EXETOOLS FORUM

EXETOOLS FORUM (https://forum.exetools.com/index.php)
-   Community Tools (https://forum.exetools.com/forumdisplay.php?f=47)
-   -   WinObjEx64 (kernelmode.info) (https://forum.exetools.com/showthread.php?t=16574)

Insid3Code 02-24-2015 00:36

WinObjEx64 (kernelmode.info)
 
Windows Object Explorer 64-bit (WinObjEx64) from kernelmode.info.

PHP Code:

http://www.kernelmode.info/forum/viewtopic.php?f=11&t=3751 

Quote:

WinObjEx64 is an advanced utility that lets you explore the Windows Object Manager namespace. For certain object types, you can double-click on it or use the "Properties..." toolbar button to get more information, such as description, attributes, resource usage etc. WinObjEx64 let you view and edit object-related security information if you have required access rights.

System Requirements

WinObjEx64 does not require administrative privileges. However administrative privilege is required to view much of the namespace and to edit object-related security information.

WinObjEx64 works only on the following x64 Windows: Windows 7, Windows 8, Windows 8.1 and Windows 10, including Server variants.

WinObjEx64 does not work on Windows XP, Windows Vista is partially supported. We have no plans of their full support.

In order to use all program features Windows must be booted in the DEBUG mode.

Build

WinObjEx64 comes with full source code.
In order to build from source you need Microsoft Visual Studio 2013 U4 and later versions.

Authors

(c) 2015 WinObjEx64 Project
Original WinObjEx (c) 2003 - 2005 Four-F

Acknowledgements

We would like to thanks the following people for their contributions (in the alphabetical order):

Andrew Ivlev aka Four-F - author of the original x86-32 WinObjEx
Giuseppe Bonfa aka Evilcry - KDSubmarine author
Mark Russinovich - author of the original proof-of-concept tool WinObj
Microsoft WinDBG developers team

Source and compiled binary here
https://github.com/hfiref0x/WinObjEx64

Project files SHA1 https://github.com/hfiref0x/WinObjEx64/ ... /SHA1.hash

Copyrights

WinObjEx64 developed by WinObjEx64 Project group, in the alphabetical order:

EP_X0FF
MP_ART


This program uses Windows Debugger Local Kernel Debugging Driver © Microsoft Corporation.

Please use this thread for bugreports. Also take a note that Windows 10 is supported *AS IS* since it wasn't released yet, official support will be added after official release.
PHP Code:

https://github.com/hfiref0x/WinObjEx64 


Insid3Code 03-02-2015 00:04

Updated 1.1

changelog:
Quote:

added popup menu for Process page
added file properties dialog for Process page
added descriptions for more object types
added named pipes dialog (menu -> extras)
added information for IoCompletion object type, including structured object body dump
some code revision and corrections

PHP Code:

https://github.com/hfiref0x/WinObjEx64 



All times are GMT +8. The time now is 00:25.

Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2019, vBulletin Solutions, Inc.
Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX