, like server maintenance.

  4. 7 hours ago, windows2 said:

    Please change devmgr.dll to devmgr.dll for Windows xp sp2. For the reason that it contains a hardware ID detection feature

     

    When installing kernelXE lite 0.2.5-rv1 I got a Bsod STOP: c0000139 {entry point not found} the procedure entry point LdrAddRefDll could not be located in the dynamic link library ntdll.dll .

    I had to restore the old ntdll.dll to fix this Bsod.

    Are you installing KernelXE lite over full KernelXE?
    That's definitely bound to cause problems cause BlackWingCat ntdll.

    Also, I plan on adding the newer version of devmgr.dll to full KernelXE. It's not needed in KernelXE lite cause it's made to install on top of BlackWingCat's extended kernel, which already contains the new devmgr.dll

  5. 8 hours ago, piotrhn said:

    How looks your progress on future releases: 0.2.4.3/4/5 ... :) ;) ; When you plane to publish & how we  can help you with this?

    I am definitely still working on KernelXE. The main thing I'm doing that's taking so long is adding keyed events.

    Keyed events are very tied into existing ntoskrnl code and it's gonna take a while to adapt existing stuff to work with them.

    Lots of stuff uses keyed events, so when this is done, it will be very good for Windows 2000 users.

    Here is a list of ntdll functions that use them:

    RtlAcquireSRWLockExclusive
    RtlAcquireSRWLockShared
    RtlReleaseSRWLockExclusive
    RtlReleaseSRWLockShared
    RtlRunOnceBeginInitialize
    RtlRunOnceComplete
    RtlRunOnceExecuteOnce
    RtlSleepConditionVariableCS
    RtlSleepConditionVariableSRW
    RtlWaitOnAddress
    RtlWakeAddressAll
    RtlWakeAddressSingle
    RtlWakeAllConditionVariable
    RtlWakeConditionVariable
    TpAllocPool
    TpAllocTimer
    TpAllocWait
    TpAllocWork
    TpDisassociateCallback
    TpPostWork
    TpReleaseCleanupGroupMembers
    TpReleasePool
    TpReleaseTimer
    TpReleaseWait
    TpReleaseWork
    TpSetPoolMinThreads
    TpSetTimer
    TpSetWait
    TpSimpleTryPost
    TpWaitForTimer
    TpWaitForWait
    TpWaitForWork

    I'm planning on adding all those functions and the kernel32 functions that rely on them.

    January has been very busy for me, but I hope that February is lighter so I get more time to work on KernelXE.

  6. On 1/29/2021 at 9:55 AM, WinFX said:

    Does firefox 54+ work in 2000? For some reason I get an XPCOM error.

    Try profiling it with Dependency Walker and post the log. You could also try installing Visual C++ 2019, which might help, since it can load concrt140.dll

  7. 17 hours ago, HelpJP said:

    I installed UMDF with KDW (XP SP2 matched) and it worke博d. But when loading WPDUSB.SYS it caused BSOD I think the reason is a mismatch UMDF with kernel base level. 

    Is it treatable?

    Which version of UMDF are you trying. UMDF 1.0 doesn't have this file and it isn't included in Windows 2000.

    16 hours ago, ZhuMa said:

    Hi, is it possible to make Windows 2000 boot from exFAT partition?

    Definitely not. I'm pretty sure it isn't even possible on XP.

  8. Hello. I have a Dell XPS M1210 that I am going to install Windows ME on. There is space for a Dell Truemobile Bluetooth module and I am planning to buy one.

    I want to know if anyone has any experiences or info that could be useful so I don't waste my money on an incompatible one.

    There are 3 different ones I could buy:

    Dell Truemobile 350 - Bluetooth 2.0, Uses Toshiba drivers
    Dell Truemobile 355 - Bluetooth 2.0, Based on Broadcom BCM92045MD
    Dell Truemobile 360 - Bluetooth 2.1, Uses Toshiba drivers

  9. 8 minutes ago, D.Draker said:

    But where do you see "rounded edges" in my text ?

    I was just saying how I like the rounded edges. Not saying you mentioned it.

    3 minutes ago, XPerceniol said:

    Testing with - Mozilla/5.0 (Windows NT 5.1; rv:68.0) Gecko/20100101 Goanna/4.7 Firefox/68.0 Basilisk/52.9.0 - A Roytan1 Build.

    Cleared the cache and still, I see many blank square buttons as I did when I just posted with new moon (palemoon).

    1.thumb.JPG.e91ca6b72727698988520929e4dc5699.JPG

    Interesting. No squares here with Firefox 78.6.0 on vista. I do get those types of squares on Discord sometimes though.

  10. 1 hour ago, D.Draker said:

    Hello , I'm terribly sorry , it doesn't work for me . First off , I got something square at this place , no any kind of dots appear, second (I guess it is java driven) it doesn't bring the menu up. The old design was not broken for me. And this new Win8/10-style website design with acid colours and round icons (which kinda give me wrong associations , I don't know know maybe it's only me) I really don't like . Please don't consider this as disrespect .

    The colors can be changed with the color picker. The color picker has been on MSFN for a while.

    Also, I like the new design and rounded edges. It looks cleaner in my opinion. Just sharing my opinion on the new design since you shared yours.

  11. 4 hours ago, piotrhn said:

    GDI32.DLL - Please add function:

    • ClearBitmapAttributes  (XP) 5.1

    USER32.DLL - Please add some functions:

    • PaintMenuBar  (XP) 5.1
    • CalcMenuBar  (XP) 5.1
    • IsServerSideWindow  (XP) 5.1
    • RegisterUserApiHook  (XP) 5.1
    • UnregisterUserApiHook  (XP) 5.1
    • ChangeWindowMesageFilter  (Vista) 6.0
    • DisableProcessWindowsGhosting  (XP) 5.1
    • DwmHintDxUpdate  (Vista) 6.0
    • GetGestureInfo  (7) 6.1
    • GetRawInputDeviceInfoA  (XP) 5.1
    • IsThreadDesktopComposited  (Vista) 6.0
    • IsTouchWindow  (7) 6.1
    • LogicalToPhysicalPoint  (Vista) 6.0
    • RegisterPowerSettingNotification  (Vista) 6.0
    • RegisterTouchWindow  (7) 6.1
    • SetGestureConfig  (7) 6.1
    • UnregisterPowerSettingNotification  (Vista) 6.0
    • UnregisterTouchWindow  (7) 6.1

     

    VIDEOPRT.SYS Please add to driver function: (code from 2k3 Sp2)

     VideoPortIsNoVesa: (XP) 5.1
              mov    al,[L00027041]
              retn
     L00027041:
             db    00h;
             db    00h;
             db    00h;

     

    TASKMGR - update taskmgr to version 5259, from early VISTA 5259 is last compatible with 2k and works fine. there's few news:

    -dumping process

    -open contain folder LOCATION

    -properties of file

    -network card as in XP/2k33

    Here is what I can do for all these functions:
    videoprt.VideoPortIsNoVesa - relies on code that doesn't exist in KernelXE's videoprt.sys and cannot be added easily.
    user32 functions - I can add most of them, but they will be stubs. I only add stubs when requested since they don't actually do anything and are just placeholders to take care of program dependencies.
    gdi32.ClearBitmapAttributes - redirects to a win32k function that doesn't exist in WildBill's win32k.sys. I will add this function when I get to modifying win32k.sys.

    I tried taskmgr from Longhorn build 5259 and it doesn't run at all. No error message or anything. Just "Thread terminated" in IDA.

  12. 1 minute ago, windows2 said:

    Many files that must be copied to the system32 were not copied, such as Winusb.sys , winusbcoinstaller2.dll , WinUSBCoInstaller.dll , winusb.inf.

    1. The .sys and .inf files shouldn't be in system32.
    2. I noticed that they aren't in the locations they should be.

    I am currently doing a lot of optimization to update.inf and this should hopefully fix this.

  13. 1 hour ago, windows2 said:

    I have deleted the BWC extended kernel installed, and I installed WildBill's collection update and KernelXE v0.2.3 this error occurred after restarting

    132800697_422972815473325_453080089280309525_n.jpg

    The error is valid. My version of ntdll doesn't have RtlRegisterSecureMemoryCacheCallback, but it's weird that it says mstask.exe on the top because the version of mstask.exe on my system doesn't call that function.

  14. 53 minutes ago, win32 said:

    The new imports thing is tricky, especially with a DLL that already has an import table. BWC managed to import new functions using some special set of routines which call LoadLibraryA and GetProcAddress.

    There's a way to do it without LoadLibraryA or GetProcAddress. This is what I do with everything cause I would rather spend my own time getting those functions in the import table than having the dll use a bunch of CPU clock cycles finding it. If it imports to the last file in the list, I can just add the import to the end. If it doesn't, here's what I do:

    1. Shift every reference to everything in the import address table that's going to be moved by how much it will be moved. Example: The order of dlls imported is gdi32, kernel32, ntdll and I want to add an import to gdi32 (this is literally what I've been doing today in user32). I would shift every reference to every address in the import address table that corresponds to ntdll or kernel32 up by 4. I do this in HxD with the replace tool and I start at the very end and go up the table until I get through all the ntdll and kernel32 imports.

    2. Rebuild the import directory in PEMaker. In my example, I would delete all the imports to kernel32 and ntdll, add the new gdi32 import, and readd all the kernel32 and ntdll imports with the addresses shifted up by 4.

    Tip for Step 2: I make the PEMaker window as short as possible to reduce physical strain from moving the mouse from the table to the delete button as many times as I need, since that number of times is usually in the hundreds.

    Note: Import hints don't needed to be correct when added back when doing this. They aren't essential for the file to work and if you care, ImportPatcher v29 can automatically correct them.

  15. 7 hours ago, piotrhn said:

    ok , i want try. But dont know how:

    • add code to dll
    • add new imports
    • what tools use
    • etc...

    Here's all the basics in one big post.

    Tools:
    IDA - A very good disassembler that handles Windows system files very well.
    HxD - The hex editor I use. It doesn't matter which one you use, but you will need one.
    PEMaker - Used for other general tasks, like adding imports and exports.
    PETool - Another program made for general PE file editing. There's a few features in PETool that aren't done in any other program very well or at all.
    Beyond Compare - For comparing lists of functions. I use Beyond Compare, but you can use whatever you prefer.
    CFF Explorer - For editing the file header.

    ida-view.png

    Here is an IDA window. The main area is the code you're looking at. In the file, the code is stored as opcodes, which you can look at in a hex editor or the Hex View in IDA.

    Changing a relative address:
    A relative address is one where the difference between the current location and the location referred to is stored.
    Example: At 77E16D22h, this instruction calls the function at 77E1580Eh. The data stored is the difference between 77E16D22h and 77E1580Eh, which is FFFFEAE7h.
    The data is stored backwards in the file, so a difference of FFFFEAE7h would be stored as E7 EA FF FF.
    If the location you want to make a function refer to already has a marker (example: loc_77E16D2B), then IDA can do everything for you. To do this, right click the address you want to change, and choose "Manual" in the drop-down menu. In the text field that says "Operand", change this to the address you want the instruction to refer to. This only works if another instruction refers to the address. If it doesn't, you will need to change the hex values directly. You can do this by going to the "Hex View" in IDA and pressing F2, then typing in hex values. Press F2 again to revert back to it's normal state.

    Other general info: When writing hex values in text, like a post on MSFN, just writing the value may be confusing, so either add "0x" to the beginning or "h" to the end.

    Changing an absolute address:
    Changing an absolute address is pretty simple. Just change the hex values in the instruction from the old address to the new one. Remember that these addresses are stored backwards in the file.

    This is all the info I know that could be very difficult to find noob-friendly info for. I ended up having my dad teach me this stuff, since he is familiar with IDA and uses it. Experimentation is the best way to learn this kind of stuff, so try stuff and see what happens.

  16. 17 hours ago, Methanoid said:

    Thread is people wanting USB 3.0 controllers working under W2K with USB 3.0 speeds... do they ALL work under W2K as USB 2.0 controllers? All I need is a USB 2.0 controller under W2K (I'm doing virtualisation passthrough and only have USB 3.0 controllers - AMD onboard - I might have a Renesas/NEC controller SOMEWHERE!!)

    idk but I know that the Renesas USB 3 drivers work with both BlackWingCat's extended core and WildBill's extended kernel.

    I would just use (or buy if you don't have one) a USB 2.0 PCI or PCIe card and pass that through to the virtual machine if all you need is USB 2.0.

×
×
  • Create New...