void readMemoryCallBack(DBGKD_MANIPULATE_STATE64* request){
uint64_t base = request->u.ReadMemory.TargetBaseAddress;
uint32_t count = request->u.ReadMemory.TransferCount;
uint8_t buffer[MAX_KDNET_PKTLEN];
memset(buffer, 0, MAX_KDNET_PKTLEN);
uint16_t pkt_size = 8+16+16+(sizeof(DBGKD_READ_MEMORY64)-1)+count;
KDNET_POST_HEADER* tmp = (KDNET_POST_HEADER*)buffer;
tmp->PacketPadding = roundup16(pkt_size)-pkt_size;
KD_PACKET_HEADER* tmp_kdnet_pkt = (KD_PACKET_HEADER*)(buffer+sizeof(KDNET_POST_HEADER));
tmp_kdnet_pkt->Signature = 0x30303030;
tmp_kdnet_pkt->PacketType = 0x0002;
tmp_kdnet_pkt->DataSize = pkt_size-16-8; //-header(KDNET_POST_HEADER)-header(KD_PACKET_HEADER)
tmp_kdnet_pkt->PacketID = tmpID;
tmpID++;
tmpID++;
DBGKD_MANIPULATE_STATE64* tmp_manipulate_state = (DBGKD_MANIPULATE_STATE64*)&tmp_kdnet_pkt->PacketBody[0];
tmp_manipulate_state->ApiNumber = DbgKdReadVirtualMemoryApi;
tmp_manipulate_state->ProcessorLevel = request->ProcessorLevel;
tmp_manipulate_state->Processor = request->Processor;
tmp_manipulate_state->ReturnStatus = 0x0;
tmp_manipulate_state->Padding = 0x0;
DBGKD_READ_MEMORY64* tmp_read_memory = &tmp_manipulate_state->u.ReadMemory;
tmp_read_memory->TargetBaseAddress = base;
tmp_read_memory->TransferCount = count;
tmp_read_memory->ActualBytesRead = count;
tmp_read_memory->Unknown1 = request->u.ReadMemory.Unknown1; //TODO: hu ?
tmp_read_memory->Unknown2 = request->u.ReadMemory.Unknown2; //TODO: hu ?
tmp_read_memory->Unknown3 = request->u.ReadMemory.Unknown3; //TODO: hu ?
tmp_read_memory->Unknown4 = request->u.ReadMemory.Unknown4; //TODO: hu ?
tmp_read_memory->Unknown5 = request->u.ReadMemory.Unknown5; //TODO: hu ?
tmp_read_memory->Unknown6 = request->u.ReadMemory.Unknown6; //TODO: hu ?
//TODO: callback !
readVirtualMemory(base, count, tmp_read_memory->Data);
//Compute checksum
tmp_kdnet_pkt->Checksum = checksumKD_PACKET(tmp_kdnet_pkt, pkt_size-8);
printf("\n\n[!] Send Packet !\n");
printHexData(buffer, roundup16(pkt_size));
printKD_PACKET(tmp_kdnet_pkt);
sendDataPkt(buffer, roundup16(pkt_size));
}
STDMETHODIMP MachineDebuggerWrap::ReadVirtualMemory(ULONG aCpuId,
LONG64 aAddress,
ULONG aSize,
ComSafeArrayOut(BYTE, aBytes))
{
LogRelFlow(("{%p} %s:enter aCpuId=%RU32 aAddress=%RI64 aSize=%RU32 aBytes=%p\n", this, "MachineDebugger::readVirtualMemory", aCpuId, aAddress, aSize, aBytes));
VirtualBoxBase::clearError();
HRESULT hrc;
try
{
CheckComArgOutPointerValidThrow(aBytes);
AutoCaller autoCaller(this);
if (FAILED(autoCaller.rc()))
throw autoCaller.rc();
hrc = readVirtualMemory(aCpuId,
aAddress,
aSize,
ArrayOutConverter<BYTE>(ComSafeArrayOutArg(aBytes)).array());
}
catch (HRESULT hrc2)
{
hrc = hrc2;
}
catch (...)
{
hrc = VirtualBoxBase::handleUnexpectedExceptions(this, RT_SRC_POS);
}
LogRelFlow(("{%p} %s: leave aBytes=%zu hrc=%Rhrc\n", this, "MachineDebugger::readVirtualMemory", ComSafeArraySize(*aBytes), hrc));
return hrc;
}
