Exetools  

Go Back   Exetools > General > General Discussion
Reload this Page SST Hook -> Bluescreen!?
Register Forum Rules FAQ Calendar Mark Forums Read

Notices

 
 
Thread Tools Display Modes
Prev Previous Post   Next Post Next
  #6  
Old 04-07-2005, 23:10
thewhiz
 
Posts: n/a
Curious if anyone has run into issues with WinXP SP2? I can hook ZwCreateFile (As I am trying to debug a rather nasty problem...) just fine, but if I want to open a file from my driver within the hook for ZwCreateFile, using the proper/original ZwCreateFile I manage to get a STATUS_ACCESS_VIOLATION.

Anyone run into this problem and have a quick solution? I have walked through the disassembly in Windbg and IDA Pro and see that everything goes bad when NtCreateFile->IoCreateFile->IopCreateFile runs into MmUserProbeAddress() on the FileHandle I supply to the original ZwCreateFile.

Any subtle insights would be greatly appreciated.
Reply With Quote
 

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Threaded Mode Threaded Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Windows Hook user1 Source Code 0 04-24-2021 05:23
SYSENTER hook niom General Discussion 13 08-12-2004 02:50
DriverStudio 3.1 Viaagp.sys Bluescreen bgrimm General Discussion 1 02-19-2004 02:37


All times are GMT +8. The time now is 23:00.

Aaron's homepage - Top

Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX, chessgod101
( Since 1998 )