Last active
August 29, 2015 14:20
-
-
Save hacksysteam/f295994b0a811cf90e88 to your computer and use it in GitHub Desktop.
Token Stealing Using WinDBG
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
kd> dt nt!_KPRCB 82770c00+0x120 | |
+0x000 MinorVersion : 1 | |
+0x002 MajorVersion : 1 | |
+0x004 CurrentThread : 0x83dcd020 _KTHREAD | |
+0x008 NextThread : (null) | |
+0x00c IdleThread : 0x8277a380 _KTHREAD | |
+0x010 LegacyNumber : 0 '' | |
+0x011 NestingLevel : 0 '' | |
. . . | |
+0x3620 ExtendedState : 0x807bf000 _XSAVE_AREA |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment