Windows Vista + SoftIce

Hello!
Are anybody use SoftIce under Vista (Longhorn Beta1)? I had some problems with videocard. If you have piece of advice or some expirience in this field and don't mind, please write it here.

[taos]

do not waste time with a Beta SO & SICE!!!.
Vista can be (and will be) a lot of different in the official release.

[N0P]

Btw> OllyDbg doesnt work too ;o(

[Hero]

I don't think none of normal cracking tools will work.
Because Longhorn(Vista) is 64bit,isn't it?

sincerely yours

[MaRKuS-DJM]

Quote:

Originally Posted by Hero

I don't think none of normal cracking tools will work.
Because Longhorn(Vista) is 64bit,isn't it?

sincerely yours

there will be 32-bit and 64-bit edition like in Windows XP. depends on your CPU.

[gabri3l]

From what I have read Windows Vista will probably be a pain to debug on. especially for ring-3 debuggers. Windows Vista's API functions will be managed by their new API WinFX. This means all that p-code we hate stepping through will now be integrated into the OS. Basically MS is combining its .NET framework into Windows. So on the upside programs written using the .NET framework or WinFX or whaterver their derivative will be will be much more stable and easier to use on Vista. The downside is that it adds another layer between us and the API. So ring-3 debuggers now have to debug application as it communicate to the framework which then communicates to the underlying API (think of those functions as the ZW...'s functions in our current API) of the framework which then performs the operation.
There will obviosly be support for the win32 API. but I wonder whether it will run on top of the WinFX framework and emulate functions or if it will run at the same priviledge level it is running currently.
Again, this is just assumptions based on everything I have read. I haven't played with Vista or dug to deep into investigating this. Maybe some windows Guru can correct me on this.

[taos]

"WinFX, the managed-code API is there, but it isn't required (at least not yet, and hopefully MS will always allow developers to bypass managed code to get to the lower level APIs)." Source hxxp://www.wincustomize.com/Articles.aspx?AID=82119&u=0

"WinFX will seem like second nature, because it¡¯s a superset of the .NET Framework, optimized for Longhorn and exposing all new system functionality. If you¡¯re a Win32 programmer, your existing applications can incorporate WinFX-based functionality very easily." MSDN M$

My opinion:
WinFX consists of these basic components:
NET Framework,¡°Avalon¡± Presentation Subsystem & ¡°Indigo¡± Communication Subsystem.
Sounds like "another" api to use it but you can choose to do it or not.
My assumption about Olly crash is (maybe) for security reasons (infractions, read/writte permission, hook APIs,etc...) so low level apps can need a little re-code.
I will try next week Windows Vista with debuggers to give more info.
Regards

Quote:

Originally Posted by taos

"...
WinFX, the managed-code API is there, but it isn't required (at I will try next week Windows Vista with debuggers to give more info.
Regards

It will be really interesting to now your results...

[taos]

Quote:

Originally Posted by N0P

Btw> OllyDbg doesnt work too ;o(

Sorry, but actually WINDOWS Vista RUNS perfectly OLLYDBG 1.10.


So no problem with Olly and the new SO.

In a few days I will try SICE too, but Olly pass the exam.

Regards.

[codeX]

Hi taos,
I'm very happy to hear that Olly works perfectly in Vista. I haven't got that longhorn beta 1 yet. Hope all plugins would work....

btw. Have you tried debugging of progiies in Longhorn? Is this new API layers a real problem.....

[taos]

Quote:

Originally Posted by codeX

btw. Have you tried debugging of progiies in Longhorn? Is this new API layers a real problem.....

I have debuged M$ Vista Calculator/Wordpad and no problem, so I think that ONLY apps created with new API can be a problem but I don't know any progg. with this api, so if anyone have a file with WINFX, email me.
Ollyplugins can run without problem (all tested by me) so , I understand that new api is only "LIKE" new NET framework (more or less). There's not too much kernel modifications and my first impression is that it's XP with new interface and copy/paste other apps because Explorer 7 have new options like Firefox, and all the rest is simple, new icons, renew explorer,etc...


BTW:Armadillo proggs run perfectly in Vista, I'm interested about testing "low level" packers like Themida,etc...but I have not demo versions.

Regards