void run()
{
while (debugger_active == true)
{
get_debug_event();
}
}
void handle_command(struct drpc_packet *pkt, char *buf)
{
unsigned long pid;
unsigned long tid;
unsigned long addr;
unsigned long len;
unsigned long sel;
unsigned long flags;
unsigned long n;
CONTEXT *ctxt;
// Validate request
if (pkt->startmark != startmark) logmsg("WARNING: unexpected startmark %08X\n", pkt->startmark);
if (pkt->reserved1 != 0) logmsg("WARNING: reserved1 is %08X\n", pkt->reserved1);
if (pkt->reserved2 != 0) logmsg("WARNING: reserved2 is %08X\n", pkt->reserved2);
if (pkt->result != 0) logmsg("WARNING: result is %08X\n", pkt->result);
// Execute command
switch (pkt->cmd)
{
case DRPC_GET_SYSTEM_VERSION:
logmsg("COMMAND GetSystemVersion: spnamelen=%d, buildnamelen=%d\n", *(unsigned long *) (buf + 0), *(unsigned long *) (buf + 8));
get_system_version(pkt, buf);
break;
case DRPC_DEBUG_BREAK:
tid = *(unsigned long *) (buf + 0);
logmsg("COMMAND DebugBreak hthread=%08X\n", tid);
pkt->result = E_FAIL;
break;
case DRPC_GET_HOST_INFO:
logmsg("COMMAND GetHostInfo: hostlen=%d, transportlen=%d\n", *(unsigned long *) (buf + 0), *(unsigned long *) (buf + 8));
get_host_info(pkt, buf);
break;
case DRPC_GET_CPU_INFO:
logmsg("COMMAND GetCpuInfo: maxlen=%d\n", *(unsigned long *) buf);
get_cpu_info(pkt, buf);
break;
case DRPC_GET_PROCESS_LIST:
logmsg("COMMAND GetProcessList: maxpids=%d\n", *(unsigned long *) buf);
get_process_list(pkt, buf);
break;
case DRPC_GET_PROCESS_NAME:
pid = *(unsigned long *) buf;
logmsg("COMMAND GetProcessName pid=%d:\n", pid);
get_process_name(pkt, buf);
break;
case DRPC_DEBUG_PROCESS:
pid = *(unsigned long *) buf;
logmsg("COMMAND DebugProcess pid=%d (%08X):\n", pid, pid);
pkt->result = E_FAIL;
break;
case DRPC_OPEN_PROCESS:
pid = *(unsigned long *) buf;
flags = *(unsigned long *) (buf + 8);
logmsg("COMMAND OpenProcess pid=%d (%08X) flags=%08X:\n", pid, pid, flags);
open_process(pkt, buf);
break;
case DRPC_CREATE_PROCESS:
pid = *(unsigned long *) buf;
logmsg("COMMAND CreateProcess: cmd=%S flags=%08X:\n", buf, *(unsigned long *)(buf + pkt->reqlen - 4));
pkt->result = E_FAIL;
break;
case DRPC_READ_PROCESS_MEMORY:
pid = *(unsigned long *) (buf + 0);
addr = *(unsigned long *) (buf + 8);
len = *(unsigned long *) (buf + 16);
logmsg("COMMAND ReadProcessMemory hproc=%08X addr=%08x len=%d:\n", pid, addr, len);
read_memory(pkt, buf);
break;
case DRPC_WRITE_PROCESS_MEMORY:
pid = *(unsigned long *) (buf + 0);
addr = *(unsigned long *) (buf + 8);
len = *(unsigned long *) (buf + 16);
logmsg("COMMAND WriteProcessMemory hproc=%08X addr=%08x len=%d:\n", pid, addr, len);
write_memory(pkt, buf);
break;
case DRPC_SUSPEND_THREAD:
len = *(unsigned long *) (buf + 0);
logmsg("COMMAND SuspendThread: hthread=");
for (n = 0; n < len; n++)
{
tid = *(unsigned long *) (buf + 8 + n * 8);
logmsg(" %08X", tid);
}
logmsg("\n");
suspend_threads(pkt, buf);
break;
case DRPC_RESUME_THREAD:
len = *(unsigned long *) (buf + 0);
logmsg("COMMAND ResumeThread: hthread=");
for (n = 0; n < len; n++)
{
tid = *(unsigned long *) (buf + 8 + n * 8);
logmsg(" %08X", tid);
}
logmsg("\n");
resume_threads(pkt, buf);
break;
case DRPC_GET_THREAD_CONTEXT:
tid = *(unsigned long *) (buf + 0);
flags = *(unsigned long *) (buf + 8);
len = *(unsigned long *) (buf + 16);
logmsg("COMMAND GetThreadContext hthread=%08X context=%08x len=%d:\n", tid, flags, len);
get_context(pkt, buf);
break;
case DRPC_SET_THREAD_CONTEXT:
tid = *(unsigned long *) (buf + 0);
len = *(unsigned long *) (buf + 8);
ctxt = (CONTEXT *) (buf + 12);
logmsg("COMMAND SetThreadContext hthread=%08X eax=%08x len=%d:\n", tid, ctxt->Eax, len);
set_context(pkt, buf);
break;
case DRPC_GET_PEB_ADDRESS:
pid = *(unsigned long *) (buf + 0);
logmsg("COMMAND GetPebAddress hproc=%08X:\n", pid);
get_peb_address(pkt, buf);
break;
case DRPC_GET_THREAD_SELECTOR:
tid = *(unsigned long *) (buf + 0);
sel = *(unsigned long *) (buf + 8);
len = *(unsigned long *) (buf + 12);
logmsg("COMMAND GetThreadSelector hthread=%08X selector=%08x len=%08x:\n", tid, sel, len);
get_thread_selector(pkt, buf);
break;
case DRPC_GET_DEBUG_EVENT:
logmsg("COMMAND GetDebugEvent %08X %08X:\n", *(unsigned long *) buf, *(unsigned long *) (buf + 4));
get_debug_event(pkt, buf);
break;
case DRPC_CONTINUE_DEBUG_EVENT:
flags = *(unsigned long *) buf;
if (flags == 0x00010001)
logmsg("COMMAND ContinueDebugEvent: DBG_EXCEPTION_HANDLED\n");
else if (flags == 0x00010002)
logmsg("COMMAND ContinueDebugEvent: DBG_CONTINUE\n");
else
logmsg("COMMAND ContinueDebugEvent: %08X\n", flags);
break;
case 0x0000C001:
logmsg("COMMAND 0000C001\n");
pkt->result = dbg_state;
break;
case 0x0004C002:
logmsg("COMMAND 0004C002\n");
*(unsigned long *) buf = 5;
break;
default:
logmsg("COMMAND %08X ??? (reqlen=%d, rsplen=%d):\n", pkt->cmd, pkt->reqlen, pkt->rsplen);
if (pkt->reqlen > 0)
{
logmsg("reqdata: ");
dump_data(stdout, buf, pkt->reqlen > 256 ? 256 : pkt->reqlen, 4, NULL);
if (logfile) dump_data(logfile, buf, pkt->reqlen, 4, NULL);
}
pkt->result = E_FAIL;
}
pkt->cmd |= 0x00010000;
}