also with new PnP stack, we can probably expect much wider hardware support
also we can probably expect dmca takedown from MSFT bcuz github is now belong to MSFT and he's IDA-ing Windows Server 2003 checked build with debug symbols
Никита
Никита
So he just disassembles w2k3 PnP stack and implementing it via C code. Or I can't understand how he implements these Pi*() functions o_O
Stas'M
also we can probably expect dmca takedown from MSFT bcuz github is now belong to MSFT and he's IDA-ing Windows Server 2003 checked build with debug symbols
Is this confirmed information from him or anybody else?
Stas'M
Or just your own assumptions? 🤔
Никита
I just can't understand HOW?
Anonymous
Well, there can be info about it in MSDN?
Anonymous
I'm not too sure
Никита
Well, there can be info about it in MSDN?
Some functions are in MSDN, some are NOT. And that's why I am thinking so.
Anonymous
well, that is suspicious
Никита
https://github.com/vgalnt/reactos/commit/af4058800bd3088ac6c72a8ea6e7cfe768157678
Никита
Try to find THIS one
Никита
Никита
(taken from some chinesee blog that is researching WRK)
Anonymous
The only search results I can find are from WRK
Benedict
I wish I understood russian damn
Никита
I wish I understood russian damn
Привет - Hello
Пока - Goodbye
Как дела? - How are you?
Как тебя зовут? - What's your name?
Anonymous
well, legally speaking, if he hasn't seen it himself, but someone else has told him, MS can't do anything
Никита
Привет - Hello
Пока - Goodbye
Как дела? - How are you?
Как тебя зовут? - What's your name?
I am bad Russain language teacher. But I somehow can understand English xD
Anonymous
like someone else has explained
Никита
Никита
But still strange, isn't it?
Benedict
I am bad Russain language teacher. But I somehow can understand English xD
It's a good starting point to go off of.
Anonymous
That's deffinetely strange.
Никита
That's deffinetely strange.
https://www.cnblogs.com/ahuo/archive/2011/05/29/2062398.html this page containing a list of WRK functions. This is one and only place where you can find these functions. But not the code.
Anonymous
Can we trust this work?
Anonymous
It's really suspicious
Никита
Can we trust this work?
yes, bcuz he is russian, I am russian, we are russians (not in this chat ofc)
Никита
jk
Stas'M
well, legally speaking, if he hasn't seen it himself, but someone else has told him, MS can't do anything
Well, I hope that his work was done in that way
Anonymous
There's zero information on Microsoft's own sites about this
Anonymous
and the naming is exact to WRK
Никита
well, legally speaking, if he hasn't seen it himself, but someone else has told him, MS can't do anything
... was told him, ....
A Microsoft employee?
Никита
Никита
and the naming is exact to WRK
Well that can be explained, he wants windows drivers to work in ReactOS. So he need to name functions like that's done in WRK.
Anonymous
I don't think we're allowed to do that if we're *clean* room reverse engineering.
Никита
Names may come from MS's debugging symbols
Hmm... yes... because WinDBG pdb server is public
Anonymous
Using IDA or anything else to reverse the PNP stack from Server 2003 would instantly fail the principles of contribution and ruin his credibility.
Anonymous
since it wasn't obtained in a clear way
Anonymous
Though, we shouldn't fearmonger until facts are presented.
Anonymous
and it would be caught during review process anyways
Anonymous
Well that can be explained, he wants windows drivers to work in ReactOS. So he need to name functions like that's done in WRK.
Even if so, this is kernel mode PnP, which is a interface to user mode PnP
Anonymous
Kernel mode PnP isn't much talked about by Microsoft due to user mode interface being used by drivers
Никита
Kernel mode PnP isn't much talked about by Microsoft due to user mode interface being used by drivers
Well Galyant has not reached user-mode PnP
Никита
He is only modifying files in ntoskrnl folder right now)
Никита
and hal
Anonymous
He's doing kernel mode PnP, and it's not documented either due to driver developers having to use user-mode PnP
Никита
If you want, you can make an account in VK (russian social network) and write a message to him. Don't worry, it has English language, and you can register via Facebook.
Никита
He's doing kernel mode PnP, and it's not documented either due to driver developers having to use user-mode PnP
So you think replacing user-mode PnP will be faster than somehow replacing kernel-mode PnP?
Anonymous
I'm just saying that kernel-mode PnP isn't documented by Microsoft, and if he's getting exact namings of functions used there, it's even more suspicious
Никита
I'm just saying that kernel-mode PnP isn't documented by Microsoft, and if he's getting exact namings of functions used there, it's even more suspicious
https://www.cnblogs.com/ahuo/archive/2011/05/29/2062398.html - names of the WRK functions
Никита
But ONLY NAMES
Никита
Not their src
Anonymous
public documentation
Anonymous
not from WRK
Anonymous
None in MSDN
Anonymous
legal public documentation*
Anonymous
WRK is not deemed legal for ReactOS
Никита
WRK is not deemed legal for ReactOS
You can ask Galyant himself "what docs he is reading?"
Никита
But you need to create a VK account. He doesn't have a Telegram profile
Anonymous
Well, you already have an account, you can do it right now
Никита
Well, you already have an account, you can do it right now
Никита
Already did, (blue light means he has not readed my message)
Anonymous
if he is IDA-ing, that means he's breaking the rules
Anonymous
and therefore his contributions can't be trusted
Anonymous
It'd be sad if that's the case.
Никита
It'd be sad if that's the case.
Also it'd be sad if he downloaded w2k or wrk src somewhere.
Никита
We need to wait for an answer
Никита
He was online 2hrs ago, last commit was also done 2hrs ago, maybe he is sleeping.
Anonymous
isn't it early?