copy protection - was: Re: Is it time for playing games on WINE?
Raphaël Junqueira
fenix at club-internet.fr
Sat Nov 8 07:04:12 CST 2003
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Le Friday 07 November 2003 19:46, Lionel Ulmer a écrit :
> On Fri, Nov 07, 2003 at 10:32:02AM +0000, Mike Hearn wrote:
> > Lionel, could QEMU be used here? I guess the driver expects to have
> > kernel level access to the machine, so we could either:
>
> Well, as I have no idea how .SYS loading working and how it interfaces with
> the kernel, I cannot comment here.
>
> Note that a low level kernel presentation by ReactOS people would be a nice
> thing to have at Wineconf :-)
>
> Lionel
it is simple, only a PE module who work on kernel mode using os APIs:
- -=(FeniX as fenix at DarkBluE)-(on tty2)-(at 13:39:31)=-
-={$:'~'}=->winedump dump -j import /mnt/win_c2/windows/system32/drivers/
secdrv.sys
Contents of "/mnt/win_c2/windows/system32/drivers/secdrv.sys": 27440 bytes
Import Table size: 40
offset 25404 ntoskrnl.exe
Hint/Name Table: 00006364
TimeDataStamp: 00000000 (Thu Jan 1 01:00:00 1970)
ForwarderChain: 00000000
First thunk RVA: 00000260 (delta: 4294967295 0xffffffff)
Ordn Name
252 IoDeleteSymbolicLink 644a
251 IoDeleteDevice 63b4
247 IoCreateSymbolicLink 63c6
243 IoCreateDevice 63de
720 RtlInitUnicodeString 63f0
687 RtlEqualUnicodeString 6408
519 NtBuildNumber 6420
760 RtlQueryRegistryValues 6430
599 PsGetVersion 63a4
434 KeTickCount 6462
479 MmIsAddressValid 6470
792 RtlUnwind 6492
54 ExAllocatePoolWithTag 649e
66 ExFreePool 64b6
325 IofCompleteRequest 64c4
Done dumping /mnt/win_c2/windows/system32/drivers/secdrv.sys
The problem is how emulate windows kernel internal behavior (ie assembly tips
as NtCurrentTeb)
Best Regards,
Raphael
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
iD8DBQE/rOnQp7NA3AmQTU4RAtQ5AJ99fd0sys8VnKiAoq6RktXUBW1m/gCfZh/j
ryAQ5sOXI+ZpgNFFKQfkq3M=
=yMii
-----END PGP SIGNATURE-----
More information about the wine-devel
mailing list