This repository has been archived by the owner on Sep 29, 2020. It is now read-only.
Support for modules of System process #9
Labels
enhancement
New feature or request
Comments
|
As far as I know windows has PsLoadedModuleList. That's all my knowledge so far, will have to do some digging. |
|
Implemented in 01799b6. However, I am yet to add appropriate HLAPI interfacing. From testing I have had the same results as you did, with only a few modules having any exports. As it turns out, win32kbase.sys was simply not loaded inside the kernel space, but rather inside the userspace processes. That, most likely, was the reason the export generation failed. Not closing until HLAPI reaches feature parity. |
|
HLAPI bits added in 823551c. |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
I'm trying to get the exports for win32kbase.sys and I'm not sure the best route to take.
I've tried reusing existing methods for getting a module list on the System process and its size is always 0, any advice?
The text was updated successfully, but these errors were encountered: