Skip to content

Commit

Permalink
Windows 10 RS3 (16299) supported
Browse files Browse the repository at this point in the history
  • Loading branch information
swwwolf committed Oct 15, 2017
1 parent ba97c8c commit 69a5fd4
Show file tree
Hide file tree
Showing 10 changed files with 7,828 additions and 1,836 deletions.
12 changes: 6 additions & 6 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@
## Preface

[WDBGARK](https://github.com/swwwolf/wdbgark) is an extension (dynamic library) for the
[Microsoft Debugging Tools for Windows](http://msdn.microsoft.com/en-US/library/windows/hardware/ff551063).
[Microsoft Debugging Tools for Windows](https://docs.microsoft.com/en-us/windows-hardware/drivers/debugger/index).
It main purpose is to view and analyze anomalies in Windows kernel using kernel debugger. It is possible to view
various system callbacks, system tables, object types and so on. For more user-friendly view extension uses DML.
For the most of commands kernel-mode connection is required. Feel free to use extension with live kernel-mode debugging
Expand Down Expand Up @@ -55,7 +55,7 @@ to reload them, ignore checksum problems, prepare them before analysis and you'l
Multiple targets debugging is not supported!

Windows BETA/RC is supported by design, but read a few notes. First, i don't care about checked builds.
Second, i don't care if you don't have [symbols](http://msdn.microsoft.com/en-us/windows/hardware/gg463028.aspx)
Second, i don't care if you don't have [symbols](https://developer.microsoft.com/en-us/windows/hardware/download-symbols)
(public or private). IA64/ARM is unsupported (and will not).

## Sources and build
Expand All @@ -64,7 +64,7 @@ Sources are organized as a Visual Studio 2015 solution.

### Build using VS2015

* Download and install latest [WDK](https://msdn.microsoft.com/en-us/windows/hardware/dn913721.aspx)
* Download and install latest [WDK](https://developer.microsoft.com/en-us/windows/hardware/windows-driver-kit)
* Select **Build -> Batch Build** from the menu and build dummypdb module (x86 and x64).
![Batch Build](https://raw.githubusercontent.com/swwwolf/wdbgark/master/images/batch_build.png)
* Choose solution configuration and platform for the main project.
Expand All @@ -91,14 +91,14 @@ Yeah, it's possible to build all the stuff using simple batch script.

## Using

* Download and install Debugging Tools from the [Microsoft WDK](https://msdn.microsoft.com/en-us/windows/hardware/dn913721.aspx) downloads page.
* Download and install Debugging Tools from the [Microsoft WDK](https://developer.microsoft.com/en-us/windows/hardware/windows-driver-kit) downloads page.
* [Build](#sources-and-build) or download the extention.
* Make sure that [Visual C++ Redistributable for Visual Studio 2015](https://www.microsoft.com/en-US/download/details.aspx?id=46881) has already been installed.
* Make sure that [Visual C++ Redistributable for Visual Studio 2015](https://www.microsoft.com/en-us/download/details.aspx?id=48145) has already been installed.
* Copy extension to the WDK debugger's directory (e.g. WDK 10):
* x64: ```C:\Program Files (x86)\Windows Kits\10\Debuggers\x64\winext\```
* x86: ```C:\Program Files (x86)\Windows Kits\10\Debuggers\x86\winext\```
* Start WinDBG.
* [Setup](http://support.microsoft.com/kb/311503/en-us) WinDBG to use Microsoft Symbol Server correctly or deal with them manually.
* [Setup](https://msdn.microsoft.com/en-us/library/windows/desktop/ee416588(v=vs.85).aspx) WinDBG to use Microsoft Symbol Server correctly or deal with them manually.
* Load extension by **.load wdbgark** (you can see loaded extensions with a **.chain** command).
* Execute **!wdbgark.help** for help or **!wdbgark.wa_scan** for a full system scan.
* Have fun!
Expand Down
7 changes: 2 additions & 5 deletions src/colorhack.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -311,12 +311,9 @@ BOOL CALLBACK WDbgArkColorHack::EnumWindowsProc(HWND hwnd, LPARAM lParam) {

bool WDbgArkColorHack::IsWinDbgWindow(void) {
bool found = false;
EnumWindows(EnumWindowsProc, reinterpret_cast<LPARAM>(&found));

if ( !EnumWindows(EnumWindowsProc, reinterpret_cast<LPARAM>(&found)) && !found ) {
return false;
}

return true;
return found;
}

bool WDbgArkColorHack::GetFileVersion(const std::string& file_path,
Expand Down
1 change: 1 addition & 0 deletions src/ddk.h
Original file line number Diff line number Diff line change
Expand Up @@ -54,6 +54,7 @@ namespace wa {
#define W10TH2_VER 10586 // Windows 10 TH2
#define W10RS1_VER 14393 // Windows 10 RS1
#define W10RS2_VER 15063 // Windows 10 RS2
#define W10RS3_VER 16299 // Windows 10 RS3

//////////////////////////////////////////////////////////////////////////
// drivers
Expand Down
5 changes: 3 additions & 2 deletions src/haltables.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -162,7 +162,7 @@ EXT_COMMAND(wa_haltables, "Output kernel-mode HAL tables: "\

/* { HalDispatchTable table count
HalPrivateDispatchTable table count
HalIommuDispatch table count (W8.1+)
HalIommuDispatchTable table count (W8.1+)
Skip first N entries
}
*/
Expand All @@ -180,7 +180,8 @@ HalTableInfo GetHalTableInfo() {
{ W10RTM_VER, { 0x16, 0x71, 0x10, 0x1 } },
{ W10TH2_VER, { 0x16, 0x71, 0x10, 0x1 } },
{ W10RS1_VER, { 0x16, 0x7C, 0x11, 0x1 } },
{ W10RS2_VER, { 0x16, 0x7F, 0x13, 0x1 } }
{ W10RS2_VER, { 0x16, 0x7F, 0x13, 0x1 } },
{ W10RS3_VER, { 0x16, 0x89, 0x13, 0x1 } }
} };
}

Expand Down
Loading

0 comments on commit 69a5fd4

Please sign in to comment.