typedef struct { DWORD PlugVersion; // Function Export! //--------------------------------------------- // Hook VOID (__stdcall*hook)( PPHOOKER hHook, PVOID hookproc, BYTE priority ); VOID (__stdcall*unhook)( PPHOOKER hHook, PVOID hookproc ); VOID (__stdcall*unhookall)( PPHOOKER hHook ); BOOL (__cdecl *Call_Hookproc)( PPHOOKER hHook, ... ); BOOL (__stdcall*Call_Hookproc0)( PPHOOKER hHook ); VOID (__cdecl *Broadcast_Hookproc)( PPHOOKER hHook, ... ); VOID (__stdcall*Broadcast_Hookproc0)( PPHOOKER hHook ); //--------------------------------------------- // String int (__stdcall*strlen)(char *str); int (__stdcall*stricmp)(PSTR dst,PSTR src); PSTR (__stdcall*strcat)( PSTR p1,PSTR p2); PSTR (__stdcall*strcpy)( PSTR p1,PSTR p2); int (__stdcall*memcmp)( PVOID buf1, PVOID buf2, size_t count ); int (__stdcall*strcmp)( PSTR p1,PSTR p2); PSTR (__stdcall*strchr)( PSTR p1,CHAR c); PSTR (__stdcall*strrchr)( PSTR p1,CHAR c); PSTR (__stdcall*strstr)( PSTR p1,PSTR p2); PVOID (__stdcall*memset) ( PVOID p1,char c,size_t i); PVOID (__stdcall*memcpy)( PVOID p1,PVOID p2,size_t n); BOOL (__stdcall*strcmp_wild)(PSTR s,PSTR wild); // return FALSE if string coin int (__stdcall*memicmp)(PVOID first,PVOID last,size_t count); PSTR (__stdcall*strncpy)(PSTR p1,PSTR p2,size_t n); PSTR (__stdcall*strupr)( PSTR p1 ); PSTR (__stdcall*new_STRING)(PSTR p); DWORD (__cdecl *vsprintf)( PSTR Buf, PSTR Format, va_list ap ); DWORD (__cdecl *sprintf)( PSTR Buf, PSTR Format, ... ); //--------------------------------------------- // Momory void* (_stdcall*malloc)(size_t s); void (_stdcall*free)(void* p); void* (_stdcall*realloc)(void* p,size_t s); //--------------------------------------------- // Symbol PPHOOKER hh_get_module_area; // BOOL hookproc(ADDRE addr, PSTR* area ), PPHOOKER hh_symbol_to_address; // BOOL hookproc(PSTR Sym, ADDRE *paddr) PPHOOKER hh_Addr_to_symbol; // BOOL hookproc(ADDRE addr,PSTR *sym,DWORD *limit) //*limit is the input limit, do not set it unlese you find a symbol //return TRUE only if you get it exactly, with *limit=0 PSTR (__stdcall*AddressToSymbol)( IN PADDRE addr ); PSTR (__stdcall*GetSymbol)( IN PADDRE addr, DWORD Limit ); PSTR (__stdcall*GetSymbolArea)( IN PADDRE addr ); BOOL (__stdcall*SymbolToAddress)(IN PSTR buffer,OUT PADDRE paddr ); //--------------------------------------------- // Command VOID (__stdcall*Add_Command)( PSTR command, PSTR Help_1, PSTR Help_2, PSTR Example, BOOL(_stdcall* h)(int argc,PSTR* argv) ); VOID (__stdcall*Remove_Command)( PSTR command ); DWORD (__stdcall*Reload_Command)( PSTR cmdstr, BOOL(_stdcall* h)(int argc,PSTR* argv) ); BOOL (__stdcall*Run_Command)( PSTR buffer ); VOID (__stdcall*Get_Command_Help)( PSTR InputBuf, PSTR OutputBuf ); PSTR (__stdcall*Get_Related_Command)( PSTR InputBuf ); PSTR (__stdcall*GetInputcmdLine)(); //--------------------------------------------- // INI file BOOL (__stdcall*ini_STR) (IN PSTR szKey,OUT PSTR *ret ); BOOL (__stdcall*ini_BOOL) (IN PSTR szKey,OUT BOOL *ret ); BOOL (__stdcall*ini_DEC) (IN PSTR szKey,OUT DWORD *ret ); BOOL (__stdcall*ini_DWORD) (IN PSTR szKey,OUT DWORD *ret ); void (__stdcall*ini_ForEach) (IN PSTR szKey,OUT PVOID func); //--------------------------------------------- // Ring0 File IO HANDLE (__stdcall*fopen)(PSTR pfilename,DWORD mode); VOID (__stdcall*fclose)(HANDLE h); DWORD (__stdcall*fseek)(HANDLE h,DWORD pos); DWORD (__stdcall*fwrite)(HANDLE h,PVOID buffer,DWORD Count); DWORD (__stdcall*fread)(HANDLE h,PVOID buffer,DWORD Count); BOOL (__stdcall*fgets)(HANDLE h,OUT PSTR s); DWORD (__stdcall*fputs)(HANDLE h,IN PSTR s); //--------------------------------------------- // Memory&Selector BOOL (__stdcall*Set_Page_Map)(DWORD Linear,DWORD Map); BOOL (__stdcall*Get_Page_Map)(DWORD Linear,DWORD* Map); BOOL (__stdcall*LinearToPhys)(DWORD Linear,DWORD* Phys); BOOL (__stdcall*PhysToLinear)(DWORD Phys ,DWORD* Linear); BOOL (__stdcall*ifReadable_flat)(DWORD Linear); BOOL (__stdcall*ifReadable)(PADDRE addr); BOOL (__stdcall*ToFlat)(PADDRE addr,DWORD* Linear); BOOL (__stdcall*CompareSel)( WORD seg1, WORD seg2 ); WORD (__stdcall*ValidSel)( WORD seg ); // return the valid selector BOOL (__stdcall*Sel16_32)( WORD sel ); //0:invalid 1:16bit 2:32bit BOOL (__stdcall*Sel_Ring0_3)( WORD sel ); //0:invalid 1:Ring0 2:Ring3 BOOL (__stdcall*ValidAddr)(PADDRE ptgt,PADDRE psrc); void (__stdcall*toR0CS)(DWORD linear,PADDRE paddr); void (__stdcall*toR0DS)(DWORD linear,PADDRE paddr); void (__stdcall*toR3CS)(DWORD linear,PADDRE paddr); void (__stdcall*toR3DS)(DWORD linear,PADDRE paddr); BOOL (__stdcall*ifR0CS)( PADDRE addr ); BOOL (__stdcall*ifR0DS)( PADDRE addr ); BOOL (__stdcall*ifR3CS)( PADDRE addr ); BOOL (__stdcall*ifR3DS)( PADDRE addr ); BOOL (__stdcall*ifLinear)(PADDRE paddr); VOID (__stdcall*CurCSEIP)(PADDRE paddr); BOOL (__stdcall*PeekB)(PADDRE paddr,OUT BYTE* b); BOOL (__stdcall*PeekW)(PADDRE paddr,OUT WORD* w); BOOL (__stdcall*PeekD)(PADDRE paddr,OUT DWORD* dw); //--------------------------------------------- // Hex&Dec&String PSTR (__stdcall*str2dec)(PSTR s,OUT DWORD* d); PSTR (__stdcall*str2hex)(PSTR s,OUT DWORD* d); VOID (__stdcall*dec2str)(DWORD d,OUT PSTR s); VOID (__stdcall*hex2str)(DWORD d,OUT PSTR s); //--------------------------------------------- // Kernel PPHOOKER hh_IntObj; // CallBack proc prohotype // BOOL STDCALL hookproc(DWORD IntNum) PPHOOKER hh_PreEnterKernel; // CallBack proc prohotype // BOOL STDCALL hookproc() // return TRUE will not enter kernel, v.v. PPHOOKER hh_EnterKernel; // CallBack proc prohotype // VOID STDCALL hookproc() PPHOOKER hh_OnMessageLoop; // CallBack proc prohotype // BOOL STDCALL hookproc() PPHOOKER hh_LeaveKernel; // CallBack proc prohotype // VOID STDCALL hookproc() PPHOOKER hh_PostLeaveKernel; // CallBack proc prohotype // VOID STDCALL hookproc() BYTE* pfV86; BYTE* pfPM; BYTE* pfVMM; BYTE* pfUserVM; CLIENT_STRUCT* pUser; X86_REG_STRUCT* pUserX86; DWORD* pWindows_IntNum; DWORD* pCur_Thread_Handle; DWORD* pCur_VM_Handle; DWORD* pCur_Process_DB; VOID (__stdcall*Ring3_CallBack)(PVOID Ring3_callback,PVOID Ring0_callback); VOID (__stdcall*Set_Enter_Kernel)(); VOID (__stdcall*Set_Leave_Kernel)(); VOID (__stdcall*UpdateIDT)( ); BYTE (__stdcall*Read_Port)( DWORD Port ); VOID (__stdcall*Write_Port)( DWORD Port, BYTE wData ); BOOL (__stdcall*GetExpression)(IN PSTR expr,OUT DWORD* result); VOID (__stdcall*FatalError)(IN PSTR msg); VOID (__stdcall*Begin_Nest_VMM_Exec)(); VOID (__stdcall*End_Nest_VMM_Exec)(); BOOL* pfSoft_1Step; BOOL (__stdcall*GetTraceFlag)(); VOID (__stdcall*Get_Origin_Interrupt_Vector)( DWORD IntNum, DWORD* IntSeg, DWORD* IntOff, BOOL* GateSize); //--------------------------------------------- // Driver // Timer DWORD (__stdcall*Get_Time)(); // Keyboard PPHOOKER hh_HotKey; // Hookprpoc: // BOOL STDCALL hookproc( DWORD keycode ); WORD (__stdcall*Get_Key)( ); VOID (__stdcall*Clear_Key_Buf)( ); BYTE (__stdcall*Get_CTRL_Key)( ); WORD (__stdcall*Wait_Key)( ); VOID (__stdcall*Set_Ring0_Hotkey)(WORD key); VOID (__stdcall*Set_Ring3_Hotkey)(WORD key); BYTE (__stdcall*Get_Keyboard_State)(); void (__stdcall*Set_Keyboard_State)(BYTE f); // Display PPHOOKER hh_DisplaySetMode; // CallBack proc prohotype // BOOL STDCALL hookproc() PPHOOKER hh_DisplaySaveRegister; // CallBack proc prohotype // BOOL STDCALL hookproc() PPHOOKER hh_DisplayRestoreRegister; // CallBack proc prohotype // BOOL STDcALL hookproc() PPHOOKER hh_Notify_Screen_Lines_Change; // Add/Remove change screen lines callback . // CallBack proc prohotype: // VOID STDCALL CallBack( DWORD Lines ); VOID (__stdcall*TRW2000_Screen)(); VOID (__stdcall*User_Screen)(); VOID (__stdcall*Set_Cursor)(BYTE x,BYTE y); VOID (__stdcall*Change_Cursor)(BYTE Begin,BYTE End); DWORD (__stdcall*Save_Hardware_Cursor_State)(void); VOID (__stdcall*Restore_Cursor_State)(DWORD State); // Mouse VOID (__stdcall*Get_Mouse_State)(MOUSE_STATE *State); VOID (__stdcall*Mouse_Show)( ); VOID (__stdcall*Mouse_Hide)( ); //--------------------------------------------- // Module16&Module32&VxD WORD (__stdcall*GetMod16Handle)(IN PSTR modname); BOOL (__stdcall*GetMod16Info)(PADDRE paddr,PSTR modname,DWORD* segnum,DWORD* off); BOOL (__stdcall*GetMod16Info2)(PSTR modname,DWORD segnum,PADDRE paddr,DWORD* size); DWORD (__stdcall*GetProc16Address)(PSTR modname,PSTR expname); DWORD (__stdcall*GetMod32Handle)(PSTR modname); BOOL (__stdcall*GetMod32Info)(PADDRE paddr,PSTR modname,DWORD* segnum,DWORD* off); BOOL (__stdcall*GetMod32Info2)(PSTR modname,DWORD segnum,PADDRE paddr,DWORD* size); DWORD (__stdcall*GetProc32Address)(PSTR modname,PSTR expname); BOOL (__stdcall*GetVxDInfo)(PADDRE paddr,PSTR modname,DWORD* segnum,DWORD* off); BOOL (__stdcall*GetVxDInfo2)(PSTR modname,DWORD segnum,PADDRE paddr,DWORD* size); //--------------------------------------------- // Disassembler PPHOOKER hh_PreUnasm; // PSTR hookproc(PADDRE addr,BYTE* usercolor); PPHOOKER hh_PostUnasm; // PSTR hookproc(PADDRE addr,BYTE* usercolor); PPHOOKER hh_user_disasm; // Hookprpoc: // BOOL STDCALL hookproc( PADDRE addr, DWORD* Len, PSTR UasmBuf ); BOOL (__stdcall*Is_P_Inst)(IN PADDRE addre); BOOL (__stdcall*Is_RET_Inst)(IN PADDRE addre); VOID (__stdcall*SetDisasmMode)(BOOL f); BOOL (__stdcall*Get_Instruction_Length)(PADDRE paddr,DWORD *Len); // The function return FALSE if the address is a non-page status ! // And, len is set to 1 when address is non-page, or len is // the length of specified instruction and return TRUE . DWORD (__stdcall*Disassembler)(PADDRE paddr,PSTR dasmbuf); struct PLUG_CPU_INFO* (__stdcall*Get_Instruction_Info)(PADDRE paddr); //--------------------------------------------- // Extended Symbol Format PPHOOKER hh_InitSymMod; PPHOOKER hh_RelocSymMod; DWORD (__stdcall*Sym_CreateSymTable)(PSTR modname); DWORD (__stdcall*Sym_LocateSymTable)(PSTR modname); VOID (__stdcall*Sym_DeleteSymTable)(PSTR modname); DWORD (__stdcall*Sym_GetCurSymTable)( ); VOID (__stdcall*Sym_SetCurSymTable)( DWORD hSymTable ); VOID (__stdcall*Sym_SelectSymTable)(PSTR modname); VOID (__stdcall*Sym_SetSymTableFlag)(DWORD flag); DWORD (__stdcall*Sym_CreateSegment)(DWORD hSymTable,PSTR segname,DWORD segnumber); VOID (__stdcall*Sym_RelocSegment)(DWORD segnumber,PADDRE paddr,DWORD size); VOID (__stdcall*Sym_RelocSegment2)(PSTR segname,PADDRE paddr,DWORD size); VOID (__stdcall*Sym_CreateSymbol)(DWORD segnum,PSTR name,DWORD off,DWORD type); VOID (__stdcall*Sym_DeleteSymbol)(DWORD segnum,DWORD off,DWORD type); PSTR (__stdcall*Sym_Addr2Symbol)( PADDRE addr,DWORD* index,DWORD* offset,DWORD* type ); PSTR (__stdcall*Sym_GetNextSym)( DWORD* index,DWORD* type ); BOOL (__stdcall*Sym_Symbol2Addr2)(PSTR sym,PADDRE addr,DWORD* type,DWORD* index); DWORD (__stdcall*Sym_LoadSrcFileToSymSeg)( DWORD hSegment,PSTR szfilepath ); PSTR (__stdcall*Sym_GetCurSrcFileName)(); DWORD (__stdcall*Sym_GetCurSrcTotalLines)(); DWORD (__stdcall*Sym_GetPrevLine)(DWORD line); BOOL (__stdcall*Sym_Line2Addr)( DWORD line,PADDRE paddr ); BOOL (__stdcall*Sym_Addr2Line)( PADDRE paddr,DWORD* begin,DWORD* end); BOOL (__stdcall*Sym_GetSrcFileLine)( DWORD linenum ); BOOL (__stdcall*Sym_SetCurSrcFile)( PSTR filename ); BOOL (__stdcall*Sym_SetCurSrcFile2)( DWORD hSrc ); BOOL (__stdcall*Sym_UpdateSrcFile)( PADDRE paddr , DWORD* lines); VOID (__stdcall*Sym_CreateLineInfo)( DWORD linenum,DWORD lineoff ); VOID (__stdcall*Sym_DeleteLineInfo)( DWORD linenum ); // define in EXTSYM.CPP DWORD (__stdcall*Sym_TypeDefine)(PSTR name,DWORD type,DWORD size,DWORD local); VOID (__stdcall*Sym_CreateTypeField)(DWORD owner,DWORD off,DWORD type,PSTR name); VOID (__stdcall*Sym_TypeUndefine)(DWORD type); PPHOOKER hh_SymComplexSym; //--------------------------------------------- // User Interface DWORD (__stdcall*Get_CPU_Win_Handle)( ); DWORD (__stdcall*Get_Register_Win_Handle)( ); DWORD (__stdcall*Get_Data_Win_Handle)( ); DWORD (__stdcall*Get_Disassembler_Win_Handle)( ); DWORD (__stdcall*CreateWindow)( DWORD x1,DWORD y1,DWORD x2,DWORD y2, PSTR title, DWORD Style, int delta_x, int delta_y, int off_x, int off_y, PVOID Handler, int min_x, int min_y, int max_x, int max_y); // Cteate a Window and show it on the screen . // x1, y1, x2, y2 specify the coordinates of screen . // delta_x, delta_y specify the offset value . // off_x, off_y specify the max value of offset . // Draw routine is the proc of Scroller, // Hadnler routine is the proc of Scroller, // Refurbish routine is the proc of Scroller . // Return the handle of Window . // Style can use the values specified below : // // STDDASM : A standard Disassembler Window . // delta_x,delta_y, off_x, off_y will be ignored . // // STDDATA : A standard wData Window . // delta_x,delta_y, off_x, off_y will be ignored . // // STDUSER : A user-specified Window . // // These values can't be ORed . // // SY_MOVE : Window can be moved . // // SY_ZOOM : Window can be zoomed . // // SY_SIZE : Window can be resized . // // SY_CLOSE: Window can be closed . // // SY_TOP: Window is always on the top of screen . // // These values can be ORed . VOID (__stdcall*DesktopReDraw)( ); DWORD (__stdcall*FindWindow)( WORD msg ); VOID (__stdcall*FocusWindow)( DWORD view ); VOID (__stdcall*SendMessage)( DWORD view, WORD msg ); VOID (__stdcall*ClearEvent)( DWORD, TEvent& ); VOID (__stdcall*SetWindowColor)( DWORD view,BYTE color); BYTE (__stdcall*GetWindowColor)( DWORD view); void (__stdcall*SetPageShowTitle)(PSTR Title); void (__stdcall*BeginPageShow)(); void (__stdcall*EndPageShow)(); VOID (__stdcall*WindowPutc)( DWORD view,int x,int y,char c); DWORD (__cdecl *WindowPrintf)( DWORD view, int x, int y, PSTR Format, ... ); VOID (__stdcall*GetWindowHandle)( DWORD client ); VOID (__stdcall*DeleteWindow)( DWORD view ); VOID (__stdcall*DisableCommandWindow)( ); VOID (__stdcall*EnableCommandWindow)( ); DWORD (__stdcall*puts)(PSTR buffer); VOID (__stdcall*putc)(char c); DWORD (__cdecl *dprintf)( PSTR Format, ... ); WORD (__stdcall*MessageBox)(PSTR title,PSTR message); WORD (__stdcall*InputBox)(PSTR title,PSTR message,PSTR buf,WORD MaxLen); // That you see : // // STDDASM WinProc prototype : // WinProc( TView* view, TEvent& event, DASM_WNDCLASS& wnd ); // // STDDATA WinProc prototype : // WinProc( TView* view, TEvent& event, DATA_WNDCLASS& wnd ); // // STDUSER WinProc prototype : // WinProc( TView* view, TEvent& event, WNDCLASS& wnd ); VOID (__stdcall*GetWNDClass)( DWORD view, WNDCLASS& wnd ); VOID (__stdcall*SetWNDClass)( DWORD view, WNDCLASS& wnd ); VOID (__stdcall*GetDASM_WNDClass)( DWORD view, DASM_WNDCLASS& wnd ); VOID (__stdcall*SetDASM_WNDClass)( DWORD view, DASM_WNDCLASS& wnd ); VOID (__stdcall*GetDATA_WNDClass)( DWORD view, DATA_WNDCLASS& wnd ); VOID (__stdcall*SetDATA_WNDClass)( DWORD view, DATA_WNDCLASS& wnd ); //--------------------------------------------- // P CheckProc VOID (__stdcall*AddPCheck)( PVOID theCheckProc ); VOID (__stdcall*DelPCheck)( PVOID theCheckProc ); VOID (__stdcall*BeginPRun)(); VOID (__stdcall*BeginTRun)(); //--------------------------------------------- // Breakpoint WORD* pActive_BP_ID; BYTE (__stdcall*addBPInt3)( PADDRE paddr,DWORD mode ); BYTE (__stdcall*addBPDr)( PADDRE paddr,DWORD mode,DWORD type,DWORD size ); BOOL (__stdcall*AddressIfBP)( PADDRE addr ); VOID (__stdcall*EnableBP)(BYTE id); VOID (__stdcall*DisableBP)(BYTE id); VOID (__stdcall*Set_BP_Active)(BYTE id); VOID (__stdcall*Set_BP_Unactive)(BYTE id); VOID (__stdcall*DeleteBP)(BYTE id); VOID (__stdcall*addCheckProc)(BYTE id,PVOID checkproc); VOID (__stdcall*SetIfThenDo)(BYTE id,int argc,PSTR* argv); struct tagMYBP* (__stdcall*LocateBP)(BYTE id); VOID (__stdcall*RecordBPCmdLine)(BYTE id,PSTR InputCmdLine); /* Please, DO NOT develop any breakpoint plug-ins now! Because we are developing breakpoint-system now, all interface of breakpoint-system maybe changed! */ //--------------------------------------------- // Version 1.13 Added // Mod16&Mod32 WORD (*GetFirstTask)(); DWORD (*GetMTElist)(); DWORD (*GetCurrentPDB)(); PPHOOKER hh_OnRing3Message; VOID (*PostMessageToDll)(DWORD wParam,DWORD lParam); //--------------------------------------------- // Version 1.15 Added BOOL (*getNum)(PSTR buf,DWORD* num); // Video Display // BOOL hookproc(DWORD I_code,DWORD param1,DWORD param2); // I_code define // #define DD_ENTERDEBUGGER 1 // No param. It notify plug-ins that TRW2000 need to show debugger // screen and be actived soon. // #define DD_LEAVEDEBUGGER 2 // No Param. It notify plug-ins that TRW2000 will exit and need to // restore Windows screen. // NOTE: If user press F4(RS) to see Windows screen, TRW2000 will // call DD_LEAVEDEBUGGER at first, then wait for a key, at // last TRW2000 call DD_ENTERDEBUGGER. // #define DD_REDRAWSCREEN 3 //Param1: ScreenBuf(8192 byets), Param2: Lines // It notify plug-ins that TRW2000 will redraw screen. Param1 point // to screen buffer, the size of screen buffer is 8192bytes.(80*50*2=8000) // Param2 is current lines(high word is width value, now fixed, is 80) // The range of lines is from 25 to 50. // If plug-ins did not support current lines, e.g: CGA not support 50 lines. // Plug-ins should call API Set_Display_Screen_Lines to change screen lines. // #define DD_MOUSECURSHOW 4 //Param1: X, Param2: Y // It notify that mouse driver would show mouse cursor. // Mouse cursor is a software cursor, plug-ins must save the character at // the position of mouse cursor first. Then show the cursor. // #define DD_MOUSECURHIDE 5 //Param1: X, Param2: Y // It notify that mouse driver would hide mouse cursor. // At this time plug-ins should restore the character that saved at // DD_MOUSECURSHOW. // #define DD_CURSORCHANGE 6 //Param1: BeginLine, Param2: EndLine // Notify that TRW2000 want to change cursor. // #define DD_CURSORPOS 7 //Param1: X, Param2: Y // Notify that TRW2000 want to change cursor position. // #define DD_CURSORSAVE 8 //Param1: Pointer to state (DWORD) // #define DD_CURSORRESTORE 9 //Param1: State(DWORD) // Sure, plug-ins must handle DD_ENTERDEBUGGER, DD_LEAVEDEBUGGER, // DD_REDRAWSCREEN, DD_MOUSECURSHOW, DD_MOUSECURHIDE, DD_CURSORCHANGE, // DD_CURSORPOS. PPHOOKER hh_DisplayRedrawProc; // designed for second MONO display device VOID (*Set_Display_Screen_Lines)( DWORD Line ); } PLUGS_API;