No commit message

luffyhwl · Dec 12, 2008 · d6bf60f · d6bf60f
1 parent 04bdc03
commit d6bf60f
Show file tree

Hide file tree

Showing 18 changed files with 636 additions and 359 deletions.
diff --git a/8042/8042.cpp b/8042/8042.cpp
@@ -913,9 +913,12 @@ I8042HookKeyboard(
 // Driver entry point
 NTSTATUS DriverEntry(IN PDRIVER_OBJECT DriverObject, IN PUNICODE_STRING RegistryPath)
 {
-	DriverObject->DriverUnload = DriverUnload;
 	KdPrint(("[~] DriverEntry()\n"));
 
+	return STATUS_UNSUCCESSFUL;
+
+	/*
+	DriverObject->DriverUnload = DriverUnload;
 #if HOOK_ISR
 	OldKbd = GetIOAPICIntVector (1);
 	KdPrint(("KBD %X\n", OldKbd));
@@ -932,4 +935,5 @@ NTSTATUS DriverEntry(IN PDRIVER_OBJECT DriverObject, IN PUNICODE_STRING Registry
 
 	KdPrint(("[+] Driver initialization successful\n"));
 	return STATUS_SUCCESS;
+	*/
 }
diff --git a/8042/8042.res b/8042/8042.res
diff --git a/Disasm.c b/Disasm.c
@@ -17,6 +17,15 @@ SymGlobGetSymbolByAddress(
 	ULONG *SymLen
 	);
 
+ULONG
+SymWrGetNearestSymbolByAddress(
+	PVOID Address,
+	char* Symbol,
+	ULONG *SymLen
+	);
+
+#define SymGlobGetSymbolByAddress SymWrGetNearestSymbolByAddress
+
 BOOL MmIsAddressValid (PVOID);
 
 //extern PVOID pNtSymbols;

diff --git a/command.cpp b/command.cpp
@@ -103,10 +103,14 @@ Environment
 
 			char Symbol[32];
 			ULONG symlen = sizeof(Symbol);
+			ULONG disp = 0;
 
-			if (SymGlobGetSymbolByAddress (ptr, Symbol, &symlen) == 0)
+			if (SymGlobGetNearestSymbolByAddress (ptr, Symbol, &symlen, &disp) == 0)
 			{
-				GuiPrintf("%s:\n", Symbol);
+				if (disp)
+					GuiPrintf("%s + 0x%x\n", Symbol, disp);
+				else
+					GuiPrintf("%s\n", Symbol);
 			}
 
 			ULONG len = InstrDecode (ptr, &instr, FALSE);
@@ -185,6 +189,60 @@ Environment
 	return FALSE;
 }
 
+#include "i8042.h"
+
+__declspec(noreturn)
+VOID
+RebootMachine(
+	)
+
+/*++
+
+Routine Description
+
+	This routine performs reset of the processor by signaling #RESET line
+
+Arguments
+	
+	None
+
+Return Value
+
+	This function does not return
+
+--*/
+
+{
+	do
+	{
+		I8xPutBytePolled (CommandPort, ControllerDevice, FALSE, (UCHAR) I8042_RESET);
+	}
+	while (TRUE);
+}
+
+extern PKTRAP_FRAME TrapFrame;
+
+VOID WriteRegister (char *regname, ULONG Value)
+{
+	     if (!_stricmp (regname, "eax")) TrapFrame->Eax = Value;
+	else if (!_stricmp (regname, "ecx")) TrapFrame->Ecx = Value;
+	else if (!_stricmp (regname, "edx")) TrapFrame->Edx = Value;
+	else if (!_stricmp (regname, "ebx")) TrapFrame->Ebx = Value;
+	else if (!_stricmp (regname, "esi")) TrapFrame->Esi = Value;
+	else if (!_stricmp (regname, "edi")) TrapFrame->Edi = Value;
+	else if (!_stricmp (regname, "ebp")) TrapFrame->Ebp = Value;
+	else if (!_stricmp (regname, "eip")) TrapFrame->Eip = Value;
+	else if (!_stricmp (regname, "efl")) TrapFrame->EFlags = Value;
+	else if (!_stricmp (regname, "cs")) TrapFrame->SegCs = Value;
+	else if (!_stricmp (regname, "ds")) TrapFrame->SegDs = Value;
+	else if (!_stricmp (regname, "es")) TrapFrame->SegEs = Value;
+	else if (!_stricmp (regname, "fs")) TrapFrame->SegDs = Value;
+	else if (!_stricmp (regname, "gs")) TrapFrame->SegGs = Value;
+	else
+	{
+		GuiPrintf("Invalid reg name %s\n", regname);
+	}
+}
 
 VOID
 ProcessCommand(
@@ -247,10 +305,113 @@ Return Value
 		ExceptionShouldBeDispatched = TRUE;
 		StopProcessingCommands = TRUE;
 	}
+	else if (!_stricmp (cmd, "r"))
+	{
+		if (MmIsAddressValid(TrapFrame))
+		{
+			if (nItems == 3)
+			{
+				PVOID Address;
+
+				if(!Sym(output[2], &Address))
+				{
+					GuiPrintf("Could not find symbol %s\n", output[2]);
+				}
+				else
+				{
+					WriteRegister (output[1], (ULONG) Address);
+				}
+			}
+			else
+			{
+				GuiPrintf("%d args not supported for r\n", nItems-1);
+			}
+		}
+		else
+		{
+			GuiPrintf("TrapFrame %X is not valid\n", TrapFrame);
+		}
+	}
+	else if (!_stricmp (cmd, "trap"))
+	{
+		if (MmIsAddressValid(TrapFrame))
+		{
+			GuiPrintf(
+				"Trap frame at %X\n"
+				"DbgArgMark %08X     DbgEbp %08X        DbgEip %08X\n"
+				"Dr0        %08X     Dr1    %08X        Dr2    %08X\n"
+				"Dr3        %08X     Dr6    %08X        Dr7    %08X\n"
+				"SegGs      %08X     SegEs  %08X        SegDs  %08X\n"
+				"Edx        %08X     Ecx    %08X        Eax    %08X\n"
+				"PrevMode   %08X    ExcList %08X        SegFs  %08X\n"
+				"Edi        %08X     Esi    %08X        Ebx    %08X\n"
+				"Ebp        %08X    ErrCode %08X        Eip    %08X\n"
+				"SegCs           %08X       EFlags          %08X\n"
+				"HardwareEsp     %08X       HardwareSegSs   %08X\n"
+				,
+				TrapFrame, TrapFrame->DbgArgMark, TrapFrame->DbgEbp,
+				TrapFrame->DbgEip, TrapFrame->Dr0, TrapFrame->Dr1,
+				TrapFrame->Dr2, TrapFrame->Dr3, TrapFrame->Dr6, TrapFrame->Dr7,
+				TrapFrame->SegGs, TrapFrame->SegEs, TrapFrame->SegDs,
+				TrapFrame->Edx, TrapFrame->Ecx, TrapFrame->Eax,
+				TrapFrame->PreviousPreviousMode, TrapFrame->ExceptionList, TrapFrame->SegFs,
+				TrapFrame->Edi, TrapFrame->Esi, TrapFrame->Ebx,
+				TrapFrame->Ebp, TrapFrame->ErrCode, TrapFrame->Eip,
+				TrapFrame->SegCs, TrapFrame->EFlags,
+				TrapFrame->HardwareEsp, TrapFrame->HardwareSegSs
+			);
+
+		}
+		else
+		{
+			GuiPrintf("TrapFrame %X is not valid\n", TrapFrame);
+		}
+	}
+	else if (!_stricmp (cmd, "bugcheck"))
+	{
+		ULONG Code = 0xE2, Par1=0, Par2=0, Par3=0, Par4=0;
+
+		if (nItems > 1)
+			Code = hextol (output[1]);
+
+		if (nItems > 2)
+			Par1 = hextol (output[2]);
+
+		if (nItems > 3)
+			Par2 = hextol (output[3]);
+
+		if (nItems > 4)
+			Par3 = hextol (output[4]);
+
+		if (nItems > 5)
+			Par4 = hextol (output[5]);
+
+		KeBugCheckEx (Code, Par1, Par2, Par3, Par4);
+	}
 	else if (!_stricmp (cmd, "g"))
 	{
 		StopProcessingCommands = TRUE;
 	}
+	else if (!_stricmp (cmd, "?"))
+	{
+		PVOID Address;
+
+		if (nItems < 2)
+		{
+			GuiTextOut("This command requires an argument\n");
+		}
+		else
+		{
+			if (!Sym(output[1], &Address))
+			{
+				GuiPrintf("Could not find symbol %s\n", output[1]);
+			}
+			else
+			{
+				GuiPrintf("%s = %x\n", output[1], Address);
+			}
+		}
+	}
 	else if (!_stricmp (cmd, "dd"))
 	{
 		PVOID Address;
@@ -278,18 +439,19 @@ Return Value
 			{
 				char Symbol[32];
 				ULONG symlen = sizeof(Symbol);
+				ULONG disp = 0;
 
-				if (SymGlobGetSymbolByAddress (ptr, Symbol, &symlen) == 0)
-				{
-					GuiPrintf("%s:\n%08X : %08X %08X %08X %08X\n",
-						Symbol, ptr, ptr[0], ptr[1], ptr[2], ptr[3]);
-				}
-				else
+				if (SymGlobGetNearestSymbolByAddress (ptr, Symbol, &symlen, &disp) == 0)
 				{
-					GuiPrintf("%08X : %08X %08X %08X %08X\n",
-						ptr, ptr[0], ptr[1], ptr[2], ptr[3]);
+					if (disp)
+						GuiPrintf("%s + 0x%x\n", Symbol, disp);
+					else
+						GuiPrintf("%s\n", Symbol);
 				}
 
+				GuiPrintf("%08X : %08X %08X %08X %08X\n",
+					ptr, ptr[0], ptr[1], ptr[2], ptr[3]);
+
 				ptr += 4;
 			}
 
@@ -324,6 +486,10 @@ Return Value
 
 		GuiTextOut ("End of dump\n");
 	}
+	else if (!_stricmp(cmd, "reboot"))
+	{
+		RebootMachine ();
+	}
 	else if (!_stricmp(cmd, "prcb"))
 	{
 		PKPCR Pcr = (PKPCR) KIP0PCRADDRESS;
@@ -371,14 +537,19 @@ Return Value
 		GuiTextOut (
 			"NGdbg debugger command help\n"
 			"Available commands:\n"
-			" u ADDRESS       display disassemble dump at the specified address\n"
-			" dd ADDRESS      display raw ULONG dump at the specified address\n"
-			" db ADDRESS      display raw UCHAR dump at the specified address\n"
-			" prcb            display KPRCB dump <NOT IMPLEMENTED>\n"
+			" u [ADDRESS]     display disassemble dump at the specified address\n"
+			" dd [ADDRESS]    display raw ULONG dump at the specified address\n"
+			"< db ADDRESS      display raw UCHAR dump at the specified address>\n"
+			" prcb            display KPRCB dump\n"
 			" g               go (if within exception, does not handle it)\n"
-			" de              dipatch the exception\n"
+			" de              dispatch the exception\n"
 			" i3hereuser B    sets action for usermode INT3's (B = 0 or 1)\n"
 			" i3herekernel B  sets action for kernelmode INT3's (B = 0 or 1)\n"
+			" r reg value     set register value\n"
+			" ? exp           evaluate expression (only symbols supported)\n"
+			" trap            show caller's trap frame\n"
+			" bugcheck c 1234 crash system with code c and params 1,2,3,4\n"
+			" reboot          reboot machine\n"
 			);
 	}
 	else

diff --git a/dbgeng.cpp b/dbgeng.cpp
@@ -14,6 +14,8 @@
 #include "ldasm.h"
 #include "winnt.h"
 
+
+
 PVOID
 SetVector(
   IN UCHAR Interrupt,
@@ -713,6 +715,8 @@ Environment
 	return Dispatch.Status;
 }
 
+PKTRAP_FRAME TrapFrame;
+
 //
 // This routine replaces general KiDebugRoutine
 //
@@ -773,6 +777,8 @@ Return Value:
 //		TrapFrame, ExceptionFrame, ExceptionRecord, ContextRecord, PreviousMode, SecondChance
 //		));
 
+	::TrapFrame = TrapFrame;
+
 	if (ExceptionRecord->ExceptionCode == STATUS_ACCESS_VIOLATION)
 	{
 		NTSTATUS Status;

diff --git a/i8042.h b/i8042.h
@@ -52,6 +52,7 @@
 #define I8042_WRITE_TO_AUX_DEVICE	0xD4		// Write to auxiliary device
 #define I8042_DISABLE_A20_CONTROL	0xDD		// Enable A20 line control
 #define I8042_ENABLE_A20_CONTROL	0xDF		// Disable A20 line contol
+#define I8042_RESET					0xFE
 
 //
 // 8042 controller command byte (read/write by commands 20h/60h)