Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/speedi13/nsiallocateandgettable-used-from-gettcptableinternal

Undocumented NsiAllocateAndGetTable usage in GetTcpTableInternal reverse engineered on Win7 X64
https://github.com/speedi13/nsiallocateandgettable-used-from-gettcptableinternal

iphlpapi-dll nsi-dll reverse-engineering undocumented windows-7

Last synced: about 1 month ago
JSON representation

Undocumented NsiAllocateAndGetTable usage in GetTcpTableInternal reverse engineered on Win7 X64

Host: GitHub
URL: https://github.com/speedi13/nsiallocateandgettable-used-from-gettcptableinternal
Owner: Speedi13
Created: 2018-04-07T20:25:17.000Z (over 6 years ago)
Default Branch: master
Last Pushed: 2018-04-07T21:03:07.000Z (over 6 years ago)
Last Synced: 2024-10-11T14:21:36.385Z (about 1 month ago)
Topics: iphlpapi-dll, nsi-dll, reverse-engineering, undocumented, windows-7
Language: Assembly
Size: 323 KB
Stars: 18
Watchers: 4
Forks: 4
Open Issues: 0
Metadata Files:
- Readme: README.md

Awesome Lists containing this project

README

        # NsiAllocateAndGetTable-used-from-GetTcpTableInternal

Undocumented NsiAllocateAndGetTable usage in GetTcpTableInternal reverse engineered on Win7 X64 



This might be useful for security researchers or other people who want to know how NsiAllocateAndGetTable is used since microsoft doesn't say anything about this function

# Reversed and commented disassemblies

IDA's Pseudocode 


- >>GetTcpTableInternal Pseudocode<< 

- >>GetTcpTableInternal Pseudocode as cpp file<< 

IDA's Assembly in graph view 


- >>GetTcpTableInternal Assembly<< 

- >>GetTcpTableInternal Assembly as asm file<< 

# Knowledge used to create a hook

- >>NsiAllocateAndGetTable hook in c++<<