qwqdanchun
/
RpcView
mirror of https://github.com/qwqdanchun/RpcView.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
25 Commits 1 Branch 0 Tags 12 MiB
C++ 78.7%
C 20.6%
CMake 0.7%
Go to file
silverf0x 30bfa47b8c Fix #4: v0.2.1hangs on Windows RS2 2017-11-07 20:19:28 +01:00
Build Add whole project 2017-03-14 21:47:33 +01:00
Qt Add whole project 2017-03-14 21:47:33 +01:00
RpcCommon Add whole project 2017-03-14 21:47:33 +01:00
RpcCore Fix #4: v0.2.1hangs on Windows RS2 2017-11-07 20:19:28 +01:00
RpcDecompiler remove pedentic warning (%x / unsigned char* conflict) 2017-05-10 19:27:41 +02:00
RpcView Add support for the _NT_SYMBOL_PATH environment variable 2017-10-03 13:45:40 +00:00
.gitignore Add whole project 2017-03-14 21:47:33 +01:00
CMakeLists.txt Update CMakeLists.txt to version 0.2.2 2017-10-01 07:11:42 +00:00
LICENSE Initial commit 2017-03-14 20:14:45 +01:00
README.md Update README.md: how to support a new RPC runtime 2017-03-16 23:23:41 +01:00
_config.yml Set theme jekyll-theme-tactile 2017-04-25 21:48:45 +02:00

README.md

RpcView

RpcView is a free tool to explore and decompile all RPC functionalities present on a Microsoft system.

How to add a new RPC runtime

Basically you have two possibilities to support a new RPC runtime (rpcrt4.dll) version:

  • The easy way: just edit the RpcInternals.h file in the corresponding RpcCore directories (32 and 64-bit versions) to add your runtime version in the RPC_CORE_RUNTIME_VERSION table.
  • The best way: reverse the rpcrt4.dll to define the required structures used by RpcView, e.g. RPC_SERVER, RPC_INTERFACE and RPC_ADDRESS.

Currently, the supported versions are organized as follows:

  • RpcCore1 for Windows XP
  • RpcCore2 for Windows 7
  • RpcCore3 for Windows 8
  • RpcCore4 for Windows 8.1 and 10

Compilation

Required elements to compiled the project:

  • Visual Studio (currently Visual Studio 2015 community)
  • CMake (at least 3.0.2)
  • Qt4 (currently 4.8.6)

Before running CMake you have to set the CMAKE_PREFIX_PATH environment variable with the current Qt path, for instance:

set CMAKE_PREFIX_PATH=C:\Qt\4.8.6

Then you can run CMake to produce the project solution. Here is an example to generate the x64 solution with Visual Studio 2015 from the RpcView/Build/x64 directory:

cmake -G"Visual Studio 14 2015 Win64" ../../
-- The C compiler identification is MSVC 19.0.24215.1
-- The CXX compiler identification is MSVC 19.0.24215.1
-- Check for working C compiler: C:/Program Files (x86)/Microsoft Visual Studio 14.0/VC/bin/x86_amd64/cl.exe
-- Check for working C compiler: C:/Program Files (x86)/Microsoft Visual Studio 14.0/VC/bin/x86_amd64/cl.exe -- works
-- Detecting C compiler ABI info
-- Detecting C compiler ABI info - done
-- Check for working CXX compiler: C:/Program Files (x86)/Microsoft Visual Studio 14.0/VC/bin/x86_amd64/cl.exe
-- Check for working CXX compiler: C:/Program Files (x86)/Microsoft Visual Studio 14.0/VC/bin/x86_amd64/cl.exe -- works
-- Detecting CXX compiler ABI info
-- Detecting CXX compiler ABI info - done
-- Detecting CXX compile features
-- Detecting CXX compile features - done
[RpcView]
-- Looking for Q_WS_X11
-- Looking for Q_WS_X11 - not found
-- Looking for Q_WS_WIN
-- Looking for Q_WS_WIN - found
-- Looking for Q_WS_QWS
-- Looking for Q_WS_QWS - not found
-- Looking for Q_WS_MAC
-- Looking for Q_WS_MAC - not found
-- Found Qt4: C:/Qt/4.8.6/bin/qmake.exe (found version "4.8.6")
-- Target is 64 bits
[RpcDecompiler]
[RpcCore1_32bits]
[RpcCore2_32bits]
[RpcCore2_64bits]
[RpcCore3_32bits]
[RpcCore3_64bits]
[RpcCore4_32bits]
[RpcCore4_64bits]
-- Configuring done
-- Generating done
-- Build files have been written to: C:/Dev/RpcView/Build/x64

To produce the Win32 solution with Visual Studio 2015 from the RpcView/Build/x86 directory:

cmake -G"Visual Studio 14 2015" ../../
-- The C compiler identification is MSVC 19.0.24215.1
-- The CXX compiler identification is MSVC 19.0.24215.1
-- Check for working C compiler: C:/Program Files (x86)/Microsoft Visual Studio 14.0/VC/bin/cl.exe
-- Check for working C compiler: C:/Program Files (x86)/Microsoft Visual Studio 14.0/VC/bin/cl.exe -- works
-- Detecting C compiler ABI info
-- Detecting C compiler ABI info - done
-- Check for working CXX compiler: C:/Program Files (x86)/Microsoft Visual Studio 14.0/VC/bin/cl.exe
-- Check for working CXX compiler: C:/Program Files (x86)/Microsoft Visual Studio 14.0/VC/bin/cl.exe -- works
-- Detecting CXX compiler ABI info
-- Detecting CXX compiler ABI info - done
-- Detecting CXX compile features
-- Detecting CXX compile features - done
[RpcView]
-- Looking for Q_WS_X11
-- Looking for Q_WS_X11 - not found
-- Looking for Q_WS_WIN
-- Looking for Q_WS_WIN - found
-- Looking for Q_WS_QWS
-- Looking for Q_WS_QWS - not found
-- Looking for Q_WS_MAC
-- Looking for Q_WS_MAC - not found
-- Found Qt4: C:/Qt/4.8.6/bin/qmake.exe (found version "4.8.6")
-- Target is 32 bits
[RpcDecompiler]
[RpcCore1_32bits]
[RpcCore2_32bits]
[RpcCore3_32bits]
[RpcCore4_32bits]
-- Configuring done
-- Generating done
-- Build files have been written to: C:/Dev/RpcView/Build/x86

Now you can compile the solution with Visual Studio or CMAKE:

cmake --build . --config Release

RpcView32 binaries are produced in the RpcView/Build/bin/x86 directory and RpcView64 ones in the RpcView/Build/bin/x64

Acknowledgements

  • Jeremy
  • Julien
  • Yoanne
  • Bruno