bits 32

; props to 0pcode for pointing out the usefulness of KdVersionBlock.
find_ntoskrnl_kdversionblock:
;	push byte 0x34
;	pop  ecx
;	mov  eax, [fs:ecx]
	xor  eax, eax
	mov  eax, [fs:eax+0x34]
	mov  eax, [eax+0x10]