Windows core concepts administrative rights. (Lesson 1)

Август 5, 2022

Главная
Информатика
Windows core concepts administrative rights. (Lesson 1)

Содержание

2. WINDOWS CORE CONCEPTS PROCESSES, JOBS & THREADS L1 P2 Each process contains: PID At least one
3. WINDOWS CORE CONCEPTS VIRTUAL MEMORY L1 P3 Mapping Paging Increaseuserva boot option Address Windowing Extension (AWE)
4. WINDOWS CORE CONCEPTS KERNEL MODE & USER MODE L1 P4 Kernel mode highlights: Designated for OS
5. WINDOWS CORE CONCEPTS REGISTRY L1 P5 Viewing and changing Registry Registry Usage Registry Data Types REG_DWORD
6. WINDOWS CORE CONCEPTS OBJECTS & HANDLES L1 P6 Objects Providing human-readable names for system resources Sharing
7. WINDOWS CORE CONCEPTS CALL STACKS & SYMBOLS L1 P7 What is a call stack? module!function+offset e.g.
9. Скачать презентацию

Слайд 2

WINDOWS CORE CONCEPTS
PROCESSES, JOBS & THREADS
L1
P2
Each process contains:
PID
At least

one thread
Private Virtual address space
An executable program
Handles
Access token

Each thread contains:
TID
The contents of a set of CPU registers
Kernel mode stack
User mode stack
Thread-local storage (TLS)
Access token [optional]

Слайд 3

WINDOWS CORE CONCEPTS
VIRTUAL MEMORY
L1
P3
Mapping
Paging
Increaseuserva boot option
Address Windowing

Extension (AWE)
Typical address space for 32-bit – 2 GB + 2 GB
Typical address space for 64-bit – 8 TB + 8 TB

Слайд 4

WINDOWS CORE CONCEPTS
KERNEL MODE & USER MODE
L1
P4
Kernel mode highlights:
Designated for

OS code (system services & device drivers)
Access to all system memory and all CPU instructions
Single virtual address space
Driver-signing mechanism
Kernel mode code signing (KMCS)

User mode highlights:
designated for user applications
Indirect access to resources through system service calls
Virtual private address space
Isolated execution for each process

Слайд 5

WINDOWS CORE CONCEPTS
REGISTRY
L1
P5
Viewing and changing Registry
Registry Usage
Registry Data

Types
REG_DWORD
REG_BINARY
REG_SZ
Registry Logical Structure

Слайд 6

WINDOWS CORE CONCEPTS
OBJECTS & HANDLES
L1
P6
Objects
Providing human-readable names for system

resources
Sharing resources and data among processes
Protecting resources from unauthorized access
Reference tracking
Difference between objects and ordinary data
Handles

Слайд 7

WINDOWS CORE CONCEPTS
CALL STACKS & SYMBOLS
L1
P7
What is a call stack?

module!function+offset e.g. crypt32!CryptEncryptMessage+0x9f
What are symbols?
Full (Private) symbol files
Public symbol files
Configuring symbols
DBGHelp.dll path
Symbols path
srv*c:\symbols*https://msdl.microsoft.com/download/symbols

Windows core concepts administrative rights. (Lesson 1)

Содержание

WINDOWS CORE CONCEPTSPROCESSES, JOBS & THREADSL1P2Each process contains: PID At least

WINDOWS CORE CONCEPTSVIRTUAL MEMORYL1P3 Mapping Paging Increaseuserva boot option Address Windowing

WINDOWS CORE CONCEPTSKERNEL MODE & USER MODEL1P4Kernel mode highlights: Designated for

WINDOWS CORE CONCEPTSREGISTRYL1P5 Viewing and changing Registry Registry Usage Registry Data

WINDOWS CORE CONCEPTSOBJECTS & HANDLESL1P6 Objects Providing human-readable names for system

WINDOWS CORE CONCEPTSCALL STACKS & SYMBOLSL1P7 What is a call stack?

Похожие презентации