• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 359
  • Last Modified:

Kernel32.dll Question

Does anyone out there know where I can find documentation of kernel32.dll, user....etc?  I found LISTS of function calls, but no parameters for them, and no description.  If anyone could please point me in the right direction, it would be appreciated!  Thanks!

~Aaron
0
BudVVeezer
Asked:
BudVVeezer
  • 3
  • 3
  • 2
  • +3
1 Solution
 
kinkajouCommented:
Just a guess without verification but you may want to do a global find for some of those funcition calls on you machine, and I bet you will find at least their function names and parameters in files like Winuser.h (which is in my DevStudio\VC\include). Also, a neat tool included with MSVC++ is dumpbin.exe that you can use via command line to find out the IMPORTS or EXPORTS of any DLL/EXE. This would allow you to find out what functions the Kernel32.dll used, for instance.
0
 
nietodCommented:
Are you just looking for documentation for windows functions?

For that you want the windows SDK, MSDN,  or any development product that is distributed with the windows docs, like VC++, or BC.

Are you looking for informaiton on the windows internals?  for that see the Andrew Shulman "inside windows..." books.
0
 
nietodCommented:
What is it that you are hoping to learn/do?
0
Get your Conversational Ransomware Defense e‑book

This e-book gives you an insight into the ransomware threat and reviews the fundamentals of top-notch ransomware preparedness and recovery. To help you protect yourself and your organization. The initial infection may be inevitable, so the best protection is to be fully prepared.

 
xyuCommented:
BudVVeezer is new pretender on GetAdmin/SecHole family of hackers :)
0
 
BudVVeezerAuthor Commented:
LoL, thanks xyu, yeah, you ALMOST have it right.  I just like to KNOW things.  Doesn't matter what it is.  All I'm hoping to do is learn how to do new things, ya know?  Like registering things to/from the task list, how do disable cntrl-alt-del.  Stuff like that.  But it's NOT for hacking purposes.  If ya know of any FREE material, it would be appreciated, for I am a POOR college student!  Thanks!

~Aaron
0
 
alexoCommented:
Actually the so called "hacking" sites are full of free resources (the old-fasioned hacker did it for the sake of knowledge).  Best place to start looking is the alt.hack* and alt.2600 hierarchies on usenet (warning: 99% of what you'll see is crap).

The "legit" sites include www.sysinternals.com and the various magazines (www.microsoft.com/msj, www.ddj.com, www.cuj.com)
0
 
xyuCommented:
Good luck !!!!
0
 
Answers2000Commented:
Buy Microsoft Visual C++, Borland (now called Inprise C++) or another programming tool.  These contain the documentation you need.

Also buy a good book on Windows programming.  Petzold's books give a concise introduction to Windows progrmaming in C, I recommend Jeff Prosise for MFC (a Microsoft library for making it easier to write Windows programs) & C++.  Neither of these books will teach you the C/C++ program language, so buy an introductory book on that too if you don't already know that.

Incidentally the functions in thesese modules (Kernel, user etc) are the famous Windows API (Application Programmer Interface) so if you hear about that it's the same thing!

Finally if you are completely new to programming I'd suggest you start with Microsoft Visual Basic which is easier to get started with.
0
 
BudVVeezerAuthor Commented:
I'm not that new to programming.  And I'm not talking about typical API calls either.  I'm asking for the not-so-run-of-the-mill function calls.  UNdocumented schtuff.  I have Microsoft Visual C++ V5, but it's not enough to sate my curiosity!

~Aaron
0
 
Answers2000Commented:
OKay Bud/Aaron, sorry about that :-)

The functions you see are
(1) Export Window/Dialog Procs (called back, just like the Window/Dialog Procs in your code)
(2) Stuff used by device drivers (some "undocumented" functions are actually documented in the DDK)
(3) Functions internal to windows.  For example USER is supposed to sit on top of the documented functions in GDI & KERNEL, and USER on top of the documented functions in GDI.  However this is not how it turned out when writing (hacking together) Windows, for example sometimes one of these modules needs to get internal state from another module (e.g. exported variables, exported "helper" functions) or call in an unexpected direction (yes there is call or two from KERNEL to USER).
(4) Left overs - some functions appear to be internal to a module - but accidentally exported.
(5) A few undocumented calls and special hacks.  For example some common apps "relied" on bugs in earlier versions of Windows.  Windowws can actually reinstate many of these "bugs" for these apps that it knows about.

* Andrew Schulman has written a book on Undocumented Windows, which covers the functions in Win 3.1
* Matt Pietrik wrote an additional book on Windows Internals which explains a lot about how Windows works internally (3.1)
* MS removed a lot of the undocumented exports when moving from 16 to 32 bit - As apart of a general cleanup & to avoid accusations of using Windows ownership as an advantage in selling there apps.

If you buy either Pietrik or Schulman book, they explain how to disassemble functions and figure out the parameters to calls.  

0
 
Answers2000Commented:
(3) should have read:
.  For example USER is supposed to sit on top of the documented functions in GDI & KERNEL, and GDI on top of the documented functions in KERNEL.
0
 
BudVVeezerAuthor Commented:
That works for me!  =o)  Thanks for the info.  I was just perusing the kernel, user and gdi exports, and was coming across things like: ByeByeGDI and WinOldAppHackoMatic...any clues on WHAT these are for?  That's the kind of things I like to know about.  Do you know of any FREE docs, not books?

~Aaron
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

  • 3
  • 3
  • 2
  • +3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now