Exetools

Exetools (https://forum.exetools.com/index.php)
-   x64 OS (https://forum.exetools.com/forumdisplay.php?f=44)
-   -   TIB/PEB Info for X64 (https://forum.exetools.com/showthread.php?t=13713)

mesagio 08-11-2011 17:30

TIB/PEB Info for X64
 
Through the TIB/PEB in Win32 you could obtain infos about OSVersion and other Informations through folowing FS:[0] and FS:[0x30]

After a lot of searching i didnt found how this is under x64. Any info is welcome.
Exception Handling (Unwind) seems different than in Win32 and is now table-based.

cyberbob 08-11-2011 20:51

here you can get some info with source code

http://mcdermottcybersecurity.com/articles/windows-x64-shellcode

mesagio 08-13-2011 17:39

i found it myself in the meantime but thx for your answer


All times are GMT +8. The time now is 15:31.

Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2024, vBulletin Solutions, Inc.
Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX