Dibya Posted September 6, 2016 Posted September 6, 2016 Hi I am starting this thread for some help in my project of bringing modern apps on XP. I have made a modified kernel . It is causing some BSOD and making pc to restart continuously so please if any one wish to help me i will pm him /her all files to check . I need some assistance as i am still novice in reverse engineering. Project Name : Extended XP Current Version : 0.02 i.Added Function to Kernel32.dll DecodePointer EncodePointer FlsAlloc FlsFree FlsGetValue FlsSetValue GetThreadId InitializeCriticalSectionEx InitOnceExecuteOnce K32EmptyWorkingSet K32EnumDeviceDrivers K32EnumProcesses K32EnumProcessModules K32GetDeviceDriverBaseNameW K32GetDeviceDriverFileNameA K32GetDeviceDriverFileNameW K32GetMappedFileNameA K32GetMappedFileNameW K32GetModuleBaseNameA K32GetModuleBaseNameW K32GetModuleFileNameExA K32GetModuleFileNameExW K32GetModuleInformation K32GetPerformanceInfo K32GetProcessImageFileNameA K32GetProcessImageFileNameW K32GetProcessMemoryInfo K32GetWsChanges K32InitializeProcessForWsWatch K32QueryWorkingSet SetThreadStackGuarantee GetTickCount64 ii.Prevented not a valid win32 Application Updated C Run-time Components i.Windows NT C++ Runtime Library DLL 7.0.6002.18005 ii.MFCDLL Shared Library - Retail Version 4.1.6151(ALL 4 DLLS) iii.Windows NT IOStreams DLL 7.0.6000.16386 iv. Windows NT CRT DLL 7.0.6002.22755 v.Windows Symbolic Debugger Engine 6.2.9200.16384 vi.Windows Image Helper 6.2.9200.16384 vii.WineD3D - DX10/11 wrapper by SyvetPro viii.Microsoft GDI+ 6.0.6002.23943 ix.Modified GDI32 with many Vista Functions x.MSXML 6.0 SP3 6.30.7601.22640 4
FranceBB Posted September 6, 2016 Posted September 6, 2016 Ok, btw we already had the topic about the modified kernel; why don't we use that one? I mean, modified kernel, compatibility layer: same target, different implementation. I'm pretty sure the old topic was fine, but if you wanna start a new one, fill your boots. Out of curiosity, did Blackwingcat replied to your message? 1
Dibya Posted September 6, 2016 Author Posted September 6, 2016 1 hour ago, FranceBB said: Ok, btw we already had the topic about the modified kernel; why don't we use that one? I mean, modified kernel, compatibility layer: same target, different implementation. I'm pretty sure the old topic was fine, but if you wanna start a new one, fill your boots. Out of curiosity, did Blackwingcat replied to your message? BWC Seem to be busy . I am using my old hex editing method. can you please test some my file ? 1
Dibya Posted September 7, 2016 Author Posted September 7, 2016 7 hours ago, FranceBB said: Sure, no problem at all. Today I will send you
Dibya Posted September 7, 2016 Author Posted September 7, 2016 (edited) rloew helped me much . BWC helped in expanding section. jumper given all basic idea . I thought of forwarding function to real system dll seems to be more secure and easy Edit :: trying to back-port .net framework 4.6.1 Edited September 7, 2016 by Dibya 3
jumper Posted September 7, 2016 Posted September 7, 2016 DecodePointer and EncodePointer already exist in XP's Kernel32.dll (5.1.2600.6293). They export-forward to NTDLL.RtlDecodePointer and NTDLL.RtlEncodePointer. How are you handling the original exports and how are you implementing the "new" functions? To isolate the cause of the BSOD, do a binary search: remove half of your new functions until the BSOD goes away, then add half back in until it reappears.
Dibya Posted September 8, 2016 Author Posted September 8, 2016 18 hours ago, jumper said: DecodePointer and EncodePointer already exist in XP's Kernel32.dll (5.1.2600.6293). They export-forward to NTDLL.RtlDecodePointer and NTDLL.RtlEncodePointer. How are you handling the original exports and how are you implementing the "new" functions? To isolate the cause of the BSOD, do a binary search: remove half of your new functions until the BSOD goes away, then add half back in until it reappears. Okay , Thanks For help
FranceBB Posted September 8, 2016 Posted September 8, 2016 (edited) I'll make some tests during the weekend; I'm pretty busy at work right now and I'm really really tired when I get back home. The last thing I wanna do is to test kernel calls xD Anyway, Saturday and Sunday I'll make some tests and I'll let you know. As to the .NET framework, I failed several times with the 4.5 with several different approaches in the past; good luck with 4.6.1. If you remember, I managed to get it installed but it didn't actually work and I ended up relying on mono, which does include some new functions, but lacks some other Fundamentals functions included in the .NET 4. With the few programs I tried, it failed as it didn't have some of the functions required either to compile or run such programs. Unfortunately, .NET is a huge framework which handles several things (really, many many things) for you when you run programs written to use it, that's why it's so flipping difficult to successfully backport it. C#, XAML, Prism MVVM, JSON etc they all rely on .NET... not only that; we received updates for .NET in the past, which means that a new .NET framework (especially a custom made/backported one) might actually introduce new security issues in XP. Edited September 8, 2016 by FranceBB
Dibya Posted September 9, 2016 Author Posted September 9, 2016 7 hours ago, FranceBB said: I'll make some tests during the weekend; I'm pretty busy at work right now and I'm really really tired when I get back home. The last thing I wanna do is to test kernel calls xD Anyway, Saturday and Sunday I'll make some tests and I'll let you know. As to the .NET framework, I failed several times with the 4.5 with several different approaches in the past; good luck with 4.6.1. If you remember, I managed to get it installed but it didn't actually work and I ended up relying on mono, which does include some new functions, but lacks some other Fundamentals functions included in the .NET 4. With the few programs I tried, it failed as it didn't have some of the functions required either to compile or run such programs. Unfortunately, .NET is a huge framework which handles several things (really, many many things) for you when you run programs written to use it, that's why it's so flipping difficult to successfully backport it. C#, XAML, Prism MVVM, JSON etc they all rely on .NET... not only that; we received updates for .NET in the past, which means that a new .NET framework (especially a custom made/backported one) might actually introduce new security issues in XP. We have to also back-port net updates from vista/7. I know we did it
FranceBB Posted September 9, 2016 Posted September 9, 2016 Yep, we both backported .NET 4.5, as I remember your screen as well Anyway, we will manage to backport it eventually, somehow... :')
Dibya Posted September 10, 2016 Author Posted September 10, 2016 10 hours ago, FranceBB said: Yep, we both backported .NET 4.5, as I remember your screen as well Anyway, we will manage to backport it eventually, somehow... :') surely. Rloew (many thanks!) fixed bsod of my kernel . Posting tomorrow as a separate thread namely extendedXP
Dibya Posted September 16, 2016 Author Posted September 16, 2016 ExtendedXP v0.03 is coming Soon. It will be far more stable and compatible. Due to forwarding trick it will never break old app comp ability. Most likely in Sunday , if i succeed to debug it properly . 2
FranceBB Posted September 16, 2016 Posted September 16, 2016 (edited) Bad news for the newer .NET framework. Unfortunately, Microsoft policy is to focus on sharing projects programs which will be able to run in both Windows Desktop and Windows Phone mode via the .NET Framework and Metro. Apps/programs in computers will be able to use geofencing, push notifications and new API have been introduced as well. The new targeted OS will be Windows 8.1 and Windows 10, leaving behind XP, Vista and Windows 7 as well. While it's a great thing to have these functions for developers as we will be able not only to share part of codes between Desktop programs and Mobile programs (as we used to do in 2014 with C# and XAML), but we will definitely be able to release a Windows App which works in Windows Desktop (but not vice versa) or to compile two different executables (for desktop and mobile) using part of the codes in both platforms, with the necessary exclusions in order to avoid compiling errors occurring while using Mobile APIs in Windows programs. As I said, this is great from a developer point of view, but it definitely doesn't represent a bright future for XP, Vista and 7. It seems like Microsoft is starting to inevitably encourage/push people to move from 7 to a newer OS. :| (Why is it bad for XP? Well, because it adds more complexity in any kind of backporting and is "cutting off" XP users from the whole world of Apps, and these Apps are gonna play an important role in the future)... :| Edited September 16, 2016 by FranceBB
Dibya Posted September 16, 2016 Author Posted September 16, 2016 (edited) I am not at all joking. If i had gonna die for xp to make it lives forever then i am here. Newer dotnets are becoming more crapy . Windows 10 is hell carped os . Windows xp/vista/7/8/8.1 are far better than it. I will make it compatible any how . We already have great guys here in msfn/ryanvm and other forum. Community is the biggest power. IF we want we can keep xp alive forever. I am not supporting pirates but still on most torrent site xp is seeded more than 7 . It proves that xp don't want to face death so soon. Windows Xp /server2003 functions are most stable in the world of windows history reason they are so stable. Windows XP lives forever Windows Server2003 Forever One thing friends , any of you know which files make server 2003 support GPT drives? Edited September 16, 2016 by Dibya
Recommended Posts