May 2007 - Posts
The problem is to skip out of a kernel driver that we don't have symbols for - what's the best way to break on calls out of that driver. If you used pc (step until the next call instruction), you would hit calls that are inside that driver. Here's another
Read More...
I've looked at this a couple times , but here's another way to break when the error code you're looking at is being returned. .while(@eax != 0xc0000005) { t ; reax } If you want to avoid the output noise, you can do something like this: .while(@eax !=
Read More...
Here's a question that came up a work a little bit back - thought I would share the result around. There is a coding pattern (that I don't ever really use so I may be messing it up) that works like this: T1 res1; T2 res2; T3 res3; res1 = GetRes1(); if
Read More...
The goal I think that most things don't need to require a UAC prompt to install - just install it for that user. Why not make the MSI so it doesn't prompt and your users get a smoother experience? (Also, I feel much better installing a program that doesn't
Read More...