Search the Community
Showing results for tags 'native'.
-
Usually I don't post things like this, but because KiFastSystemCall hooking only works on x86 systems and doesn't work on Windows 8 or above, it no longer has much use in malware. There are also multiple public implementations for this method, just not very elegant, which I hope to correct. If you haven't read my previous article about this topic, or need a refresher, you can find it here. Performing a System Call KiFastSystemCall has a very strange calling convention (if you can call it that). Each native function (Ex: NtCreateFile) corresponds to a function with the same name in the SSDT. In order to make the transition from user mode to kernel mode, the instruction "sysenter" is used. I don't want to go into great detail on how the sysenter instruction actually enters kernel mode, as that would take up the entire page, but I'll explain the basics: The SSDT is an array of addresses for each native function. The number you see being moved into the eax register is known as its ordinal, and is the position within the SSDT where that functions address is located. When the sysenter instruction is executed the kernel reads the ordinal from eax and uses it to call the corresponding function in the SSDT, before returning execution to usemode. Something important to note is that the native function simply calls KiFastSystemCall and doesn't even set up a stack frame, meaning the address of the first parameter can only be accessed using [esp+8], so we can't just hook KiFastSystemCall with a C function, as this matches no standard calling convention (which is what makes the method so tricky to implement). Dispatching Calls Since the last article I've improved on the dispatching method, which now has two purposes: Determining which native function made the call to KiFastSystemCall, so we can properly handle it. Setting up the stack in such a way that we can access the parameters using plain C. Dispatching Normally we'd hook each individual function we want to intercept with a single handler (proxy), but all native functions call KiFastSystemCall, so we need to think differently. As I explained earlier, the SSDT is an array of addresses and the ordinal (which is in eax when KiFastSystemCall is invoked), corresponds to the position of that function's address within the SSDT. Using this knowledge we can do the same: We create an array of addresses for the the proxy functions and use the ordinal to locate the correct handler using the ordinal in eax. For our SSDT each entry will be 8 bytes, so the handler needs to be placed at our_ssdt[2*ordinal] (in order to get the ordinal for a native function we just read 4 bytes starting at the 2nd byte of the function). You're probably wondering why each entry for our SSDT is 8 bytes, instead of 4; this is because in order to set up the stack before calling the proxy, we need to know how many parameters were passed to KiFastSystemCall (we store the proxy address as the first 4 bytes and the number of parameter as the rest). Preparing the Stack When KiFastSystemCall is invoked, there are two return addresses between the stack pointer and the function parameters (the return from KiFastSystemCall to the native function and the return from the native function). In order to call the proxy function we will get the number of parameter for the function from our_ssdt[2*ordinal+4] and push them to the stack again, in stdcall format (the proxy function is responsible for removing them from the stack). The last thing that is pushed to the stack before we call the proxy is the eax register (the ordinal), we will need this later if we wish to call the original, non hooked, version of KiFastSystemCall. The Code FstHook - This is my own C library which allows a program to easily hook any number of native function using a single hook on KiFastSystemCall. https://github.com/MalwareTech/FstHook/ Source
-
Native Instruments West Africa 1.3 KONTAKT Native Instruments West Africa 1.3 KONTAKT | 1.43 GB The latest release in Native Instruments DISCOVERY SERIES focuses on the rich and profoundly influential traditions of West Africa. This KOMPLETE Instrument features a collection of beautifully sampled percussion and melodic instruments, playable individually or as customizable ensembles with highly inspirational pre-programmed patterns. The rhythms of all percussion instruments are also easily editable via the built-in sequencer for instant polyrhythmic groove creation. This instrument is truly a magnificent addition for producers of contemporary and traditional music. DISTINCTIVE INSTRUMENTS DISCOVERY SERIES: WEST AFRICA features percussion instruments including djembe, dunun and bells, which can be used in the ensemble. Additionally included are the calabash and krin, which can be used as solo instruments. Pitched instruments recreate the unique melodies of the kora, ngoni, bolon, balafon, and fula flute. The sounds of each instrument have been carefully sampled in high detail, with the possibility to change between traditional and chromatic scales for pitched instruments. WEST AFRICA is an authentic and easy-to-use tool for producing modern rhythms with timeless traditional sounds. Instrument detail page... INSTANT POLYRHYTHMS The roots and conventions of West African music involve a number of instruments playing together to produce complex polyrhythmic textures. DISCOVERY SERIES: WEST AFRICA allows for the easy recreation of traditional ensemble playing with one touch of the play button. The included 74 pre-programmed ensemble patterns give you instant access to stunning rhythms and melodies, easily triggered with one key, while another key triggers additional solos, fills, and single hits. The percussion patterns are also fully customizable with a visual pattern based sequencer and groove controls. When used within a host, the internal sequencer can be synchronized with the tempo and song position. GLOBAL INFLUENCE African musical traditions and West African percussion in particular have long been accepted as the roots of many contemporary musical styles. The influence of African music is felt in the rhythms and motifs of blues, rock, soul, funk, hip-hop, disco and house. African music has become a source of genuine creative inspiration for forward-thinking producers across the globe. Renowned producers and musicians from some of the world?s biggest bands have forged strong links with West African music and musicians, while cutting-edge artists producing house, techno, dubstep and UK funky draw directly from the percussive power of the region. West African artists are also seeing a rise in popularity in Europe and the US, with a new generation of fans exploring the musical cultures of one of the world?s most fertile musical regions. DOWNLOAD LINKS: http://u22088411.letitbit.net/download/00458.0ebd953f412513f768c76cffb754/WestAfrica13.part1.rar.html http://u22088411.letitbit.net/download/11821.1c9cb40825e454ff325f0c3d21f1/WestAfrica13.part2.rar.html http://u22088411.letitbit.net/download/86132.84df27e004f542a193b6b0c2e5f4/WestAfrica13.part3.rar.html http://rapidgator.net/file/a4aa9aa593453907af26482b44f436b0/WestAfrica13.part1.rar.html http://rapidgator.net/file/8c6727b61d101a28d11479feb1501bc1/WestAfrica13.part2.rar.html http://rapidgator.net/file/06fe35a308e1fd1f0206d0c967a05212/WestAfrica13.part3.rar.html http://uploaded.net/file/dfmz9kmn/WestAfrica13.part1.rar http://uploaded.net/file/mgsrvqmg/WestAfrica13.part2.rar http://uploaded.net/file/irj4eujo/WestAfrica13.part3.rar http://u18391561.shareflare.net/download/65987.63e88c2f9cec6512d119185dba54/WestAfrica13.part1.rar.html http://u18391561.shareflare.net/download/12116.1cfbda1fb933b72809ebb4d87a64/WestAfrica13.part2.rar.html http://u18391561.shareflare.net/download/65077.64c4d21e16c2e604b2f6ba74a61f/WestAfrica13.part3.rar.html
-
- africa
- instruments
-
(and 3 more)
Tagged with:
-
Native Instruments George Duke Soul Treasure 1.3.0 Update + Library Native Instruments George Duke Soul Treasure 1.3.0 Update + Library | 3.58 GB This update came out two days ago. Thought id provide it to you all. More NI stuff to come as it is released. I included the full library in case anyone didnt have it yet, as the update wont do any good if you dont have it. What's New in 1.3? Added advance integration with KOMPLETE KONTROL. A PERFECT STARTING POINT GEORGE DUKE SOUL TREASURES is a treasure trove for producers looking for instant soul for their tracks. Exclusively recorded for Native Instruments by American soul and jazz legend George Duke, over 500 soul-drenched keyboard loops are ready to go, and without the need to dig for samples through crates of dusty vinyl. All loops are perfectly sliced and tempo-synced, and you can easily edit and re-arrange all slices to create countless phrase variations - providing an immediate harmonic basis without requiring advanced musicianship for your hip-hop, R&B or soulful electronic tracks. This instrument runs in the latest version of KONTAKT or the free KONTAKT PLAYER. STUDIO SOUL This instrument contains acoustic, Rhodes, Wurlitzer and Clavinet pianos recorded by George Duke and his personal engineer Erik Zobler, using highly sought-after vintage equipment. Two version of each phrase are available - clean and 'Tubes & Tapes'. The signal was routed through various analog outboard gear before finally being sent through a Requisite Audio tube optical limiter, and recorded to an Ampex analog tape - adding that authentic, warm, soul brother flavor. Check out the Tubes and Tapes recording chains… FLEXIBLE EDITING AND REARRANGING Each phrase is divided into several slices, which can be triggered individually from any point in the loop, making it easy to re-arrange and create countless variations. Sound parameters like tune, volume, attack and stretch can be adjusted on the fly with every step visible via the Waveform Display. Timing is flexible - KONTAKT's timestretching delivers pleasingly smooth results. You can also drag and drop a MIDI file into your host sequencer - including the timing information for triggering the slices - giving you maximum flexibility when building and finalizing the tracks in a DAW. Eight different filter types and studio-quality convolution reverb and provide additional sonic possibilities, with each effect chain triggerable via a MIDI keyboard. DOWNLOAD LINKS: http://u19822771.letitbit.net/download/41264.49d0353024a13ea49ba21741ae1b/GeorgeDuke.part1.rar.html http://u19822771.letitbit.net/download/41943.4659001a75a7bebe7fd3d1f60f08/GeorgeDuke.part2.rar.html http://u19822771.letitbit.net/download/16556.1a596cc3596504f933535972727a/GeorgeDuke.part3.rar.html http://u19822771.letitbit.net/download/89354.8af0815353d96ca5867c0e2776d7/GeorgeDuke.part4.rar.html http://uploaded.net/file/ltxkkpmh/GeorgeDuke.part1.rar http://uploaded.net/file/101gqp7d/GeorgeDuke.part2.rar http://uploaded.net/file/1oxwtvva/GeorgeDuke.part3.rar http://uploaded.net/file/9vpqhpvt/GeorgeDuke.part4.rar http://rapidgator.net/file/009b2c1f419649843025774b5fb96555/GeorgeDuke.part1.rar.html http://rapidgator.net/file/efa3de10767cc7afce693e555da89da1/GeorgeDuke.part2.rar.html http://rapidgator.net/file/55a027edd04032f98e275e383945e110/GeorgeDuke.part3.rar.html http://rapidgator.net/file/021a169f2d12e7d6ead507d20b3d7ff7/GeorgeDuke.part4.rar.html http://www.uploadable.ch/file/guEz2ETMQQRZ/GeorgeDuke.part1.rar http://www.uploadable.ch/file/FyMwxMSZBr4n/GeorgeDuke.part2.rar http://www.uploadable.ch/file/jV63pdfQKjTs/GeorgeDuke.part3.rar http://www.uploadable.ch/file/UtWGyG6C93Ve/GeorgeDuke.part4.rar