Jump to content











Photo
- - - - -

[project] nativeEx_BSOR

Started by pscEx , Jan 03 2008 06:25 PM

  • Please log in to reply
51 replies to this topic

#51 AeroXP

AeroXP

    Frequent Member

  • Advanced user
  • 177 posts
  • Location:0000:7c00
  • Interests:Motorola 68000 Assembler, PCs, Betas, Boot Disks, x86 Assembler
  •  
    United States

Posted 20 August 2009 - 03:54 AM

Needless to say, but Setupdd does have some interesting tricks to get VGA access: It likes to write directly to \Device\Video0, it also has it's own string handling functions, and it does some interesting Display Init procedures.

Here's my analysis on SpVidInitialize:
1. ZwCreateFile on \Device\Video0
2. Request possible video modes using ZwDeviceIoControlFile.
3. If 720x400, assume Vga, otherwise use Framebuffer.
4. Call display specific code and switch display mode.
5. Setup DBCS/OEM conversion code.
6. Return Ntstatus(STATUS_SUCCESS)

So if anything hooks SpVidInitialize (uSetup.exe, Spcmdcon.sys), you will be trapped there unless you can tap into the Vga registers again and force graphics mode and get Inbv/Bootvid.dll working.

@psc, found out how to wait for process to end and suspend creator process:
NtWaitForSingleObject(processinformation.ProcessHandle,FALSE,NULL);

#52 AeroXP

AeroXP

    Frequent Member

  • Advanced user
  • 177 posts
  • Location:0000:7c00
  • Interests:Motorola 68000 Assembler, PCs, Betas, Boot Disks, x86 Assembler
  •  
    United States

Posted 10 September 2009 - 12:44 AM

I would like to say:
Commands:

EXIT	- Exits the Native CLI and shuts down system

LM	  - List currently loaded modules

LP	  - List currently loaded processes

SYSINFO - Dumps system infomation

PWD	 - Print the current working directory

DIR	 - Dumps a list of files and subdirectories in a directory

DEVTREE - Dumps the hardware tree (Breaks after running Bootops/ArcName)

CPUFUNC - Shows instructions supported by processor

VER	 - Displays version of Operating System

HELP	- Shows this help screen again);

BUGCHK  - Causes system to bugcheck/BSoD

PSCR	- Creates new process with commandline: C:\test.exe

PSKILL  - Terminates current process

DELAY   - Suspends process for 5 seconds

PAUSE   - Pauses command line and displays message

ARCNAME - Displays system boot ARC name (Breaks after running Devtree)

BOOTOPS - Displays system boot options (Breaks after running Devtree)

CHKDSK  - Checks all disks for errors

CL	  - Change drive letter

PFILE   - Create pagefile

DUMPREG - Dump x86 registers

CPUID   - Display CPU information

SETUP   - Launches OS setup

LNI	 - Launch new instance of command interpreter

USETUP  - Launch original Windows Setup

WINSS   - Start Windows NT Session Manager Subsystem

3RDPSS  - Start 3rd Party Subsystem

BEEP	- Beeps

REBOOT  - Exits the Native CLI and reboots system.

I did launch the Windows Subsystem directly from the CLI and it worked well. :(
Back to Projects


1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users

  1. reboot.pro
  2. Boot methods & tools
  3. WinBuilder
  4. Projects
  5. Privacy Policy
  6. Site policies ·