FantasyAcquiesce Posted December 18, 2016 Share Posted December 18, 2016 (edited) I'm hoping to contribute expanding KernelEx one day (But I honestly have no idea how to code). I downloaded the Hex editor and Dependency Walker linked on Jumper's kernelex project page. So far I'm figuring out how to use this thing, could I remove parts of the code that prevent the program from installing on Windows 9x? Doing a little experiment with NanoBrowser and Sleipnir 3, so far these two are the only web browsers I've found without any missing dependencies that give errors in the program. I'm extremely new to this hex editor stuff and have no idea what grey means. Both refuse to open because of my windows version. I also downloaded Microsoft's SDK for Win 9x as well (Never really used C++ before...) Edited December 19, 2016 by ~♥Aiko♥Chan♥~ Link to comment Share on other sites More sharing options...
schwups Posted December 21, 2016 Share Posted December 21, 2016 A detailed description comes with the Dependency Walker (DEPENDS.CHM). The symbols are explained in "Understanding the Module Session". Be aware, that the Dependency Walker doesn't show any API functions supported by KernelEX. The subject is very complex. I hope I'll have more time to learn in the future. 1 Link to comment Share on other sites More sharing options...
Dibya Posted December 22, 2016 Share Posted December 22, 2016 You can directly put api in kernel like blackwingcat Use following methods *Expand Export table and add new section with pemaker. *Trace out code ida pro or win32dasm *Put code somewhere in your newly added section *Point the Real entry (RVA) with pemaker with the function name *Adjust relocation with pemaker I personally use MODEXP by Rloew for most work also pemaker greatly helps. You can use cff explorer for getting rva from file offset Dependency of setup will not do anything try extracting setup then check extracted main exe dll files with dependency walker . I have no idea how kernelex for 9x work . Any one can explain me? 1 Link to comment Share on other sites More sharing options...
FantasyAcquiesce Posted December 26, 2016 Author Share Posted December 26, 2016 (edited) On 12/22/2016 at 7:35 AM, Dibya said: You can directly put api in kernel like blackwingcat Use following methods *Expand Export table and add new section with pemaker. *Trace out code ida pro or win32dasm *Put code somewhere in your newly added section *Point the Real entry (RVA) with pemaker with the function name *Adjust relocation with pemaker I personally use MODEXP by Rloew for most work also pemaker greatly helps. You can use cff explorer for getting rva from file offset Dependency of setup will not do anything try extracting setup then check extracted main exe dll files with dependency walker . I have no idea how kernelex for 9x work . Any one can explain me? Now I just need to figure out where the dll's are located in Windows 98...I have no idea how to really code so I'm going to go through a bit of trial and error with making stubs. This is gonna be a lot of fun >.< (If I can even get started and figure out where the important things are) What's MODEXP? Could you share it with me? Edited December 26, 2016 by ~♥Aiko♥Chan♥~ Link to comment Share on other sites More sharing options...
Dibya Posted December 26, 2016 Share Posted December 26, 2016 13 minutes ago, ~♥Aiko♥Chan♥~ said: Now I just need to figure out where the dll's are located in Windows 98...I have no idea how to really code so I'm going to go through a bit of trial and error with making stubs. This is gonna be a lot of fun >.< (If I can even get started and figure out where the important things are) What's MODEXP? Could you share it with me? You can ask Rloew it costs $11 . You can do same with pemaker Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now