ResumeCTF Writeups

The I/O Manager & The Process and Thread Manager

The I/O Manager

  • Provides access to I/O devices through device drivers

  • Main purpose of drivers is to implement a filesystem

  • Supports other kinds of drivers (for keyboards, video cards, etc.) but they are really just filesystem drivers in disguise

  • Creates an entry in the Driver directory for every driver

    • You can only list the contents of this directory if you are an admin

  • Drivers are responsible for creating new Device objects using the IoCreateDevice API

  • Unlike Linux and other operating systems, Windows does not implement core network protocols like TCP/IP using built-in system calls.

    • Windows uses the Ancillary Function Driver (AFD), which provides access to networking services for an application.

The Process and Thread Manager

PreviousQuery and Set Information System CallsNextThe Memory Manager

Last updated