[Mlabs] Dissecting Internals of Windows XP Svchost : Reverse Engineering Stature

Hi all

This is the reverse Engineering layout of Scvhost Internals.

|Category : Reverse Engineering Analysis.

The paper solely relates to the core internals that build up the Windows XP Svchost. The Svchost internals have not been disseminated into informative elements yet. I have found only one or two analysis but that wont satisfy my views regarding XP Svchost. The anatomy of Svchost has got complexity in its own term. This pushes me to write a specific analysis over it. The analysis provide a structural design with concept wise dissection. The point is to understand the hidden artifacts and how it affects the working aspect of prime service host controller.Every process is disseminated into primary process and secondary process. In terms related to operating system there is a parent process and its child. If one look at the implementation scenario then child processes are undertaken as thread internally. The kernel level implementation is subjugated like this. The XP Svchost runs as threads under services process.|

http://mlabs.secniche.org/winxp_svchost.html http://mlabs.secniche.org/papers/Win_Xp_Svc_Int.pdf

Regards
Aks aka 0kn0ck
http://mlabs.secniche.org | http://www.secniche.org Received on Fri Sep 21 13:36:24 2007