KernelXE - My Unofficial Windows 2000 Kernel

[Ximonite]

Summary:

For a long time, there have been 2 choices for extended kernels and both of them have their exclusives that aren't present in the other extended kernel. WildBill's extended kernel has many exclusive ntdll functions, SxS support, and a few exclusive functions in other files. BlackWingCat's extended kernel has many exclusive kernel32 functions (and some in other files). The big issue is that ntdll and kernel32 cannot be mixed, forcing people to choose between a better kernel32 or a better ntdll. The main goal of KernelXE is to eliminate this issue.

⚠️ This is beta software. Don't expect it to be stable. ⚠️

KernelXE Lite:

KernelXE Lite is a smaller and reduced version of KernelXE that only contains files that are stable and compatible with BlackWingCat's extended kernel.

KernelXE Lite is not compatible with full KernelXE and is meant to be installed on top of BlackWingCat's extended kernel.

rv1 changes:
Added custom BlackWingCat ntdll.dll with RtlIpv6StringToAddressExW and RtlSetLastWin32Error.

⚠️ Make sure to install the WildBill Update Collection BEFORE KernelXE. It is required and your system will be unbootable if you install KernelXE first. ⚠️

Downloads:

KernelXE v0.2.4.2

KernelXE v0.2.5-rv1 Lite

WildBill Update Collection

The future of KernelXE and what I have been doing:

As kernel32 grew, problems started to occur, like blank spaces in code, bugged code, and not enough space to add certain things.
I decided to re-extend kernel32. This means redoing the entirety of .patch, which is where all non-Microsoft code is stored.
Specifically in kernel32, I haven't had enough space in .data to add the data needed for some LCID related functions that are extremely commonly used in programs.
I have already re-extended gdi32, and I may re-extend some other file if I need to.
There won't be a new release of KernelXE for a long time, but when it finally comes, KernelXE may actually be a suitable alternative to BlackWingCat's extended kernel.

Changelog:

Public Beta 1:
Initial Public Release

Public Beta 2:
Exported real CreateActCtxW as CreateActCtxB to prevent explorer.exe crashing.
Added CreateActCtxW stub to take care of programs that call it while fixing the real function.
Moved QueryUnbiasedInterruptTime, SetThreadStackGuarantee, K32EmptyWorkingSet, and GetNativeSystemInfo to .text
Added idndl.dll, normaliz.dll, and the nls files normaliz.dll uses to the update package.

v0.2.3:
First version of KernelXE with new versioning system
Full changelog inside update installer.

v0.2.3.1:
Added updated DirectSound library
Added updated hotplug.dll and stobject.dll
Added Windows Server 2003 msvcrt.dll
Added BlackWingCat's Reiwa compatible locale.nls

v0.2.4:
Added PAE
Added this HAL Timer fix
Added Windows Vista msvcrt.dll
Added KeAcquireInStackQueuedSpinLockRaiseToSynch and HalConvertIdtToIrql to all HALs
Added KernelXE branded bootscreens
Added some ntoskrnl functions (list in full changelog)

v0.2.4-rv1:
Added exFAT stuff (update.inf was weird)

v0.2.4.1:
Removed exFAT stuff
Fixed and cleaned up update.inf
Replaced Vista msvcrt with Server 2003 msvcrt (Vista msvcrt causes a BSOD related to winsrv)
Added Kernel Mode Driver Framework
Added WinUSB

v0.2.4.2:
Added some user32 stubs requested by piotrhn
Added a missing piece of code in CreateActCtxB
Updated msvcrt to 7.0.6002.22755 (Vista)
Changed version block to check if the NT major version is 5 and removed NT minor version checking.
Fixed loading bar not appearing in bootscreen
Lots of new files

Programs:

Relocation Section Editor - Only one that handles huge relocation tables like the one in ntoskrnl.
Executable | Source Code

 

Edited February 23, 2021 by Ximonite

[Mov AX, 0xDEAD]

Hi Ximonite,

any source code available ? or all functions was ripped as disassembly ?

[Ximonite]

30 minutes ago, Mov AX, 0xDEAD said:

Hi Ximonite,

any source code available ? or all functions was ripped as disassembly ?

Almost all of the code was taken from other files, and the code that wasn't was written in IDA.
Yes, I actually wrote code in IDA.

[windows2]

Sir, did you find a solution to match umdf 1.0 with windows 2000?

[Ximonite]

58 minutes ago, windows2 said:

Sir, did you find a solution to match umdf 1.0 with windows 2000?

I have not tested UMDF 1.0 on Windows 2000, but it is something I plan to test at some point.

The next thing planned after KernelXE R2 is a feature pack update for Windows 2000. UMDF 1.0 is one of these components I plan to add to this feature pack update. For Windows 2000 updates, my main priority right now is KernelXE R2 and that will be my main priority until sometime (hopefully) early next year.

[windows2]

Just now, Ximonite said:

I have not tested UMDF 1.0 on Windows 2000, but it is something I plan to test at some point.

The next thing planned after KernelXE R2 is a feature pack update for Windows 2000. UMDF 1.0 is one of these components I plan to add to this feature pack update. For Windows 2000 updates, my main priority right now is KernelXE R2 and that will be my main priority until sometime (hopefully) early next year.

Please tell me when you are solving this problem. Thank you 

[piotrhn]

10 minutes ago, Ximonite said:

I have not tested UMDF 1.0 on Windows 2000, but it is something I plan to test at some point.

The next thing planned after KernelXE R2 is a feature pack update for Windows 2000. UMDF 1.0 is one of these components I plan to add to this feature pack update. For Windows 2000 updates, my main priority right now is KernelXE R2 and that will be my main priority until sometime (hopefully) early next year.

Hi,

Please make KERNEL UPDATE for Windows NT 4.0, junior600 started but his project is dead... ;/ https://msfn.org/board/topic/176748-windows-nt-40-api-wrapper/

Edited November 9, 2020 by piotrhn

[Ximonite]

2 minutes ago, piotrhn said:

Hi,

Please make KERNEL UPDATE for Windows NT 4.0, junior600 started but his project is dead... ;/ https://msfn.org/board/topic/176748-windows-nt-40-api-wrapper/

This is something I have thought of doing in the future. I may spend a bit of time on it now and see what I can do.

[piotrhn]

16 hours ago, Ximonite said:

This is something I have thought of doing in the future. I may spend a bit of time on it now and see what I can do.

i have programmed some functions for NT4.0 in old KEX by xeno86 engine: look & see attached asm file. You can copy these and manually put to kernel DLL, ofcourse you must add new import to NTDLL ;/, new functions in my asm:

GetConsoleWindow
GetFileSizeEx
GetProcessHandleCount
GetProcessId
GetProcessIoCounters
OpenThread
ProcessIdToSessionId
SetFilePointerEx
Heap32ListFirst
Heap32ListNext
Heap32First
Heap32Next
Toolhelp32ReadProcessMemory
Process32FirstW
Process32First
Process32NextW
Process32Next
Thread32First
Thread32Next
Module32FirstW
Module32First
Module32NextW
Module32Next

 

*My asm file is based on KERNEL version 4.0.1381.7227

kernel_nt4.asm

Edited November 10, 2020 by piotrhn

[Sergiaws]

Guys. What is exactly this? As far as I know. There's an extended kernel for Win2K created by Blackwingcat.

[Ximonite]

16 hours ago, Sergiaws said:

Guys. What is exactly this? As far as I know. There's an extended kernel for Win2K created by Blackwingcat.

It's my own Windows 2000 extended kernel. Since there are already 2 different extended kernels for Windows 2000 (not including mine) which have their own exclusive functions not found in the other, I made my own that includes everything from both existing extended kernels and a few extras.

The main goal of KernelXE is to remove the problem of losing any exclusive functions of one extended kernel by choosing the other one.

What I'm working on right now is the second release of KernelXE. The original KernelXE thread has information on what it is and this one will too once KernelXE R2 is released.

Edited November 16, 2020 by Ximonite

[Ximonite]

Status Update:

The first public beta of KernelXE R2 is out.

I have been experiencing a very weird issue on my bare metal test system.

Once KernelXE R2 is installed, explorer refuses to launch, but almost every program works completely fine. I also experience the same issue with Dependency Walker "generating errors" that win32 found in the original KernelXE with BWC files present, but there aren't BWC files present in my test machine. I have no idea what causes this kind of stuff to happen and I don't know if anyone else here on MSFN does either. Also, the .idata section that displays in IDA but isn't actually a section appears in the initial Public Beta 1, but not rv2.

[windows2]

The launch explorer may need a source update.

[windows2]

@Ximonite @win32 I have now tried Windows2000-KernelXE-x86-ENU.exe with newly installed Windows 2000 without any update BWC and the BsoD appeared. Even when I install a program Windows2000-KB2508429-v10-x86-ENU.exe and Windows2000-KB2479629-v3-x86-ENU.exe the same error occurs 

but sorry I noticed having a windows 2000 extended kernel option v30e (BWC) integrated with a Windows CD installed. Maybe that is why the blue screen appeared

Edited November 16, 2020 by windows2

[win32]

1 hour ago, windows2 said:

I have now tried Windows2000-KernelXE-x86-ENU.exe with newly installed Windows 2000 without any update BWC and the BsoD appeared.

You should install WildBill's updates before installing kernelxe as it's based on those files.

http://www.mediafire.com/download/vdbwx67dx34jezj/Windows2000-KB2479629-v3-x86-ENU.exe

http://www.mediafire.com/download/1agd8icjjbu5s4n/Windows2000-KB2508429-v17-x86-ENU.exe

I'm so excited just to have full raw input support. Just waiting for school stuff to quiet down and I will have an SSE-only test box.

Edited November 16, 2020 by win32
A rookie mistake.