Jump to content

Remodeling Windows XP Kernel32


Dibya

Recommended Posts

Actually there is really a need of a compability Layer for Windows XP.

I have managed AcrobetReaderDC work thanks a lot jaclaz and BlawingCat for helping me out.

It is very much tough to add api calls by tracing with debugger and adding with HexEDitor.

Thread is all about dedicated to reversenginearing and Making Xp more compatible also breaking its limit.

I hope everyone will share there knowledge and also give some feed backs.

Edited by Tripredacus
title
Link to comment
Share on other sites


Change the name of the topic in "Windows XP - KernelEx v1 pre-alpha" 'cause I made it!!

[Windows XP - KernelEx v1 pre-alpha]

Ladies and gentlement, we got a good news and a bad news.

The good news is that I have been able to integrate several functions from the Windows Server 2012 kernel into the XP one.

The bad news instead is that it fails during the boot after the Windows logo, trying to load it in my Virtual Machine.

tJ5UFrt.png

So... I would like you all to test it, but please, DO NOT run it in your daily OS, but in a test environment that you are ready to screw up.

You can find my dll at the very end of this post. Rename it.

Besides, I would like to talk with blackwingcat to know how he did the KernelEx for the former Windows, 'cause it seems that my simple way of importing functions simply doesn't work.

So... feel free to test it and let me know whether is just about my Virtual Machine (running using Linux) or other serious matters.

Thank you all in advance.

p.s if you open it with DependencyWalker, you will find out which functions I have imported and an error message will pop up as well, saying: "Error: At least one module has an unresolved import due to a missing export function in an implicitly dependent module."

I'm also writing down a list of all the functions that are missing in the normal XP kernel.

Kernel: https://drive.google.com/file/d/0BzH7YVbfkU3oWl84c2lVb0FYX3M/view?usp=sharing

Edited by FranceBB
Link to comment
Share on other sites

With all due respect to everyone involved :), I can't stand this.:realmad:

I do realize how I am old, grumpy and essentially a bastard at heart :w00t::ph34r:, so feel free to completely ignore the contents of the spoiler, it is probably just me on a bad day, but I have to write it.

Spoiler

1) Dibya, you really could do with a spell checker, I know you are not native English speaking, but writing with at least correct spelling (some proper grammar would also help, but let's start with basic spelling) would show that you are putting some attention to what you write and show some respect to other members/readers.

2) the ONLY name for the *whatever* that will (hopefully)  come out of this that SHOULD NOT be used is KernelEx, we already have the KernelEx that adds a compatibility layer to Win 9x/Me for 2k/XP compatibility by Xeno86 and others, and the KernelEx for Windows 2000 by Blackwingcat, do we really need a third project with the same name to create even more confusion?

3) FranceBB, what would be the point of testing your kernel.dll? Reproducing a blue screen of death? if it doesn't work for you, chances that it will work for anyone else are near to 0 (zero). The general idea of testing - even if in Alpha or pre-Alpha stage is that the *whatever* works as intended AT LEAST on the developer's machine. Right now all you created is seemingly nothing but a (nice) BSOD generator.

jaclaz
 

Link to comment
Share on other sites

True, but I didn't know whether it was related to my virtual machine or not (probably not). Point is that I tried adding them in a few different ways, but I failed, that's why I wanted to ask someone more prepared to check it and find out what's going on. I mean, I don't want to reproduce a blue screen, with people standing at the screen and saying "oh, well, it doesn't work". I truly hope that someone will try it and figure out what's going on and why isn't working. 

That said, I can't figure out what's wrong with that. More than a beta testing, I would like some developer like Blackwingcat (or someone really experienced like yourself) to take it and try to find out the issue.

P.s you were the one who suggested several stuff, without you I wouldn't even have tried this and I'm totally grateful to you, believe me, I really am. And I will follow any other suggestions you (and the others) will give me.

Edited by FranceBB
Link to comment
Share on other sites

Well, you could first try that thingy "as is" in other virtual machines, Qemu (the version included with Qemu Manager has worked excellently for XP), you can get it through the Wayback Machine and it is one of the most similar to real machine VM's:

http://web.archive.org/web/20120607071209/http://www.davereyn.co.uk/download.htm

http://web.archive.org/web/20120506095037/http://www.davereyn.co.uk/qem/setupqemuk70.exe

AND VirtualBox:

https://www.virtualbox.org/wiki/Downloads

And thank you for the "really experienced" :), but these modifications/changes are well outside (actually over my head) my field of experience and knowledge, at the most I can suggest you are some generic troubleshooting paths.


Maybe you attempted to do too many things all together, I mean how many functions did you add? 2, 13 or 47? Try with just a handful of them (or even better only one) and see if the thingy BSODs as well, if it does it should mean that is the method/way you attempted to do the edits that is flawed, if it doesn't try adding a few more and see what happens.... I doubt that anyone will want to assist you until you have something at least minimally working.

I know that it sounds rude, but consider it from the outside, in perspective.

The limitations (actually few) of the XP kernel are not a "new" issue, why someone (the few people with enough knowledge and with the "right kind" of knowledge) would not have already started such a modification project? And if they didn't, what make you think that they are going to take your not (yet) working *whatever* and fix it?

Imagine that you have a lawn mower that doesn't want to start, one thing is if you, after cleaning the carburetor, changing the spark plug, etc., manage to have it start but it doesn't run "round", you go to your neighbour (who is an experienced car repairer) and ask him if he can help you tune the engine idling speed, and another is if you disassemble the mower, badly reassemble it, put all excess pieces you weren't able to assemble in a box then bring the half assembled mower and the box to your neighbour saying, "it doesn't start, find out what's wrong with it".

jaclaz
 

Edited by jaclaz
Link to comment
Share on other sites

@FranceBB

Hi there are TOO many dependency left to be fixed.

you have linked your dll with Kerenal32 where that dll need to be linked with server2012 kerenal32..

Boom there are few weired problem in your dll.

Check it by Breaking it with PeExplorer or any disassembler you like and fix those problem with Ida Pro or Any Hexediting tool you like.

Edited by dencorso
Merged posts because of unwarranted bumping...
Link to comment
Share on other sites

@FranceBB: You want to learn something? Get yourself the latest version of WildBill's 2k kernel32.dll rewrite (it's functional but not fully debugged yet) and study it dilligently. And while at it, do also muse over why has it taken so long for WildBill (who is in the real big league) to write it (and why he decided to rewrite instead of just adding functonality to the existing MS one) and to debug it to the poit it reached (which is early beta)...

Link to comment
Share on other sites

I was thinking you might have more luck using Windows Server 2008 R2, based on Windows 7.

Windows Server 2012 is based on Windows 8.x and may be too new with multiple incompatibilities, other than those you have posted here.

Link to comment
Share on other sites

The use of Kerenal instead of Kernel seems to have a large relation to posters from India, and I suspect that it is a romanization or translation artifact. In either case, @Dibya should make an effort to spell the word correctly, especially when talking about a known file name such as Kernel32. This should be done not only because it is annoying to our users (see above) but also so that if people were to search for Kernel/32 in Google, they will be able to find these threads and might join in the conversation.

Link to comment
Share on other sites

8 hours ago, Tripredacus said:

The use of Kerenal instead of Kernel seems to have a large relation to posters from India, and I suspect that it is a romanization or translation artifact.

Possibly also the vagaries of English spelling when the word spelled colonel is a homophone of kernel.

Link to comment
Share on other sites

True, but making an effort to spell correctly shows respect to users and interest in what one's doing and talking about.
I can see you do it, and I do it, too... and neither of us is a native speaker of English, AFAICS...


 

Link to comment
Share on other sites

@PROBLEMCHYLD

Best way is to trace aoi with any debugger you like(I prefer one included with Visual Studio 2005) and add those api in the other dll by using any hexeditor .

For Example GetthreadId api ordinal hex value is CC FF and it can be added in kernel32.dll in offset 0x0177C.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...