kopia lustrzana https://gitlab.com/sane-project/website
164 wiersze
6.2 KiB
HTML
164 wiersze
6.2 KiB
HTML
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"
|
|
"http://www.w3.org/TR/REC-html40/loose.dtd">
|
|
<HTML>
|
|
<HEAD>
|
|
<TITLE>sane-devel: Re: little tool for cracking VxDs (or: how to write</TITLE>
|
|
<META NAME="Author" CONTENT="Jochen Eisinger (jochen.eisinger@gno.de)">
|
|
<META NAME="Subject" CONTENT="Re: little tool for cracking VxDs (or: how to write a driver without...)">
|
|
</HEAD>
|
|
<BODY BGCOLOR="#FFFFFF" TEXT="#000000">
|
|
<H1>Re: little tool for cracking VxDs (or: how to write a driver without...)</H1>
|
|
<!-- received="Sun Sep 3 03:02:13 2000" -->
|
|
<!-- isoreceived="20000903100213" -->
|
|
<!-- sent="Sun, 03 Sep 2000 11:56:10 +0200" -->
|
|
<!-- isosent="20000903095610" -->
|
|
<!-- name="Jochen Eisinger" -->
|
|
<!-- email="jochen.eisinger@gno.de" -->
|
|
<!-- subject="Re: little tool for cracking VxDs (or: how to write a driver without...)" -->
|
|
<!-- id="39B2203A.79209993@gno.de" -->
|
|
<!-- inreplyto="39AFF605.CB1B428C@gno.de" -->
|
|
<STRONG>From:</STRONG> Jochen Eisinger (<A HREF="mailto:jochen.eisinger@gno.de?Subject=Re:%20little%20tool%20for%20cracking%20VxDs%20(or:%20how%20to%20write%20a%20driver%20without...)&In-Reply-To=<39B2203A.79209993@gno.de>"><EM>jochen.eisinger@gno.de</EM></A>)<BR>
|
|
<STRONG>Date:</STRONG> Sun Sep 03 2000 - 02:56:10 PDT
|
|
<P>
|
|
<!-- next="start" -->
|
|
<LI><STRONG>Next message:</STRONG> <A HREF="0023.html">Jochen Eisinger: "Re: (Mustek_pp SM4800P)"</A>
|
|
<UL>
|
|
<LI><STRONG>Previous message:</STRONG> <A HREF="0021.html">Arnaud Calvo: "Re: Plustek (was: Re: test)"</A>
|
|
<LI><STRONG>In reply to:</STRONG> <A HREF="0008.html">Jochen Eisinger: "little tool for cracking VxDs (or: how to write a driver without...)"</A>
|
|
<!-- nextthread="start" -->
|
|
<LI><STRONG>Next in thread:</STRONG> <A HREF="0030.html">Anatoly V. Vdovichev: "Re: little tool for cracking VxDs (or: how to write a driver without...)"</A>
|
|
<LI><STRONG>Reply:</STRONG> <A HREF="0030.html">Anatoly V. Vdovichev: "Re: little tool for cracking VxDs (or: how to write a driver without...)"</A>
|
|
<!-- reply="end" -->
|
|
<LI><STRONG>Messages sorted by:</STRONG>
|
|
<A HREF="date.html#22">[ date ]</A>
|
|
<A HREF="index.html#22">[ thread ]</A>
|
|
<A HREF="subject.html#22">[ subject ]</A>
|
|
<A HREF="author.html#22">[ author ]</A>
|
|
</UL>
|
|
<HR NOSHADE><P>
|
|
<!-- body="start" -->
|
|
<P>
|
|
Hi!
|
|
<BR>
|
|
<P>With the help of this little tool, I captured the whole port IO of the
|
|
<BR>
|
|
TWAIN driver for the ScanMagic 1200 ED Plus (ASIC 1015, CCD 01)... in a
|
|
<BR>
|
|
few days, there will be a new version of the mustek_pp backend :)
|
|
<BR>
|
|
<P>-- jochen
|
|
<BR>
|
|
<P><P><EM>>
|
|
</EM><BR>
|
|
<EM>> Hi!
|
|
</EM><BR>
|
|
<EM>>
|
|
</EM><BR>
|
|
<EM>> Since most of my work consists of reversing stupid TWAIN drivers, I've
|
|
</EM><BR>
|
|
<EM>> written a little (hopefully) handy tool:
|
|
</EM><BR>
|
|
<EM>>
|
|
</EM><BR>
|
|
<EM>> it's called vxd (because it works on VXDs :) Since TWAIN drivers (for
|
|
</EM><BR>
|
|
<EM>> the parallel port) need to access the parallel port, they all come with
|
|
</EM><BR>
|
|
<EM>> a ring-0 DLL, a so called VxD, that handles the port IO.
|
|
</EM><BR>
|
|
<EM>>
|
|
</EM><BR>
|
|
<EM>> In my case, this VxD implements similiar commands to sanei_pa4s2. If I
|
|
</EM><BR>
|
|
<EM>> can log the calls to these functions I basically know how to operate the
|
|
</EM><BR>
|
|
<EM>> scanner. To do this, I just need to disassemble the VxD, add some lines
|
|
</EM><BR>
|
|
<EM>> of code and assemble it again. Unfurtonally, a) I don't have neither
|
|
</EM><BR>
|
|
<EM>> masm nor the win98-ddk (both needed to compile a windows driver) b) the
|
|
</EM><BR>
|
|
<EM>> output of normal disassemblers just won't assemble :-(
|
|
</EM><BR>
|
|
<EM>>
|
|
</EM><BR>
|
|
<EM>> So I wrote a tool (vxd) to disassemble a VxD in form, I can assemble it
|
|
</EM><BR>
|
|
<EM>> again using NASM (avoiding the whole damn microsoft stuff :)
|
|
</EM><BR>
|
|
<EM>>
|
|
</EM><BR>
|
|
<EM>> This tool won't work for any VxD:
|
|
</EM><BR>
|
|
<EM>>
|
|
</EM><BR>
|
|
<EM>> - it must be pure 32bit PM code
|
|
</EM><BR>
|
|
<EM>> - only one segment (LCODE/LDATA)
|
|
</EM><BR>
|
|
<EM>> - no VxD service table
|
|
</EM><BR>
|
|
<EM>> - no stupid tricky code
|
|
</EM><BR>
|
|
<EM>>
|
|
</EM><BR>
|
|
<EM>> but it works for the vxd I want to crack...
|
|
</EM><BR>
|
|
<EM>>
|
|
</EM><BR>
|
|
<EM>> however I don't know, whether this tool works because of two things:
|
|
</EM><BR>
|
|
<EM>>
|
|
</EM><BR>
|
|
<EM>> a) you still need the link.exe from microsoft to produce the VxD
|
|
</EM><BR>
|
|
<EM>> b) I don't have windows (which is needed to run link.exe & test the
|
|
</EM><BR>
|
|
<EM>> resulting VxD)
|
|
</EM><BR>
|
|
<EM>>
|
|
</EM><BR>
|
|
<EM>> furthermore, I'm still looking for these "some lines of code" that log
|
|
</EM><BR>
|
|
<EM>> the function calls (after all, I'm not really experienced in writing
|
|
</EM><BR>
|
|
<EM>> windows code...) when I've figured out some good code, I'll let you
|
|
</EM><BR>
|
|
<EM>> know...
|
|
</EM><BR>
|
|
<EM>>
|
|
</EM><BR>
|
|
<P><PRE>
|
|
--
|
|
Source code, list archive, and docs: <A HREF="http://www.mostang.com/sane/">http://www.mostang.com/sane/</A>
|
|
To unsubscribe: echo unsubscribe sane-devel | mail <A HREF="mailto:majordomo@mostang.com?Subject=Re:%20little%20tool%20for%20cracking%20VxDs%20(or:%20how%20to%20write%20a%20driver%20without...)&In-Reply-To=<39B2203A.79209993@gno.de>">majordomo@mostang.com</A>
|
|
</PRE>
|
|
<P><!-- body="end" -->
|
|
<HR NOSHADE>
|
|
<UL>
|
|
<!-- next="start" -->
|
|
<LI><STRONG>Next message:</STRONG> <A HREF="0023.html">Jochen Eisinger: "Re: (Mustek_pp SM4800P)"</A>
|
|
<LI><STRONG>Previous message:</STRONG> <A HREF="0021.html">Arnaud Calvo: "Re: Plustek (was: Re: test)"</A>
|
|
<LI><STRONG>In reply to:</STRONG> <A HREF="0008.html">Jochen Eisinger: "little tool for cracking VxDs (or: how to write a driver without...)"</A>
|
|
<!-- nextthread="start" -->
|
|
<LI><STRONG>Next in thread:</STRONG> <A HREF="0030.html">Anatoly V. Vdovichev: "Re: little tool for cracking VxDs (or: how to write a driver without...)"</A>
|
|
<LI><STRONG>Reply:</STRONG> <A HREF="0030.html">Anatoly V. Vdovichev: "Re: little tool for cracking VxDs (or: how to write a driver without...)"</A>
|
|
<!-- reply="end" -->
|
|
<LI><STRONG>Messages sorted by:</STRONG>
|
|
<A HREF="date.html#22">[ date ]</A>
|
|
<A HREF="index.html#22">[ thread ]</A>
|
|
<A HREF="subject.html#22">[ subject ]</A>
|
|
<A HREF="author.html#22">[ author ]</A>
|
|
</UL>
|
|
<!-- trailer="footer" -->
|
|
<HR NOSHADE>
|
|
<P>
|
|
<SMALL>
|
|
<EM>
|
|
This archive was generated by <A HREF="http://www.hypermail.org/">hypermail 2b29</A>
|
|
: <EM>Sun Sep 03 2000 - 03:03:09 PDT</EM>
|
|
</EM>
|
|
</SMALL>
|
|
</BODY>
|
|
</HTML>
|