At 08:57 PM 7/02/2003 +0100, dullien (at) gmx (dot) de [email concealed] wrote:
>Concerning information on TIB and PEB: If you're too lazy to learn
>russian/polish, you might consider taking (a) the wine header files
>(which attempt to document parts of these structures) and (b) a
>debugger and go spellunking yourself.
>Oh, and MS does provide some limited information:
>http://msdn.microsoft.com/msdnmag/issues/02/08/EscapefromDLLHell/defaul
t.aspx
Incase anyone is wondering about these Russian papers on the reverse
engineered contents of the PEB and TIB there have been a number of posts to
the newsgroups with the structures in question. You don't have to
understand Russian given that the field names make most of them pretty
obvious, check out:
Hey All,
At 08:57 PM 7/02/2003 +0100, dullien (at) gmx (dot) de [email concealed] wrote:
>Concerning information on TIB and PEB: If you're too lazy to learn
>russian/polish, you might consider taking (a) the wine header files
>(which attempt to document parts of these structures) and (b) a
>debugger and go spellunking yourself.
>Oh, and MS does provide some limited information:
>http://msdn.microsoft.com/msdnmag/issues/02/08/EscapefromDLLHell/defaul
t.aspx
Incase anyone is wondering about these Russian papers on the reverse
engineered contents of the PEB and TIB there have been a number of posts to
the newsgroups with the structures in question. You don't have to
understand Russian given that the field names make most of them pretty
obvious, check out:
http://groups.google.com/groups?hl=en&lr=&ie=UTF-8&oe=UTF-8&safe=off&q=_
NT_TEB&btnG=Google+Search
Cheers,
Shaun
[ reply ]