Hi All,

This is an excellent collection of NT kernel header files and semi-documented system programming example code. I wish I knew which site I downloaded it from to give the deserved credit, I can only keep the original filename intact.

There are dozens of C examples which show many, many interesting techniques, a few of the gems:

blowfish.c
defense.c (antitrojan?)
Hook Drive
Interrupt hooks
SystemServiceTable / NT kernel function hooking
NT Memory Manager
NT Object Manager
Routing Routines
NT Security Functions
Process manager routines
packet I/O operations
NT io manager/filesystems
HookKeyboard
Command functions
NT Thread manipulation
Process context work items
Exec related code


I hope that we can continue to expand the amount of system programming and driver techniques information on this board, as well as receiving more contributions on reversing in the undocumented kernel playground. 'Til then, there's reading to do...enjoy.

Cheers,
Kayaker

PASSWORD: rootkit

http://rootkit.com/

Hiya

Thanks for posting this!

Cheers,
Clandestiny

I'd be extremely happy if anyone can explain how can we get to that server... If it is possible, I'll be able to download most of its content and put it on wasm to be available to public. Cause it is extremely nice to have such things somewhere near when necessary.

First of all I'd like to thank you for the truly informative posts in this forum. I had a lot of enjoynment while reading them. Thanks a lot. Secondly... Pity but the link is dead

Another interesting url :-) :
http://www.ntkernel.com/resources.shtml

ZaiRoN

volodya:

Why not go to the source of the program and SET UP YOUR OWN ACCOUNT. Then you should have access to the ftp to your heart's content. Check out the instructions at http://www.rootkit.com/. They state:

Welcome to ROOTKIT.COM. New users need to [ Login ] and sign up for an account.
Note: Current users of rootkit.com have had their accounts ported to the BBS. You should be able to login normally.
You may transfer files via the BBS, or use your account to login to the FTP server.

It certainly appears that if you create an account you can gain access to all the files available.

Regards,

Thank you Vladimir, I enjoy browsing your site much as well, pity my Russian is limited to toasts ;-) We'd like to expand this to maybe a separate page/forum where people could contribute NT Kernel / driver related topics/links/discussions, etc., even code examples in MASM or C of common driver procedures would be useful, just to keep it all in one place and not have it disappear after a few weeks in a thread. Any ideas are welcomed. As for the site, it was fine before I posted....

Regards,
Kayaker

Glad to see you, glorious moderator
The only problem with your suggestion is I CANNOT telnet to it. It is ALWAYS busy and asking me to come later. Therefore...

Kayaker
Yes. It is not that easy for us to switch to English because it will require A LOT of the resources and our free time. But there are some articles translated indeed. For example, Four-F has translated his 5 articles about creating device drivers for Windows 2000. They already exist in English. May be in future I will translate my articles about packers to English... Who knows?
Quen sabe?