You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
To view Syscalls, go to the Data Types window and right click on the Kernel folder, then add a new Structure copying this structure:
Then tap the G (Go to) key before going to the address 0xffffffffa1ce8310. Right click on the address and set the data type to sysent[678]. Every Sy_Call will be the Syscall function used for the Sysent value.
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
List tips for Kernel reverse engineering here!
To view Syscalls, go to the Data Types window and right click on the Kernel folder, then add a new Structure copying this structure:
Then tap the G (Go to) key before going to the address
0xffffffffa1ce8310. Right click on the address and set the data type tosysent[678]. Every Sy_Call will be the Syscall function used for the Sysent value.Beta Was this translation helpful? Give feedback.
All reactions