Cracking 1

home *** CD-ROM | disk | FTP | other *** search

/ Cracking 1 / Cracking I..iso / Tools / Debuggery / TRW2000 / PLUGSDK / README.TXT < prev

Wrap

Text File | 2000-02-25 | 5.6 KB | 196 lines

------------------------------------------------- Introduce Plug-ins for TRW2000 ------------------------------------------------- Plug-ins is a extension part of TRW2000. It work with kernel of TRW2000 and other Plug-ins to provide more function for user. Plug-ins is dynamic-link with kernel of TRW2000, this means that it's NOT a internal component, it can be instead. Plug-ins is flexible, it can go to any target by easy design, for example, display driver is written as Plug -ins. In other words, you can develop special debugger but not need to develop driver, disassemble, assemble, screen-interface... Cracker can get more help from this important property. ------------------------------------------------- Starting to develop your Plug-ins... ------------------------------------------------- You must have some tools to develop Plug-ins. You need: Visual C++( recommend 6.0 ) Win98DDK. If you haven't it, never mind, download it freely from http://www.microsoft.com/ddk Warning: YOU MUST MODIFY FILE I386MK.INC (locate at <98DDK Directory>\INC), 1.Search STDFLAGS= /c /Zel /Zp8 /Gy ..., modify /Zp8 to /Zp1. 2.{i386\}.asm{$(_OBJ_DIR)\i386\}.obj: $(386_ASSEMBLER) -Fo$(MAKEDIR)\$@ $< change it to: .asm{$(_OBJ_DIR)\i386\}.obj: $(386_ASSEMBLER) -Fo$(MAKEDIR)\$@ $< Then, click icons "Check" or "Free" environment in Windows start menu, Ok, we can start! ------------------------------------------------- Compile reference : ------------------------------------------------- The extension name of Plug-ins is .SYS, it's a WDM driver in fact. Before you start, you must have other two files in the same directory as the source code located at that you will use: MAKEFILE and SOURCES ( no extension name ) . MAKEFILE is following as below : ########################################################### # # Microsoft Confidential # Copyright (C) Microsoft Corporation 1995 # All Rights Reserved. # # MAKEFILE for WDM device driver kit # ########################################################### # # DO NOT EDIT THIS FILE!!! Edit .\sources. if you want to add a new source # file to this component. This file merely indirects to the real make file # that is shared by all the driver components of the Windows NT DDK # !INCLUDE $(NTMAKEENV)\makefile.def SOURCES is following as below : TARGETNAME=xxxx TARGETTYPE=DRIVER DRIVERTYPE=WDM TARGETPATH=. BLDCRT=1 INCLUDES=$(BASEDIR)\inc SOURCES=xxxx.CPP( xxxx_2.CPP, xxxx_3.CPP... ) I386_SOURCES=xxxx.ASM( xxxx_2.ASM, xxxx_3.ASM... ) ( xxxx is the name of your Plug-ins ) If you have these files, you type "BUILD" in command line to create a WDM. If you choose "Checked Environment", it will make a debug-WDM in driectory <SOURCES driectory\I386\Checked. If you choose "Free Environment", it will make a Release-WDM in <SOURCES driectory\I386\Free. The complie result will be log in file BUILD.LOG, the error message will be log in file BUILD.ERR and warning message will be log in file BUILD.WRN in the same directory as SOURCES. You can run tool "BUILD" (include in Win98DDK) to compile and link Plug-ins. But, there is a strange problem: BUILD compiled your CPP and create directory ..\I386, but, it NOT create directory ..\I386\Checked and ..\I386\Free, it will show some error message and fail to like. The best simple resolving method is: creating directory by yourself. And, if you have a release-WDM, Warning: It include symbol yet. To resolve it, you must do: DUMPBIN /HEADERS xxxx.sys |MORE record the map-base address of OPTIONAL HEADER VALUES, normally it is 0x10000. Use command " REBASE -B 0x10000 -X .\Symbol xxxx.sys " to remove the symbol. If you want to get more information, visit related web and newsgroup. Reference: Art Baker: The Windows NT Device Driver Book: A Guide for Programmers, 1997, published by Prentics Hall, INC. The best simple method is copy/paste the sample's MK.BAT and SOURCES and MAKEFILE as the starting of your plug-ins. ------------------------------------------------- Plug-ins refernce ------------------------------------------------- Let us begin the first Plug-ins. Every Plug-ins must have determinate format following as below: // This file extension name must be .CPP . extern "C" { #include <wdm.h> } // It define WDM . #include "..\INCLUCE\PLUGS.H" // It define the data type and functin prototype . extern "C" NTSTATUS DriverEntry(IN PDRIVER_OBJECT DriverObject, IN PUNICODE_STRING RegistryPath); VOID Plugs_Unload(IN PDRIVER_OBJECT DriverObject); extern "C" NTSTATUS DriverEntry(IN PDRIVER_OBJECT DriverObject, IN PUNICODE_STRING RegistryPath) { NTSTATUS ntStatus = STATUS_SUCCESS; DriverObject->DriverUnload = Plug-ins_Unload; return ntStatus; } VOID Plug-ins_Unload(IN PDRIVER_OBJECT DriverObject) { } // These are WDM format , every Plug-ins has the same // code . /************ Plug-ins Init and Exit routine **************/ PLUGS_API* api = 0; // This is TRW2000 API pointer . Plug-ins call TRW2000's API // must like this : // // TRW2000_api->Get_TRW2000_Version ( ) ; // EXC EXPORT BOOL Plugs_Init ( PLUGS_API* plugsapi ) { TRW2000_api = api; // add your code. return TRUE; // If Return FALSE this Plug-ins will not be load. } EXC EXPORT BOOL Plugs_Exit ( ) { // add your code. return TRUE; // Must return TRUE. } Ok, if you have problem remaining, see example Plug-ins. End Copyright(C) 2000. KnlSoft. Inc. http://www.knlsoft.com