sys_get_kernel_syms “struct kernel_sym *table”,User-ModeSystem Call,table0,table0,for for (mod = module_list, i = 0; […]


ABC VPNVirtual Prinate NetworkPPP SERVER () ()VPNVPNVPNPPTP(Point-to-Point Tunneling Protocol,RFC2637)VPN InternetVPN LinuxLinuxVPNVPNLinux ()Linux(LAN-to-LAN)LinuxVPN ServerKernel 2.4.17PPTP(Point-to-Point Tunneling Protocol)PPP(Point to Point Protocol)SSH(Secure Shell)ClientWindows 2000Windows 2000PCMS WindowsWindows 2000 ()LinuxVPN LinuxVPN ServerNAT (Network Address Translation)PPP2.4.17 * * Networking options * Network packet filtering (replaces ipchains) (CONFIG_NETFILTER) Network packet filtering debugging (CONFIG_NETFILTER_DEBUG) * *IP: Netfilter Configuration * Connection tracking (required for masq/NAT) (CONFIG_IP_NF_CONNTRACK) ( NEW) m FTP protocol support (CONFIG_IP_NF_FTP) (NEW) m IRC protocol support (CONFIG_IP_NF_IRC) (NEW) m IP tables support (required for filtering/masq/NAT) (CONFIG_IP_NF_IPTABLES) [N/y /m/?] (NEW) m limit match support (CONFIG_IP_NF_MATCH_LIMIT) (NEW) m MAC address match support (CONFIG_IP_NF_MATCH_MAC) (NEW) m netfilter MARK match support (CONFIG_IP_NF_MATCH_MARK) (NEW) m Multiple port match support (CONFIG_IP_NF_MATCH_MULTIPORT) (NEW) m TOS match support (CONFIG_IP_NF_MATCH_TOS) (NEW) m LENGTH match support (CONFIG_IP_NF_MATCH_LENGTH) (NEW) m TTL match support (CONFIG_IP_NF_MATCH_TTL) (NEW) m tcpmss match support (CONFIG_IP_NF_MATCH_TCPMSS) (NEW) m Connection state match support (CONFIG_IP_NF_MATCH_STATE) (NEW) m Packet filtering (CONFIG_IP_NF_FILTER) (NEW) m REJECT target support (CONFIG_IP_NF_TARGET_REJECT) (NEW) m Full NAT (CONFIG_IP_NF_NAT) (NEW) m MASQUERADE target support (CONFIG_IP_NF_TARGET_MASQUERADE) (NEW) m REDIRECT target support (CONFIG_IP_NF_TARGET_REDIRECT) (NEW) m Packet mangling (CONFIG_IP_NF_MANGLE) (NEW) m TOS target support (CONFIG_IP_NF_TARGET_TOS) (NEW) m MARK target support (CONFIG_IP_NF_TARGET_MARK) (NEW) m LOG target support (CONFIG_IP_NF_TARGET_LOG) (NEW) m TCPMSS target support (CONFIG_IP_NF_TARGET_TCPMSS) (NEW) m ipchains (2.2-style) support (CONFIG_IP_NF_COMPAT_IPCHAINS) (NEW) m ipfwadm (2.0-style) support (CONFIG_IP_NF_COMPAT_IPFWADM) (NEW) m * * Network device support * PPP (point-to-point protocol) support (CONFIG_PPP) m PPP support for async serial ports (CONFIG_PPP_ASYNC) (NEW) m PPP support for sync tty ports (CONFIG_PPP_SYNC_TTY) (NEW) m PPP Deflate compression (CONFIG_PPP_DEFLATE) (NEW) m PPP BSD-Compress compression (CONFIG_PPP_BSDCOMP) (NEW) m * * Kernel hacking * Kernel debugging (CONFIG_DEBUG_KERNEL) y …… […]


int MainDaemon(void *cpu_poing)MainDaemon0MainDaemon1QueueManagement DaemonMainDaemonint WaitForHeaders(CPUNR)(waitqueue_decode.bmp) int WaitForHeaders(CPUNR) 1.Http Request 2.kHttpdUser Mode Web Server int WaitForHeaders(CPUNR) 2DecodeHeader 4~8IsForUserSpace!=0UserspaceQueue 9~12IsForUserSpace==0DataSendingQueue static int DecodeHeader(const int CPUNR, struct http_request *Request) 2http 3URL 4Mime 5~10MimeUser Mode Web ServerIsForUserSpace 11~15URLUser Mode Web ServerIsForUserSpace 16~28kHttpdkHttpd 18~22cache 23~27ClientcacheClientcache (Request)MainDaemonint WaitForHeaders(CPUNR) 1.ClientcacheMainDaemon(stack_send_httpdheader.bmp)Send304()SendBuffer() 2.MainDaemonSendHTTPHeader(Request)HTTPDataSending(CPUNR)SendBuffer_async()(stack_send_httpheader.bmp) 3.MainDaemonint Userspace(const int CPUNR)User Mode Web Server int Userspace(const int CPUNR) 2AddSocketToAcceptQueueUser Mode Web Server 4User Mode Web Server 8~9User Mode Web ServerHttp static int AddSocketToAcceptQueue(struct socket *sock,const int Port) User Mode Web ServerUser Mode Web Server 4.kHttpd key inkHttpd(stop)(MainDaemon.bmp)sysctl_khttpd_stop1MainDaemon0MainDaemon1Management Daemonkey in(unload)(managementdaemon.bmp)Management Daemon 5. […]

Windows NT保護子系統

() SUBSYSTEM()Windows NT(POPUP MENU) \WINNT\SYSTEM32\*.SYSNTDevice DriverSYSSubsystemImage doesnt require a subsystem()Win32 GUI()Win32 Console Mode () () () Inside NT Second Edition Creating Process()EXE.Windows NT Executive Process Object Inside Windows NT Second EditionHint(()()()) () ()NT (1)CMD.EXE:*.BATDOS Command(:DIR..etc)CMD.EXEAUTOEXEC.BATDOS BOX?NTDOS BOXCMD.EXECMD.EXEDOS BOXCMD.EXEDOSCOMMAND.COMCOMMAND INTERPRETER (2)NTVDM.EXE:DOS BOXDOSNTVDM.EXEDOSDOSNTVDM.EXEDOS DOSWin16 NTVDM.EXEWin16 (3)Win 32Windows NTWin32POSIXOS/2 () ()EXE DLL Services.exe Service Controller Process Winlogon.exe Logon Process Smss.exe Session Manager Process Psxss.exe POSIX Subsystem Process OS2ss.exe OS/2 Subsystem Process Csrss.exe Win32 Subsystem Process Ntdll.dll Internal Support Functions and System Service Dispatch stubs to Executive Functions Kernel32.dll Win32 Subsystem DLLs User32.dll GDI32.dll Psxdll.dll POSIX Subsystem DLL NTOSKRNL.EXE Executive and Kernel Hal.dll Hardware Abstraction Layer Win32k.sys Win32 User and GDI Kernel-mode Components () Win32 Windows NTWin32Win324Process Process PID Pri System 0x02 8 Smss 0x19 B Csrss 0x21 D Idle 0x00 0 Win32Windows NTWin32CSRSS.EXE? […]

Windows 98核心介紹

Windows 95,Andrew Schulman Unauthorized Windows 95 Developers Resource Kit,,Windows,Windows 98,,Windows 98,,,Windows 98Windows NTWindows 2000(NT),,Windows 98,Windows NT Windows 2000 ,Wnidows 98(),, VMM32.VXDLoadVXD,Ring 0,VMM32.VXD,Windows 98(95)Ring 0,VXD,.,VXD(LE),VXD(),,krnl386.exeVMM32.VXDDPMI Client DPMI Server,VMM32.VXDkrnl386.exe( krnl386.exeNE,16-bit),Andrew Schulmancommand.comkrnl386.exe,v86 DOS,Windows 98,WinICE,WindowsDOS V86WinICE,C:\Ctrl+DWinICE,()<Step 1>EXEHDRkrnl386.exe,krnl386.exeKernel,()<Step 2>krnl386.exe,NE,()<Step 3>krnl386.exeEXITKERNEL,krnl386.exeV8616 bit,,Kernel32.dll(Windows System Programming SECRECTS<Matt Pietrek>VWIN32.vxd ,Kernel32.dll,krnl386.exe),Windows 98Shell(system.iniShell = explorer.exe),,.,,Andrew SchulmanWinFile.exeExplorer.exe,Shell,Windows 98(95)Explorer.exe,,,Win 32,,,Win32 () () DriverVXD Service Windows 9820(),()<Step 1> […]