|
|
#1
08-17-2004, 22:20
|
|||
|
|||
|
KERNEL32 imports in IDA Pro
Hello,
I am currently exploring an executable in IDA Pro 4.5, and stumbled across a load of imported system calls that are labelled KERNEL32_4, KERNEL32_16 and so on. IDA created two sections called 'Imports from KERNEL32.DLL', one with system calls correctly identified and typed, the other with the bare KERNEL32_XX names and without data types (the only exception being BuildCommDCBAndTimeoutsW). What are those unidentified(?) system calls? Am i using a too old version of kernel32.ids? From their calling context I guess that they do some network-related stuff, am i missing a specific ids file? Asking google about KERNEL32_XX will only return a WINE resource. I'm only beginning with reverse engineering / analyzing executables, so there might be an obvious solution to this problem. TIA 
|
| Thread Tools | |
| Display Modes | |
|
|
Similar Threads
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| Bizarre problem resolving imports from KERNEL32 | ancev | General Discussion | 8 | 12-15-2005 23:11 |
| adding code to kernel32.dll | amigo | General Discussion | 13 | 01-15-2005 01:49 |
| how to replace kernel32.dll in win2k/xp | tAz | General Discussion | 12 | 02-06-2004 03:46 |
| armkiller imports | Akki | General Discussion | 1 | 12-30-2002 17:33 |
Threaded Mode