Author Topic: Targetting your application four windows getVersionEx  (Read 5279 times)

jj2007

  • Member
  • *****
  • Posts: 7551
  • Assembler is fun ;-)
    • MasmBasic
Re: Targetting your application four windows getVersionEx
« Reply #30 on: November 02, 2015, 04:15:30 AM »
For your re-posted sample it is always in dos mode.

Did you know what is a Windows program?????

I repeat the problem.
The problem is to have the same results using the c++ or masm in Windows mode.

Never heard of such crap ::)

You mean Windoze, ehm, "fenetres"? And they follow different rules, really?
 :dazzled:

dedndave

  • Member
  • *****
  • Posts: 8734
  • Still using Abacus 2.0
    • DednDave
Re: Targetting your application four windows getVersionEx
« Reply #31 on: November 02, 2015, 05:08:21 AM »
it is correct for my XP SP3 (although it does not say media center edition - not expected)
it reports 5.1.2600, SP3

Jochen - do you see how RtlGetNtVersionNumbers gets the build number ?
is it also in the TEB ?

jj2007

  • Member
  • *****
  • Posts: 7551
  • Assembler is fun ;-)
    • MasmBasic
Re: Targetting your application four windows getVersionEx
« Reply #32 on: November 02, 2015, 05:18:54 AM »
Jochen - do you see how RtlGetNtVersionNumbers gets the build number ?
is it also in the TEB ?

No, it's not the TEB - it's hardcoded in ntdll.dll :P

77456CEE   ³.  8B45 08       mov eax, [ebp+8]
77456CF1   ³.  85C0          test eax, eax
77456CF3   ³. 74 06         jz short 77456CFB
77456CF5   ³.  C700 06000000 mov dword ptr [eax], 6
77456CFB   ³>  8B45 0C       mov eax, [ebp+0C]
77456CFE   ³.  85C0          test eax, eax
77456D00   ³. 74 06         jz short 77456D08
77456D02   ³.  C700 01000000 mov dword ptr [eax], 1


That is why you get the true OS version. The TEB has what Windows pokes there - and this depends on manifest crap and/or "compatibility modes". Although, sometimes this may actually be what you need ::)

dedndave

  • Member
  • *****
  • Posts: 8734
  • Still using Abacus 2.0
    • DednDave
Re: Targetting your application four windows getVersionEx
« Reply #33 on: November 02, 2015, 05:35:21 AM »
thanks - not that the build number helps that much - lol

ToutEnMasm

  • Member
  • *****
  • Posts: 1189
    • EditMasm
Re: Targetting your application four windows getVersionEx
« Reply #34 on: November 02, 2015, 05:41:55 AM »
very interesting also is how WMI do to find all the needed iformations
Fa is a musical note to play with CL