VX Heaven

Library Collection Sources Engines Constructors Simulators Utilities Links Forum

Gaining important datas from PEB under NT boxes

29a [6]
March 2002

[Back to index] [Comments]


After some years of using it, you are very familiar with SEH - Structured Exception Handling. When you set a exception frame you use more or less the same code snippet which works with the fs selector. Probably you also know that this selector points to a data structure known as TEB ie Thread Environment Block. This structure contains a lot of more or less useful values and structures and - what is important for us - also a pointer to PEB - Process Environment Block.

[Read the article]

By accessing, viewing, downloading or otherwise using this content you agree to be bound by the Terms of Use! aka