xenaccess-devel

[XenAccess-devel] process-list works with Vista VM (with a couple tweaks)

[Matthew D. <ma...@at...>]

I got the process-list example to work with a Vista (Ultimate) VM.  The
offsets had to be changed, of course:

#define ActiveProcessLinks_OFFSET    0xa0
#define UniqueProcessId_OFFSET       0x9c
#define ImageFileName_OFFSET         0x14c 

Also, the page_offset value that I had to change to get the samples working
for XP (I changed from 0x80000000 to 0x7FC00000) had to be changed back to
0x80000000.

I say the program worked, but the last entry in the list is wrong:


The module-list sample doesn't work but I'm guessing it's because of a
hard-coded address that is different for Vista.

Re: [XenAccess-devel] process-list works with Vista VM (with a couple tweaks)

[Bryan D. P. <br...@th...>]

Excellent, thanks!
-bryan


On Jan 23, 2008 3:16 PM, Matthew Donovan <ma...@at...> wrote:
> I got the process-list example to work with a Vista (Ultimate) VM.  The
> offsets had to be changed, of course:
>
> #define ActiveProcessLinks_OFFSET    0xa0
> #define UniqueProcessId_OFFSET       0x9c
> #define ImageFileName_OFFSET         0x14c
>
> Also, the page_offset value that I had to change to get the samples working
> for XP (I changed from 0x80000000 to 0x7FC00000) had to be changed back to
> 0x80000000.
>
> I say the program worked, but the last entry in the list is wrong:
>
>
> The module-list sample doesn't work but I'm guessing it's because of a
> hard-coded address that is different for Vista.
>



-- 
Bryan D. Payne
Graduate Student, Computer Science
Georgia Tech Information Security Center
http://www.bryanpayne.org