GitHub - Cr4sh/DbgCb: Engine for communication with remote kernel debugger (KD, WinDbg) from drivers and applications

This repository was archived by the owner on May 14, 2022. It is now read-only.

Cr4sh / DbgCb Public archive

Notifications You must be signed in to change notification settings
Fork 16
Star 37

Engine for communication with remote kernel debugger (KD, WinDbg) from drivers and applications

37 stars 16 forks Branches Tags Activity

Notifications

Name		Name	Last commit message	Last commit date
Latest commit History 5 Commits
_Examples		_Examples
common		common
dbgcb		dbgcb
README.TXT		README.TXT
build_ext.bat		build_ext.bat
dbgcb.dll		dbgcb.dll
dbgcb.pdb		dbgcb.pdb
dbgcb_in_work.png		dbgcb_in_work.png
dbgcb_scheme.png		dbgcb_scheme.png
dbgcb_x64.dll		dbgcb_x64.dll
dbgcb_x64.pdb		dbgcb_x64.pdb
dirs		dirs

Repository files navigation


  DBGCB Engine
    
  by Oleksiuk Dmytro (aka Cr4sh), Esage Lab

  http://d-olex.blogspot.com/
  mailto:[email protected]

================================= 

Engine for communication with remote kernel debugger (WinDBG, KD) from drivers or user mode application.
 
./dbgcb.dll - WinDbg extension, that must be loaded in remote kernel debugger
./common/ - dbgcb client code (can be used in your own applications)
./_Examples/dbgcb_drv.sys - Sample driver
./_Examples/dbgcb_app.exe - Sample user mode application

Engine working scheme: ./dbgcb_scheme.png
Engine with test driver (dbgcb_drv.sys): ./dbgcb_in_work.png


  Currently supported functions (see ./common/dbgcb_api.h):
  
/**
 * Execute debuuger command (IDebugControl::Execute()).
 */
BOOLEAN dbg_exec(PCHAR lpFormat, ...);

/**
 * Evaluate debuuger expression (IDebugControl::Evaluate()).
 */
PVOID dbg_eval(PCHAR lpFormat, ...);

/**
 * Get offset of the some structure field
 */
LONG dbg_field_offset(PCHAR lpFormat, ...);