Jump to content
MSFN is made available via donations, subscriptions and advertising revenue. The use of ad-blocking software hurts the site. Please disable ad-blocking software or set an exception for MSFN. ×

[WIP] Windows Vista Extended Kernel


win32
 Share

Recommended Posts

On 11/7/2021 at 11:14 PM, VistaLover said:

sorry for the very late reply

it does open without any errors but the most recent version requires netframework 4.8 so you're stuck on 13.0.1 or whatever the last was supporting nfw 4.6.2

Link to comment
Share on other sites


Just to let anyone know who is using a driver updater such as Driver Booster while osver.ini is in the Windows folder. When that file is present in the Windows folder, the driver updater will try to update your Vista drivers to the Windows 7 version. With this, it is better to update after getting Internet driver but before installing Extended Kernel and osver.ini. While you can continue on with the installation, most of the drivers will error out in Device Manager, forcing you to roll back. If your driver updater prompts you to update the drivers to the 7 version, just ignore that and all future updates to that device as it currently will not work.

It is thanks to Driver Booster thinking the 7 drivers would work that I ended up with a partially broken Intel Control Panel. Please do note that this white and blue control panel only appears if installing Intel HD 4000 Graphics on Windows 7 and later. Windows Vista and earlier get the black, transparent control panel (called Extreme Graphics) unless you have osver.ini and your driver updater installs the 7 driver.

Windows7Intel.JPG

Link to comment
Share on other sites

I can't get the os spoofer working. I use extended kernel with local redirection and .exe.local files. I can't get waterfox working, it's still tell that it's not a valid Win32 application. What would I need to do in order to use the Extended Kernel with Os Spoofer with the local redirection as I did with the normal extended Kernel?

Link to comment
Share on other sites

On 12/1/2021 at 10:26 PM, Sergiaws said:

I can't get the os spoofer working. I use extended kernel with local redirection and .exe.local files. I can't get waterfox working, it's still tell that it's not a valid Win32 application. What would I need to do in order to use the Extended Kernel with Os Spoofer with the local redirection as I did with the normal extended Kernel?

Try using CFF Explorer, load that exe file, go to Nt Headers\Optional Header, then change the MajorOperatingSystemVersion, MajorImageVersion, and MajorSubsystemVersion values to 0006, and change the MinorOperatingSystemVersion, MinorImageVersion, and MinorSubsystemVersion values to 0000

Edited by Brickedandroid
Link to comment
Share on other sites

can't use that program because it don't work with screen reading software. Maybe I'll install an English version of msdn's Vista SP0, update it and try to install there the extended kernel. However, I decided to answer here because @Win32 promised that the Os Spoofer would work with that kind of ExtendedKernel's installations, or that's what I understood.

Link to comment
Share on other sites

1 hour ago, Sergiaws said:

can't use that program because it don't work with screen reading software. Maybe I'll install an English version of msdn's Vista SP0, update it and try to install there the extended kernel. However, I decided to answer here because @Win32 promised that the Os Spoofer would work with that kind of ExtendedKernel's installations, or that's what I understood.

I don't think @win32 ever promised that

The main problem with using extended kernel with local redirection is that you can't redirect exe files. This makes it impossible to load extended kernel ntoskrnl.exe and winload.exe.

AFAIK the last version of Firefox you could run with local redirection was 64 (as showed in the @WinClient5270's video on the previous page).

Link to comment
Share on other sites

On 6/15/2020 at 4:13 PM, win32 said:
SetThreadErrorMode: 48 FF 25 D9 DC 05 00 CC
K32GetModuleFileNameExA: 48 FF 25 49 2D 04 00 CC

Hello Win32 ,I started yesterday to test the kernel extension based on your topic. Thank you for all these explanations. I want to ask you, where do you get these Hexa functions? I want to add some functions to kernel32 .dll for windows 2000. as an experience. Can I move the functions in the kernel32.dll export table for Windows XP or Vista 32bit? To the export table in the new kernel32.dll section for Windows 2000.?

  • Like 1
Link to comment
Share on other sites

4 hours ago, windows2 said:

Hello Win32 ,I started yesterday to test the kernel extension based on your topic. Thank you for all these explanations. I want to ask you, where do you get these Hexa functions? I want to add some functions to kernel32 .dll for windows 2000. as an experience. Can I move the functions in the kernel32.dll export table for Windows XP or Vista 32bit? To the export table in the new kernel32.dll section for Windows 2000.?

Those are stubs that I deprecated a long time ago. I now grab my code from newer versions of Windows using IDA pro or write my own (you can do it in C, then disassemble if you don't know asm well).

SetThreadErrorMode calls RtlSetThreadErrorMode in ntdll. Perhaps you can call RtlSetThreadErrorMode locally by putting it in kernel32.

K32GetModuleFileNameExA is the same as GetModuleFileNameExA in psapi.dll. In fact every function that starts with "K32" was originally in there. But I don't believe kernel32 can call psapi because psapi relies on kernel32.

  • Like 1
Link to comment
Share on other sites

1 hour ago, win32 said:

Ce sont des bouts que j'ai déconseillés il y a longtemps. Je récupère maintenant mon code à partir de versions plus récentes de Windows à l'aide d'IDA pro ou j'écris le mien (vous pouvez le faire en C, puis le désassembler si vous ne le connaissez pas bien).

 

This means I have to rewrite kernel32 .dll using IDA to browse to a newer code, for example XP  kernel32.dll code, and then rewrite it with C. Example open kernel32 .dll for Windows XP and rewrite it to C, but this is very difficult. Will functions in this way preserve their addresses, which other .dll files use for the request? . Do you mean like this, or do you mean to transfer a specific function code from IDA and then arrange it in C. Then turn it into an ASM code. Then to hexa and then add it to the new section in the export table. Do you mean like this?

Please simplify the talk for me. Because I hardly understand English, sorry :(

Link to comment
Share on other sites

3 minutes ago, windows2 said:

This means I have to rewrite kernel32 .dll using IDA to browse to a newer code, for example XP  kernel32.dll code, and then rewrite it with C. Example open kernel32 .dll for Windows XP and rewrite it to C, but this is very difficult. Will functions in this way preserve their addresses, which other .dll files use for the request? . Do you mean like this, or do you mean to transfer a specific function code from IDA and then arrange it in C. Then turn it into an ASM code. Then to hexa and then add it to the new section in the export table. Do you mean like this?

Please simplify the talk for me. Because I hardly understand English, sorry :(

Completely rewriting kernel32 will prove very difficult. And IDA's pseudocode is not always compilable without other changes, and may be incorrect.

But if you don't write anything in C, you can go into IDA, outline the entire function and go to "Edit -> export data". Then copy and paste that hex code into the target file, and find the starting address for the beginning of the hex code and then add an entry in the export table that references the starting address.

After pasting in the new function, you will have to fix up the imports, function calls and data references to ensure that will work somewhat.

  • Like 1
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.

×
×
  • Create New...