Dubby

Member
  • Content count

    18
  • Joined

  • Last visited

Community Reputation

1 Neutral

About Dubby

Contact Methods

  • Website URL
    http://

Profile Information

  • OS
    Windows 7 x64
  • Country
  1. #include <Windows.h> #include <winternl.h> #include <stdio.h> typedef struct _CLIENT_ID { PVOID UniqueProcess; PVOID UniqueThread; } CLIENT_ID, *PCLIENT_ID; typedef LONG KPRIORITY; typedef struct _THREAD_BASIC_INFORMATION { NTSTATUS ExitStatus; PVOID TebBaseAddress; CLIENT_ID ClientId; KAFFINITY AffinityMask; KPRIORITY Priority; KPRIORITY BasePriority; } THREAD_BASIC_INFORMATION, *PTHREAD_BASIC_INFORMATION; typedef NTSTATUS (NTAPI *NtQueryInformationThread_proc)( IN HANDLE ThreadHandle, IN THREADINFOCLASS ThreadInformationClass, OUT PVOID ThreadInformation, IN ULONG ThreadInformationLength, OUT PULONG ReturnLength OPTIONAL ); DWORD __stdcall GetThreadID(HANDLE hThread) { static NtQueryInformationThread_proc NtQueryInformationThreadPtr = (NtQueryInformationThread_proc)GetProcAddress(GetModuleHandleW(L"ntdll"), "NtQueryInformationThread"); THREAD_BASIC_INFORMATION threadInfo; threadInfo.ClientId.UniqueThread = 0; NtQueryInformationThreadPtr(hThread, (THREADINFOCLASS)0, &threadInfo, sizeof(threadInfo), 0); return (DWORD)threadInfo.ClientId.UniqueThread; } int main() { printf("%d\n", GetCurrentThreadId()); //uncomment this line on vista or later //printf("%d\n", GetThreadId(GetCurrentThread())); printf("%d\n", GetThreadID(GetCurrentThread())); } @Dibya I assume, you know C... Something like that should work on XP as a GetThreadId replacement... I take no credit to the code.. I found the it as a snippet somewhere a while ago (forgot, sorry..) and modified it a bit...
  2. Hmmm... I was able to boots just fine even with vmware shared folder enabled using kernel rewrite v.4 ... I'm also have full acces into it... It's a vanilla system with usp 5.1 if I'm not mistaken.. Sent from my GT-I8190 using Tapatalk
  3. @NorthAzimuth this may helps: http://support.microsoft.com/kb/318447
  4. I found Bug in your SearchPathA function.. please examine carefully at "result variable" at line 28898, kernel32.cpp, the "result" is initialized with zero thus causes the last param for RtlUnicodeToMultiByteN to zero... maybe you intended to put something else there?
  5. l'm really sorry, currently I'm away from my development PC, where I store the logs. I have also confirmed that the file is indeed corrupt. I managed to extract only a single file. here the log I managed to extract.. the log produced while I'm attaching olly into explorer processes.. hope this helps..
  6. I have tried your kernel... and I was unable to debug anything using ollydbg... so I pick another way... I'm attaching the olly to explorer process. here is the LOG file produced by olly.. there are two LOGs files.. the name of the file should be obvious... I have no idea whether this is useful or not... btw you have done such an impressive work... hope this helps... log.zip
  7. it;s already covered here: the last post..
  8. go to askvg.com. he has a detailed guide on using resource hacker and replacing system files. so sorry I really need to sleep right now...
  9. it's on the MUI files inside your locale folder (what is the correct term?) like EN-US for English US, the folder is reside in the same directory where you found the DLL files. You can open the MUI files with resource hacker and see the dialog there..
  10. I'm sorry but I'm curious, about the merging two files or maybe more. so the main goal is merging the inf(s) and collecting all the listed files into single updates, right? so the structure is exactly the same of each update? is there any "qfe" or "gdr" branch like the XP ones? is it different from service pack? so why we're not write a program/software to automate it..? err sorry just my personal thought..
  11. Just load it into Paint included with Windows (desktop) and save it as BMP. BMP images need alpha channels for transparency when PNG doesn't therefore doing that will remove the transparency. Oh well. Hopefully SiB will support PNG later. just use "alpha image convertor" for converting PNG -> BMP and vice versa for keeping the alpha channel.. google it with the exact phrase including the quotes. It should be somewhere in the internet...
  12. hello... Actually I have take a look on it.. but unfortunately I have no win2k system ATM (its still being repaired..),, and I have only vc2010 express MASM32 package.. so I just tried to recompile them.. the first is csrsrv... I got it succeed.. but when I tried to recompile basesrv... it complain that I'm missing for some import from csrsrv, I have copied the produced LIB from csrsrv... but still did not succeed.... because the basesrv need functions from csrsrv as Stdcall... because of curiosity I open up the csrsrv .lib with Hex editor then tried to search the missing export.. And I don't know is it right or not but adding extern "C" before exported function solve my problem... --> the produced lib contain correct export lists... since I have not programming in C/C++ for a long time, I almost forgot the languages.. (I'm still trying to starting over) well I don't know its help or not... anyway you have done such a great job...
  13. Hello again.. it's Already done and posted.. just search for 32-bit icon patch for regedit... in XPize subforum..
  14. Hi guys., it's easy to update the wordpad toolbar,, you just need to replace the bitmap with 32-BIT ones..
  15. Sorry for late answer... It's already described here