Solved

WINOLDAP-VM ID Link at VxD Ring 0 level

Posted on 1998-03-28
4
333 Views
Last Modified: 2013-12-03
At ring0 you can obtain thru THREADHANDLE the information of the current process. But when the active application is a DOS box, no information is in there THREADHANDLE. A WinOldAp thread is started with each DOS box. I need to know how a THREADHANDLE of a VM ID is linked to is WINOLDAP process at ring0 level.
0
Comment
Question by:cessi0g
  • 2
4 Comments
 
LVL 1

Expert Comment

by:rayofunreal
ID: 1412397
Which compiler U are using ?
0
 
LVL 2

Author Comment

by:cessi0g
ID: 1412398
I'm using VToolsD with Microsoft Visual C++ v5.0.
0
 
LVL 1

Expert Comment

by:rayofunreal
ID: 1412399
I try to find it in my docs, if here is any exception with virtual dos machines. I mean that there can be problem with VMM. You know that without Bill, we have no fun ;-)
0
 
LVL 2

Accepted Solution

by:
tonp earned 100 total points
ID: 1412400
Your question isn't totally clear about what you want. As I understand it, you want to know how a threadhandle is linked to a winoldapp. However, there is no thread hanlde for a dos-program running in a dos box. There's only the winoldapp thread, the dos program isn't running as a win32 process.

What you need to do is the following:

1. First see if the current process is a dos program.

use Get_Cur_VM_Handle and test the cb_vm_status
test    [ebx+cb_vm_status],vmstat_pm_app

If not a PM app, we have a dos program

2. Use Get_Set_Real_DOS_PSP to get the dos PSP, which is the equivalent of your win32 thread handle.

Ton

0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

In this article, I will show how to use the Ribbon IDs Tool Window to assign the built-in Office icons to a ribbon button.  This tool will help us to find the OfficeImageId that corresponds to our desired built-in Office icon. The tool is part of…
This article describes a technique for converting RTF (Rich Text Format) data to HTML and provides C++ source that does it all in just a few lines of code. Although RTF is coming to be considered a "legacy" format, it is still in common use... po…
This is Part 3 in a 3-part series on Experts Exchange to discuss error handling in VBA code written for Excel. Part 1 of this series discussed basic error handling code using VBA. http://www.experts-exchange.com/videos/1478/Excel-Error-Handlin…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now