Jump to content

[Cancelled by the Author] Extended Kernel for XP (ExtendedXP)


Dibya

Recommended Posts


None at run-time for XP. ImportPatcher or others manually pre-run.

Vista's explicit-load-of-DLL's-that-use-implicit-TLS problem might be solvable by simply adding the delayed dependency to the import table. I'm working on adding support for this, plus automation and more to ImportPatcher.

Link to comment
Share on other sites

Here it is http://www.mediafire.com/file/96cw6qen6dn6yr5/EXTENDEDKERNEL_SRC+CODE.7z

It is a modified kernel ex for 9x . It does works but breaks kernel32,ntoskrnl while patching.

Probably some changes may be required to make it XP friendly. If anyone play around with this one please use VM as their are chances of destroying your os.

If possible if somehow kernel ex section created before .rsc that improves stability. Petool by wildbill able to create section before .rsc

Edited by Dibya
Link to comment
Share on other sites

https://www.codeproject.com/Articles/14360/Injective-Code-inside-Import-Table

Import table runtime redirector is used previously by me for game hacks.

Here is a outstanding patch less API redirection engine but .ini support is needed so that easily it can be configured for redirecting desired API into my own wrapper.

Edited by Dibya
Link to comment
Share on other sites

Sorry, I am not familiar with old versions of KernelEx or XP internals. I recommend using KernelEx v4.5.1 instead.

The code injection article is only for modifying the behavior of existing functions, not for adding missing ones.

If we add a large implicit TLS data section to Kernel32.dll, that should solve the thorny reallocation problem. Then LoadLibrary just needs to properly initialize the TLS selector index.

Edited by jumper
Link to comment
Share on other sites

Jumper if I adjust kernel ex 4.5.1 will it work on XP. Please explain me more about kex4.5.1

Edit: jumper if you can clean up the code of kex4.5.1 and add ini support like below. I will be greatly helped.

Ini may be like this

; API redirection list 

Kernel32.Getthreadid =exkernel.Getthreadid

; Application exception

Avast.exe 

I wish to write my wrapper in assembly as that gives me maximum flexibility.

Edited by Dibya
Link to comment
Share on other sites

KernelEx 4.5.1 is 4.5.2 without the VXD. Application exceptions are supported. Just patch Kernel32.dll like you already have experience doing. Identifying the undocumented entry points will be the challenge. Kexstubs.dll should work with it. Kexstubs.ini provides all the API addition and redirection you want.

Link to comment
Share on other sites

  • 1 month later...

Is there a list of what common programs will function under this modified kernel anywhere? ^^

I could try to compile a list of things if needed if I decide to boot up a VM - there's no way I'm doing testing on my real install. Feel free to give me things to test ^^

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...