Tweet
Ring0 Physical RAM Viewer (using custom VXD) for PBWin7
This program allows you to see what data is actually in your physical
RAM. The addresses are the actual locations in the hardware, they aren't
translated by the CPU's paging mechanisms.
It might be difficult to tell what data to expect to be present in RAM
since Windows swaps some of it to disk.
The VXD does not currently support writing RAM, but it should be easy to
add that capability.
This might require Win9x (Win95, Win98, WinMe...), because some other
versions don't allow dynamic loading of VXDs. There might be ways around
such limitations though.
You can only run the main program in the debugger, but not the
"BinBas" function. BinBas will exit and refuse to run if it detects
that it's running in the debugger.
Features to Consider Adding:
...The VXD already supports the last three items, except maybe for local
descriptors.
This one file contains all the code you need, the others below are for the
VXD, in case you want to modify it.
Here' is the source for the VXD (three files):
Save them "C:\Masm32\RamView". Using a different folder could require editing
one or more of the files.
The VXD is based on code by Rody Thierry... Abragols (at) aol (dot) com
The linker gives 12 warnings when linking this. They can all be ignored.
TheirCorp's SourceForge project includes:
PowerBASIC article in Wikipedia
The attached zip file creates a folder named "RamView". It contains all
source and binary files.
This program allows you to see what data is actually in your physical
RAM. The addresses are the actual locations in the hardware, they aren't
translated by the CPU's paging mechanisms.
It might be difficult to tell what data to expect to be present in RAM
since Windows swaps some of it to disk.
The VXD does not currently support writing RAM, but it should be easy to
add that capability.
This might require Win9x (Win95, Win98, WinMe...), because some other
versions don't allow dynamic loading of VXDs. There might be ways around
such limitations though.
- Run once to generate the zip file containing "SYSACCES.VXD".
- Extract the VXD to the program's folder (not C:\Windows\System).
- REM out or delete the equate: "%BinBas"
- Recompile to run normally
You can only run the main program in the debugger, but not the
"BinBas" function. BinBas will exit and refuse to run if it detects
that it's running in the debugger.
Features to Consider Adding:
- Search RAM
- Give ring0 privilege level to a process
- Set API hooks
- Auto-locate tables of: window handles, process/thread IDs, object handles...
- Disassemble RAM and ROM
- Write to RAM
- List segment descriptors
- List interrupt descriptors
- List loaded VXDs
...The VXD already supports the last three items, except maybe for local
descriptors.
This one file contains all the code you need, the others below are for the
VXD, in case you want to modify it.
Code:
[b]Save this as "RamView.bas", for example:[/b]
'**************************************
' "RAMView.bas"
'Public Domain 2009 by TheirCorp
'The VXD is based on code by Rody Thierry... Abragols (at) aol (dot) com
'**************************************
#PBForms Created V1.51
#Compile Exe "RAMView.exe"
#Dim All
#Debug Error Off
#Tools Off
'To run this program normally, REM out or delete this equate:
%BinBas = 1
'%BlockLen = 1024
%BlockLen = 4096
#If %Def(%BinBas) 'extract BinBas data
$ZipFile = "SYSACCES.zip"
$InfoMsg = "Attempting to create ""SYSACCES.zip""" & $CrLf & $CrLf & _
"Afterward, unzip it into the program's folder." & $CrLf & $CrLf & _
"To run this program normally, REM out or delete the equate: ""%BinBas""" & $CrLf
'**************************************
' File: SYSACCES.zip
Function BinBas() As Long
Local FO As Long
'don't run this in the debugger...
! cmp Byte Ptr debuggertest, 0
! je NoDebugger
MsgBox "Error: Can't run this in the debugger."
! jmp ExitFunction
DebuggerTest:
! db 0
NoDebugger:
If Len(Dir$($ZipFile)) Then MsgBox """"& $ZipFile & """ is already present." & $CrLf & "It will be overwritten."
FO = FreeFile
Open $ZipFile For Output As #FO
If Err Then
MsgBox "Error:" & Str$(Err), 16, $ZipFile
Exit Function
End If
Print #FO, Peek$(CodePtr(BinBas_Data), 3263)
Close #FO
ExitFunction:
Exit Function
BinBas_Data:
!db 080,075,003,004,020,000,002,000,008,000,000,000,032,000,027,016,117,084,069,012,000
!db 000,084,020,000,000,012,000,000,000,083,089,083,065,067,067,069,083,046,086,088,068
!db 237,088,127,112,019,085,030,127,155,108,219,128,105,055,148,148,006,012,016,236,002
!db 113,090,033,154,226,245,076,029,003,077,127,160,165,038,105,147,150,163,020,080,136
!db 165,035,165,226,166,042,022,044,036,065,054,207,056,222,233,221,049,247,107,236,040
!db 035,119,142,030,167,119,115,197,097,206,164,041,020,116,084,068,071,241,184,153,067
!db 110,212,197,224,201,137,083,010,058,228,062,111,183,105,001,111,230,110,238,207,155
!db 203,204,238,123,251,222,247,251,125,159,239,207,247,094,086,252,224,041,162,039,132
!db 240,120,178,089,066,006,137,246,115,147,127,255,219,143,167,104,238,107,069,228,247
!db 083,222,154,055,200,053,190,053,175,165,115,227,131,182,158,045,155,239,219,178,110
!db 147,237,222,117,221,221,155,037,219,061,027,108,091,194,221,182,141,221,054,207,221
!db 205,182,077,155,215,111,088,084,088,056,085,028,151,177,186,116,246,201,153,189,015
!db 238,206,061,159,004,215,237,182,140,247,089,235,223,120,111,039,235,231,214,108,172
!db 213,090,157,138,024,191,126,189,138,255,059,063,029,033,053,104,086,142,127,250,199
!db 219,097,109,138,124,125,045,061,071,136,145,155,252,156,129,254,002,060,155,199,199
!db 114,045,049,105,252,030,179,218,253,047,126,083,121,183,078,235,213,218,212,101,085
!db 121,141,053,119,123,106,198,041,074,048,174,215,032,145,229,024,159,164,210,019,067
!db 243,202,230,165,053,053,181,205,108,094,207,017,189,033,039,247,166,241,103,057,158
!db 002,242,002,227,041,032,207,016,206,174,091,072,116,028,079,098,100,000,003,091,009
!db 087,170,051,144,123,136,046,031,095,054,194,181,161,089,076,184,077,104,110,036,032
!db 043,032,165,026,171,129,173,088,071,204,055,186,137,114,235,102,061,161,219,028,178
!db 071,052,071,142,102,157,201,175,094,190,240,238,114,250,143,200,225,188,160,044,137
!db 054,101,180,091,079,048,105,151,029,145,036,239,060,137,174,024,175,173,220,167,027
!db 241,136,038,134,091,042,138,175,094,207,062,152,090,145,244,098,138,046,093,209,062
!db 159,069,156,220,040,218,018,124,127,162,250,016,076,074,158,141,078,107,032,209,164
!db 220,039,090,164,060,165,219,158,205,210,018,219,143,235,008,056,108,148,223,057,234
!db 230,013,082,030,117,091,051,249,180,193,070,151,026,105,073,181,169,129,036,250,092
!db 134,046,034,047,051,210,021,021,241,128,045,225,249,158,232,165,181,214,046,226,195
!db 042,126,175,079,201,187,089,071,208,013,209,022,209,148,168,109,232,034,094,095,072
!db 014,220,041,111,243,142,212,182,048,132,202,171,148,039,163,181,149,058,105,005,045
!db 025,156,227,038,007,166,098,244,079,006,244,018,125,162,187,203,144,240,136,030,191
!db 247,252,222,108,137,167,216,077,104,163,040,210,146,131,152,141,012,027,161,065,011
!db 132,131,194,205,004,203,237,098,187,220,034,246,040,201,039,248,239,136,057,191,151
!db 046,097,002,018,045,162,167,211,097,115,019,127,246,003,232,038,210,064,059,036,037
!db 026,069,247,235,044,176,245,105,096,247,195,010,237,176,229,090,088,174,199,077,028
!db 073,165,027,018,053,040,157,034,120,189,224,109,023,215,078,242,234,255,170,178,097
!db 076,169,121,066,211,071,136,230,113,227,102,165,225,246,104,018,086,181,044,204,102
!db 007,152,081,091,059,249,050,232,194,239,247,170,118,045,080,094,046,203,102,051,121
!db 074,233,172,108,246,042,142,079,023,192,015,133,140,165,203,208,105,121,026,238,224
!db 127,151,227,217,170,241,252,109,102,142,103,027,120,018,225,245,096,251,237,130,156
!db 251,186,184,032,229,095,203,177,212,107,044,251,193,226,076,210,213,107,227,249,096
!db 162,231,198,125,015,198,222,137,245,130,205,148,063,144,227,019,052,190,135,103,094
!db 003,175,126,114,157,027,058,109,042,188,087,114,060,039,111,080,121,060,215,242,076
!db 095,048,110,132,046,030,006,080,137,011,169,036,090,130,094,101,031,099,017,224,098
!db 139,207,171,092,007,070,140,155,039,117,003,243,007,243,039,022,228,175,084,172,091
!db 091,236,067,011,155,174,130,211,007,028,120,209,194,074,188,017,018,149,112,102,197
!db 064,053,251,104,020,029,033,090,232,070,023,254,108,017,029,157,110,043,098,001,243
!db 158,016,230,026,180,040,203,001,134,119,017,002,149,079,206,157,014,243,132,208,173
!db 202,102,015,123,196,106,061,160,220,053,063,167,071,241,132,030,008,005,007,160,159
!db 154,007,052,215,049,233,126,175,082,003,076,026,026,021,152,134,009,209,099,159,196
!db 004,128,200,015,081,075,244,042,058,116,005,200,242,052,131,085,141,113,199,068,001
!db 040,191,072,083,244,002,189,148,058,163,067,084,031,137,124,172,063,255,060,140,102
!db 202,161,094,014,172,096,170,098,072,117,064,058,032,078,024,173,152,086,190,050,090
!db 167,066,133,068,111,080,089,162,065,101,184,131,202,158,210,107,124,117,223,004,039
!db 028,171,170,088,132,133,172,190,102,175,242,173,013,140,070,192,182,250,241,213,001
!db 078,122,123,003,076,215,156,253,112,210,122,188,042,101,158,056,110,169,156,157,174
!db 172,035,251,056,201,163,049,108,210,214,060,095,054,025,187,157,195,118,150,038,191
!db 209,220,092,170,060,142,069,145,180,102,111,246,067,008,095,211,177,122,085,100,184
!db 045,173,156,154,241,175,134,159,186,234,023,057,107,025,201,059,246,084,029,169,064
!db 093,165,075,013,193,214,088,018,070,050,011,209,098,148,033,186,255,125,036,043,125
!db 027,069,213,170,172,251,057,079,232,024,205,247,042,035,219,057,018,075,010,187,190
!db 196,100,115,000,085,193,012,071,088,232,098,090,235,216,199,009,209,131,024,030,029
!db 054,008,177,087,025,115,173,033,150,148,204,180,228,126,001,202,156,040,255,115,033
!db 219,036,229,090,067,102,001,179,153,243,036,093,106,234,175,034,210,148,120,163,133
!db 171,137,030,013,095,056,204,091,056,141,092,255,158,028,048,064,232,232,112,191,016
!db 091,010,097,003,085,172,184,054,138,197,172,146,062,108,160,117,188,151,045,239,080
!db 074,158,230,073,040,210,039,022,115,225,105,093,006,111,167,021,116,090,204,034,086
!db 067,059,030,115,112,249,244,156,212,028,047,124,000,098,163,071,037,033,110,232,191
!db 120,135,132,151,091,210,039,122,184,209,090,135,073,170,140,231,087,223,033,021,087
!db 187,177,061,020,246,104,132,121,213,107,194,092,093,080,017,055,098,199,057,215,229
!db 014,102,075,204,170,084,166,149,254,048,097,027,129,003,221,233,112,121,005,054,027
!db 022,145,244,078,094,110,248,054,083,138,169,010,106,162,013,060,058,149,178,081,167
!db 077,087,106,112,194,021,052,080,017,059,046,205,167,151,198,035,152,246,137,021,216
!db 198,124,254,086,101,180,067,207,220,108,135,079,090,149,051,248,160,151,175,034,242
!db 005,091,149,227,108,184,069,180,133,118,108,133,056,201,164,170,048,021,248,026,084
!db 124,060,021,040,203,026,073,020,067,178,149,139,036,117,106,018,049,099,234,164,217
!db 088,027,002,233,037,045,115,124,126,008,170,244,043,143,065,164,092,107,193,026,102
!db 240,090,034,035,124,067,206,185,066,108,246,229,108,118,245,170,053,029,145,097,203
!db 144,137,228,226,007,116,044,218,077,145,179,198,200,037,078,011,165,006,192,110,070
!db 042,155,019,070,189,176,235,004,252,029,008,002,135,109,144,029,027,092,067,173,076
!db 030,098,204,132,168,018,133,200,207,216,022,156,210,037,182,243,024,179,211,055,202
!db 143,176,248,203,240,016,096,163,139,104,105,162,178,060,193,207,138,091,226,111,222
!db 054,039,108,133,075,204,241,054,014,031,029,092,184,008,090,069,014,235,016,052,167
!db 156,201,076,222,245,201,200,137,108,044,185,109,014,083,154,101,190,060,003,208,236
!db 242,226,016,229,066,116,086,072,158,025,146,117,025,003,155,081,041,048,199,210,003
!db 106,070,134,116,013,114,139,090,123,204,225,093,204,149,234,234,204,006,135,121,128
!db 115,051,168,174,033,021,052,051,198,206,187,178,217,172,150,080,198,043,140,129,159
!db 102,129,181,090,050,053,007,017,025,109,116,143,154,068,111,042,182,061,072,160,115
!db 084,239,085,118,061,202,018,168,247,246,064,043,085,104,017,093,138,180,145,236,251
!db 248,176,072,125,044,038,102,195,071,097,203,068,096,032,040,034,023,013,189,005,254
!db 102,101,197,035,060,001,164,021,225,163,107,086,119,172,066,046,099,149,200,089,115
!db 044,217,028,008,182,010,209,079,097,075,186,220,172,042,160,166,046,059,227,228,099
!db 048,068,087,022,209,183,019,091,243,053,124,253,236,016,245,195,159,002,206,012,170
!db 248,149,011,091,181,124,126,001,148,242,253,224,189,095,051,133,026,192,014,090,199
!db 224,073,200,232,240,230,001,053,139,155,012,244,216,142,143,217,097,041,117,122,078
!db 249,049,150,002,250,055,080,215,045,093,156,063,097,220,141,152,017,003,176,149,088
!db 031,194,214,095,161,236,142,097,161,058,150,197,225,069,234,073,075,082,119,030,171
!db 027,047,019,010,046,216,144,198,106,160,050,242,149,049,085,071,012,084,194,085,021
!db 170,139,082,136,068,244,025,040,033,182,097,194,248,230,171,141,175,214,051,171,166
!db 226,158,113,023,056,079,006,093,105,152,230,094,230,131,065,213,019,239,000,160,073
!db 249,209,079,084,111,020,120,149,177,071,056,226,074,011,187,220,152,012,208,191,051
!db 084,052,076,070,235,028,168,101,051,025,003,195,142,114,086,136,254,062,094,136,229
!db 169,053,145,114,106,209,243,241,008,028,043,245,025,208,216,168,207,136,070,012,209
!db 229,166,144,026,205,193,010,215,123,146,135,054,057,070,015,233,194,213,215,122,212
!db 194,116,131,206,022,208,097,075,236,121,136,103,167,086,107,230,122,236,193,168,141
!db 126,223,068,009,203,024,092,233,048,175,145,090,212,149,234,212,068,046,098,187,175
!db 200,017,236,105,118,125,166,134,054,153,105,202,149,150,110,163,015,243,175,177,059
!db 083,236,146,052,133,186,077,024,090,152,201,224,061,079,157,054,198,188,188,084,160
!db 142,135,191,198,166,067,027,236,033,068,094,136,097,135,201,029,204,039,236,064,218
!db 046,046,218,221,046,222,172,124,182,019,166,106,194,078,203,203,077,142,001,059,106
!db 171,251,057,246,102,206,140,028,130,107,208,010,177,035,172,064,172,233,128,091,172
!db 067,124,206,045,059,206,038,017,084,205,244,163,128,230,150,111,153,091,106,012,206
!db 047,092,135,128,121,046,017,162,159,024,009,009,182,118,246,195,168,157,186,008,094
!db 079,220,208,064,020,079,062,246,174,103,196,247,089,064,223,101,160,007,069,086,070
!db 232,087,236,080,079,119,048,047,150,095,008,237,120,180,138,203,151,163,226,243,044
!db 108,037,209,251,058,171,047,016,136,247,247,015,040,028,235,127,132,126,162,046,031
!db 075,077,103,166,237,076,120,102,240,084,129,255,043,118,124,162,030,246,061,098,163
!db 235,144,052,213,013,138,133,204,161,141,026,167,196,115,045,160,134,045,156,201,046
!db 187,143,149,078,060,044,096,171,149,041,043,081,120,155,069,118,082,072,157,214,193
!db 111,099,109,122,146,168,248,003,187,244,048,142,000,035,239,083,078,183,169,119,144
!db 246,132,249,086,070,010,186,099,109,140,145,029,090,122,174,140,004,031,152,042,253
!db 062,133,083,229,122,160,208,179,076,215,073,010,159,031,185,085,229,087,078,129,063
!db 014,077,112,030,152,229,252,034,051,135,105,197,177,124,197,211,136,167,243,204,029
!db 200,140,128,050,182,014,130,020,084,241,030,056,168,189,213,011,249,085,001,031,125
!db 019,036,125,202,117,099,217,108,060,042,254,005,075,064,142,085,147,199,050,024,001
!db 209,002,180,021,166,096,107,192,171,136,151,096,255,026,241,221,083,094,229,215,076
!db 028,244,146,107,236,250,119,156,201,216,104,175,153,062,106,119,030,015,209,105,040
!db 141,033,153,111,117,187,014,111,057,203,054,057,212,137,060,241,178,182,215,180,196
!db 107,112,227,146,202,217,142,005,085,234,157,236,018,085,241,058,243,174,170,246,238
!db 070,220,020,250,196,181,059,062,203,178,029,096,100,113,070,231,204,014,092,125,051
!db 213,110,154,087,092,049,251,255,147,027,109,239,134,045,094,047,218,155,123,031,244
!db 223,130,199,137,039,050,086,038,117,068,198,174,023,162,140,034,050,102,149,150,140
!db 165,189,191,152,227,029,116,224,251,201,019,137,060,054,238,066,062,074,133,042,008
!db 104,096,108,155,251,203,244,055,218,140,122,213,028,054,191,163,206,209,037,234,251
!db 088,074,049,093,010,201,051,066,114,093,254,055,099,105,090,103,044,075,074,001,186
!db 221,066,155,172,180,195,070,131,166,178,172,016,237,128,010,145,139,249,194,206,085
!db 172,051,102,019,162,251,084,004,197,210,045,145,049,147,100,047,059,046,068,111,083
!db 167,028,066,244,178,058,053,077,178,070,198,230,009,209,003,248,026,100,183,250,180
!db 051,153,022,184,130,076,147,192,009,153,229,145,237,102,084,161,124,022,224,092,001
!db 213,009,127,044,093,150,250,092,239,026,018,030,255,138,193,106,213,037,204,067,116
!db 025,159,082,012,226,220,106,157,016,099,190,166,058,234,231,067,114,065,124,040,245
!db 185,041,254,105,042,105,146,235,025,039,029,138,012,021,184,093,111,008,059,015,130
!db 042,165,232,232,067,058,156,157,071,242,207,239,149,167,099,213,200,025,062,117,070
!db 047,068,127,133,217,183,108,119,112,028,105,117,030,199,142,009,077,251,080,061,235
!db 140,217,094,211,139,109,047,190,180,172,044,121,234,203,053,114,105,234,180,094,158
!db 094,150,012,063,144,006,074,067,120,125,228,098,229,150,013,026,035,061,007,166,122
!db 176,208,038,147,075,247,082,248,075,215,157,124,248,243,003,236,060,120,126,239,136
!db 190,018,045,091,016,202,133,111,162,183,012,178,191,051,092,071,182,216,025,166,035
!db 140,128,013,128,064,061,069,164,007,221,234,123,169,250,182,169,111,230,200,052,249
!db 255,239,127,224,151,080,019,076,224,138,104,047,014,134,061,242,237,068,061,195,212
!db 231,135,104,105,234,148,041,068,135,158,083,201,242,174,204,195,210,144,092,207,242
!db 112,177,049,087,048,214,120,060,203,064,240,079,080,075,001,002,000,000,020,000,002
!db 000,008,000,000,000,032,000,027,016,117,084,069,012,000,000,084,020,000,000,012,000
!db 000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,083,089,083,065,067
!db 067,069,083,046,086,088,068,080,075,005,006,000,000,000,000,001,000,001,000,058,000
!db 000,000,111,012,000,000,000,000
End Function
#EndIf
'**************************************
' Created by inClean v1.25, 11-28-2008, 15:54:46
' Press Help-button for some useful information and tips.
'
' 24299 lines of include file data read and compared against
' 777 lines of code in 0.88 seconds.
'
'-----------------------------------------------------------------
' Equates: 49
'-----------------------------------------------------------------
%WM_USER = &H400
%WINAPI = 1
%FALSE = 0
%MAX_PATH = 260 ' max. length of full pathname
%LF_FACESIZE = 32
%INVALID_HANDLE_VALUE = &HFFFFFFFF???
%FILE_FLAG_DELETE_ON_CLOSE = &H004000000
%ANSI_CHARSET = 0
%FF_DONTCARE = 0 ' Don't care or don't know.
%FW_DONTCARE = 0
%FW_NORMAL = 400
%LOGPIXELSY = 90 ' Logical pixels/inch in Y
%WM_DESTROY = &H2
%WM_SETFONT = &H30
%WM_NCACTIVATE = &H86
%WM_INITDIALOG = &H110
%WM_COMMAND = &H111
%WS_POPUP = &H80000000
%WS_CHILD = &H40000000
%WS_VISIBLE = &H10000000
%WS_CLIPSIBLINGS = &H04000000
%WS_CAPTION = &H00C00000 ' WS_BORDER OR WS_DLGFRAME
%WS_BORDER = &H00800000
%WS_DLGFRAME = &H00400000
%WS_VSCROLL = &H00200000
%WS_SYSMENU = &H00080000
%WS_GROUP = &H00020000
%WS_TABSTOP = &H00010000
%WS_EX_CLIENTEDGE = &H00000200
%WS_EX_LEFT = &H00000000
%WS_EX_LTRREADING = &H00000000
%WS_EX_RIGHTSCROLLBAR = &H00000000
%WS_EX_CONTROLPARENT = &H00010000
%HWND_DESKTOP = 0
%ES_LEFT = &H0&
%ES_MULTILINE = &H4&
%ES_AUTOVSCROLL = &H40&
%ES_AUTOHSCROLL = &H80&
%ES_OEMCONVERT = &H400&
%ES_WANTRETURN = &H1000&
%BS_TEXT = &H0&
%BS_PUSHBUTTON = &H0&
%BS_AUTORADIOBUTTON = &H9&
%BS_LEFT = &H100&
%BS_CENTER = &H300&
%BS_VCENTER = &HC00&
%BS_DEFPUSHBUTTON = &H1&
%DM_SETDEFID = %WM_USER + 1
%BN_CLICKED = 0
%DS_3DLOOK = &H0004&
%DS_NOFAILCREATE = &H0010&
%DS_SETFONT = &H0040& ' User specified font for Dlg controls
%DS_MODALFRAME = &H0080& ' Can be combined with WS_CAPTION
'-----------------------------------------------------------------
' TYPE and UNION structures: 3
'-----------------------------------------------------------------
Type OVERLAPPED
Internal As Dword
InternalHigh As Dword
offset As Dword
OffsetHigh As Dword
hEvent As Dword
End Type
Type SECURITY_ATTRIBUTES
nLength As Dword
lpSecurityDescriptor As Long
bInheritHandle As Long
End Type
Type LOGFONT
lfHeight As Long
lfWidth As Long
lfEscapement As Long
lfOrientation As Long
lfWeight As Long
lfItalic As Byte
lfUnderline As Byte
lfStrikeOut As Byte
lfCharSet As Byte
lfOutPrecision As Byte
lfClipPrecision As Byte
lfQuality As Byte
lfPitchAndFamily As Byte
lfFaceName As Asciiz * %LF_FACESIZE
End Type
Type MEMORYSTATUS
dwLength As Dword
dwMemoryLoad As Dword
dwTotalPhys As Dword
dwAvailPhys As Dword
dwTotalPageFile As Dword
dwAvailPageFile As Dword
dwTotalVirtual As Dword
dwAvailVirtual As Dword
End Type
'-----------------------------------------------------------------
' Declared Functions: 14
'-----------------------------------------------------------------
Declare Function CloseHandle Lib "KERNEL32.DLL" Alias "CloseHandle" (ByVal hObject As Dword) As Long
Declare Function CreateFile Lib "KERNEL32.DLL" Alias "CreateFileA" (lpFileName As Asciiz, ByVal dwDesiredAccess As Dword, ByVal dwShareMode As Dword, lpSecurityAttributes As SECURITY_ATTRIBUTES, ByVal dwCreationDisposition As Dword, _
ByVal dwFlagsAndAttributes As Dword, ByVal hTemplateFile As Dword) As Dword
Declare Function CreateFontIndirect Lib "GDI32.DLL" Alias "CreateFontIndirectA" (lpLogFont As LOGFONT) As Dword
Declare Function DeleteObject Lib "GDI32.DLL" Alias "DeleteObject" (ByVal hObject As Dword) As Long
Declare Function DeviceIoControl Lib "KERNEL32.DLL" Alias "DeviceIoControl" (ByVal hDevice As Dword, ByVal dwIoControlCode As Dword, lpInBuffer As Any, ByVal nInBufferSize As Long, lpOutBuffer As Any, ByVal nOutBufferSize As Long, _
lpBytesReturned As Long, lpOverlapped As OVERLAPPED) As Long
Declare Function FreeLibrary Lib "KERNEL32.DLL" Alias "FreeLibrary" (ByVal hLibModule As Dword) As Long
Declare Function GetDC Lib "USER32.DLL" Alias "GetDC" (ByVal hWnd As Dword) As Dword
Declare Function GetDeviceCaps Lib "GDI32.DLL" Alias "GetDeviceCaps" (ByVal hdc As Dword, ByVal nIndex As Long) As Long
Declare Function GetFocus Lib "USER32.DLL" Alias "GetFocus" () As Dword
Declare Function GetLastError Lib "KERNEL32.DLL" Alias "GetLastError" () As Long
Declare Function GetModuleFileName Lib "KERNEL32.DLL" Alias "GetModuleFileNameA" (ByVal hModule As Dword, lpFileName As Asciiz, ByVal nSize As Dword) As Dword
Declare Function GetProcAddress Lib "KERNEL32.DLL" Alias "GetProcAddress" (ByVal hModule As Dword, lpProcName As Asciiz) As Long
Declare Sub GlobalMemoryStatus Lib "KERNEL32.DLL" Alias "GlobalMemoryStatus" (lpBuffer As MEMORYSTATUS)
Declare Function LoadLibrary Lib "KERNEL32.DLL" Alias "LoadLibraryA" (lpLibFileName As Asciiz) As Long
Declare Function ReleaseDC Lib "USER32.DLL" Alias "ReleaseDC" (ByVal hWnd As Dword, ByVal hDC As Dword) As Long
Declare Function SetFocus Lib "USER32.DLL" Alias "SetFocus" (ByVal hWnd As Dword) As Long
'**************************************
#Include "PBForms.INC"
'**************************************
' for SYSACCES.VXD
%GET_GDT = &H10
%GET_LDT = &H11
%GET_IDT = &H12
%LIST_VXDNAMES = &H20
%GET_VXDBYNAME = &H21
%GET_DUMP = &H30
%INTERNAL_ERROR = &H1
%UNKNOW_COMMAND = &H10
%INVALID_PARAMETER = &H20
%BUFFER_TOO_SMALL = &H30
%NOT_EXIST = &H40
%ALREADY_EXIST = &H41
'**************************************
Sub HexStr(ByVal nAddr As Dword, bs As String * %BlockLen, hs As String)
Local nOffs As Dword 'offset into string
Local n As Dword
Local v As Long
Local lz As Asciiz * 56
Local tz As Asciiz * 20
hs = ""
For nOffs = 1 To Len(bs)
If (n) And (n Mod 16 = 0) Then
hs = hs & Hex$(nAddr, 8) & ": " & RTrim$(lz) & " " & tz & $CrLf
lz = "" : tz = ""
nAddr = nAddr + 16
End If
v = Asc(bs, nOffs)
lz = lz & Hex$(v, 2) & " "
If v = 146 Or v = 147 Then
tz = tz & Chr$(v)
ElseIf v <= 31 Or ((v => 127) And (v < 159)) Then
tz = tz & "."
Else
tz = tz & Chr$(v)
End If
Incr n
Next nOffs
End Sub 'HexStr
'**************************************
Sub AddrStr(ByVal nAddr As Dword, bs As String * %BlockLen, hs As String)
Local nOffs As Dword 'offset into string
Local n As Dword
Local lz As Asciiz * 56
Local tz As Asciiz * 20
hs = ""
For nOffs = 1 To Len(bs) Step 4
If (n) And (n Mod 16 = 0) Then
hs = hs & Hex$(nAddr, 8) & ": " & RTrim$(lz) & " " & tz & $CrLf
lz = "" : tz = ""
nAddr = nAddr + 16
End If
lz = lz & Hex$(CvDwd(bs, nOffs), 8) & " "
n = n + 4
Next nOffs
End Sub 'AddrStr
'**************************************
Function ReadRAM(ByVal hVxd As Dword, ByVal nAddr As Dword, ps As String * %BlockLen) As Long
Local nOffs As Dword 'offset into string
Local n As Long
Local cbRet As Long 'receives a count of the bytes returned
Local res As Long 'return values
Static bs As String * %BlockLen 'buffer for data from SYSACCES.VXD
'error values from the VXD
Data &H1, "Internal Error"
Data &H10, "Unknown Command"
Data &H20, "Invalid Parameter"
Data &H30, "Buffer Too Small"
Data &H40, "No Memory at that Address (could be memory-mapped I/O, so try higher addresses)"
Data &H41, "Already Exists"
nAddr = nAddr And &HFFFFFFFC
res = DeviceIoControl(hVxD, ByVal %GET_DUMP, ByVal VarPtr(nAddr), ByVal 4, ByVal VarPtr(bs), ByVal Len(bs), ByVal VarPtr(cbRet), ByVal 0)
If res = 0 Then
res = GetLastError()
For n = 1 To DataCount Step 2
If res = Val(Read$(n)) Then
ps = "Error &H" & Hex$(res, 2) & ":" & $CrLf & Read$(n + 1)
Exit Function
End If
Next n
End If
ps = bs
Function = 1
End Function 'ReadRAM
'**************************************
#PBForms Begin Constants
%PrevBtn = 1001
%AddrTxt = 1002
%NextBtn = 1003
%OkayBtn = 1004
%ByteOpt = 1005
%DwdOpt = 1006
%Txt = 1007
#PBForms End Constants
#PBForms Declarations
'**************************************
Global ghDlg As Dword
'**************************************
Function GetRAM(ByVal hVxd As Dword, ByVal vInc As Long) As Long
Local id As Long
Local fFLag As Long
Local nAddr As Dword
Local ls As String
Local gms As MEMORYSTATUS
Static nRam As Dword
Static bs As String * %BlockLen
Incr fFLag
'get total physical memory
'what this really needs to get, is the address of the last byte of physical RAM
If nRam = 0 Then
gms.dwLength = SizeOf(MEMORYSTATUS)
GlobalMemoryStatus(gms)
nRam = gms.dwTotalPhys
If nRam = 0 Then
fFLag = 0
hVxd = 0
ls = "Error getting amount of physical memory"
End If
End If
'if hVxd = zero, then skip ReadRAM, and just reformat the output
If hVxd Then
'get address value from textbox
Control Get Text ghDlg, %AddrTxt To ls
nAddr = Val("&H" & ls) And &HFFFFF000
'find next address where there's memory (skip memory-mapped I/O, and so on...)
Do While nAddr => 0 And nAddr <= nRam - %BlockLen
nAddr = nAddr + vInc
If nAddr > nRam - %BlockLen Then 'wrap around ends of memory
If vInc => 0 Then 'going up, so wrap to zero
nAddr = 0
Else 'going down, so wrap to just below the top
nAddr = nRam - %BlockLen
End If
End If
fFLag = ReadRAM(hVxd, nAddr, bs)
If vInc = 0 Then vInc = %BlockLen
Loop Until fFLag
Control Set Text ghDlg, %AddrTxt, Hex$(nAddr, 8)
End If
If fFLag Then
'see which output format is requested
For id = %ByteOpt To %DwdOpt
Control Get Check ghDlg, id To fFLag
If fFLag Then Exit For
Next id
Select Case As Long id
Case %ByteOpt
HexStr(nAddr, bs, ls)
Case %DwdOpt
AddrStr(nAddr, bs, ls)
Case Else 'use default
HexStr(nAddr, bs, ls)
End Select
Else ' show error
ls = RTrim$(bs)
End If
Control Set Text ghDlg, %Txt, ls
'Function =
End Function 'GetRAM
'**************************************
Callback Function ShowProc()
Local fFLag As Long
Local ls As String
Static hVxd As Dword
Select Case As Long CbMsg
Case %WM_INITDIALOG
Control Set Option ghDlg, %ByteOpt, %ByteOpt, %DwdOpt
'get full path to the vxd
ls = String$(%MAX_PATH, $Nul)
ls = Left$(ls, GetModuleFileName(ByVal 0, ByVal StrPtr(ls), %MAX_PATH))
ls = "\\.\" & Left$(ls, InStr(-1, ls, "\")) & "sysacces.vxd"
hVxD = CreateFile(ByVal StrPtr(ls), ByVal 0, ByVal 0, ByVal 0, ByVal 0, %FILE_FLAG_DELETE_ON_CLOSE, 0)
If hVxd = %INVALID_HANDLE_VALUE Then
Control Set Text ghDlg, %Txt, "Error: could not open ""sysacces.vxd"""
hVxd = 0
Exit Function
Else
GetRAM(hVxd, 0)
End If
Case %WM_NCACTIVATE
Static hWndSaveFocus As Dword
If Isfalse Cbwparam Then
hWndSaveFocus = GetFocus()
Elseif hWndSaveFocus Then
SetFocus(hWndSaveFocus)
hWndSaveFocus = 0
End If
Case %WM_COMMAND
Select Case As Long CbCtl
Case %ByteOpt To %DwdOpt
If Cbctlmsg = %BN_CLICKED Or Cbctlmsg = 1 Then
GetRAM(0, 0)
End If
Case %OkayBtn
If CbCtlMsg = %BN_CLICKED Or CbCtlMsg = 1 Then
GetRAM(hVxd, 0)
End If
Case %PrevBtn
If Cbctlmsg = %BN_CLICKED Or Cbctlmsg = 1 Then
GetRAM(hVxd, &H0FFFFF000)
End If
Case %NextBtn
If CbCtlMsg = %BN_CLICKED Or CbCtlMsg = 1 Then
GetRAM(hVxd, &H01000)
End If
End Select
Case %WM_DESTROY
CloseHandle hVxD
End Select
End Function
'**************************************
Function PBMain() As Long
#If %Def(%BinBas) 'extract BinBas data
MsgBox $InfoMsg
BinBas()
Exit Function
#EndIf
Local lRslt As Long
#PBForms Begin Dialog %Dlg->->
Local hFont1 As Dword
Dialog New %HWND_DESKTOP, "RAMView - TheirCorp's Physical Memory Viewer", 278, 63, 447, 488, %WS_POPUP Or _
%WS_BORDER Or %WS_DLGFRAME Or %WS_CAPTION Or %WS_SYSMENU Or %WS_CLIPSIBLINGS Or _
%WS_VISIBLE Or %DS_MODALFRAME Or %DS_3DLOOK Or %DS_NOFAILCREATE Or %DS_SETFONT, _
%WS_EX_CONTROLPARENT Or %WS_EX_LEFT Or %WS_EX_LTRREADING Or %WS_EX_RIGHTSCROLLBAR, To _
ghDlg
Control Add Button, ghDlg, %PrevBtn, "&Prev", 3, 6, 30, 13
Control Add TextBox, ghDlg, %AddrTxt, "00000000", 35, 6, 100, 13
Control Add Button, ghDlg, %NextBtn, "&Next", 137, 6, 30, 13
Control Add Option, ghDlg, %ByteOpt, "&Byte", 183, 8, 44, 10, %WS_CHILD Or %WS_VISIBLE Or _
%WS_GROUP Or %WS_TABSTOP Or %BS_TEXT Or %BS_AUTORADIOBUTTON Or %BS_LEFT Or %BS_VCENTER, _
%WS_EX_LEFT Or %WS_EX_LTRREADING
Control Add Option, ghDlg, %DwdOpt, "&Dword", 228, 8, 44, 10, %WS_CHILD Or %WS_VISIBLE Or _
%BS_TEXT Or %BS_AUTORADIOBUTTON Or %BS_LEFT Or %BS_VCENTER, %WS_EX_LEFT Or _
%WS_EX_LTRREADING
Control Add Button, ghDlg, %OkayBtn, "&Okay", 412, 6, 30, 13, %WS_CHILD Or %WS_VISIBLE Or _
%WS_TABSTOP Or %BS_TEXT Or %BS_DEFPUSHBUTTON Or %BS_PUSHBUTTON Or %BS_CENTER Or _
%BS_VCENTER, %WS_EX_LEFT Or %WS_EX_LTRREADING
Dialog Send ghDlg, %DM_SETDEFID, %OkayBtn, 0
Control Add TextBox, ghDlg, %Txt, "", 3, 28, 441, 456, %WS_CHILD Or %WS_VISIBLE Or %WS_TABSTOP _
Or %WS_VSCROLL Or %ES_LEFT Or %ES_MULTILINE Or %ES_AUTOHSCROLL Or %ES_AUTOVSCROLL Or _
%ES_OEMCONVERT Or %ES_WANTRETURN, %WS_EX_CLIENTEDGE Or %WS_EX_LEFT Or %WS_EX_LTRREADING _
Or %WS_EX_RIGHTSCROLLBAR
hFont1 = PBFormsMakeFont("Courier New", 10, 400, %FALSE, %FALSE, %FALSE, %ANSI_CHARSET)
Control Send ghDlg, %AddrTxt, %WM_SETFONT, hFont1, 0
Control Send ghDlg, %Txt, %WM_SETFONT, hFont1, 0
#PBForms End Dialog
Dialog Show Modal ghDlg, Call ShowProc To lRslt
#PBForms Begin Cleanup %Dlg
DeleteObject hFont1
#PBForms End Cleanup
Function = lRslt
End Function
'**************************************
Here' is the source for the VXD (three files):
Save them "C:\Masm32\RamView". Using a different folder could require editing
one or more of the files.
The VXD is based on code by Rody Thierry... Abragols (at) aol (dot) com
The linker gives 12 warnings when linking this. They can all be ignored.
Code:
[b]Save this as "Sysacces.asm"[/b] .586p IFNDEF _VXDDEFS_INC _VXDDEFS_INC EQU 1 .586p include .\..\include\vmm.inc WIN32_VXD_CODE_SEG EQU 28h WIN32_VXD_DATA_SEG EQU 30h WIN32_VXD_FS_SEG EQU 78h ENDIF include .\..\include\vwin32.inc DESCRIPTOR STRUCT dd1 dd ? dd2 dd ? DESCRIPTOR ENDS DTR STRUCT lim dw ? p dd ? DTR ENDS RETZ MACRO xor eax,eax ret ENDM return MACRO var mov eax,var ret ENDM m2m MACRO MD, MS push MS pop MD ENDM INTERNAL_ERROR EQU 1 UNKNOW_COMMAND EQU 10h INVALID_PARAMETER EQU 20h BUFFER_TOO_SMALL EQU 30h NOT_EXIST EQU 40h ALREADY_EXIST EQU 41h VXDBYNAME STRUCT DDB_SDK_Version dw ? DDB_Req_Device_Number dw ? DDB_Dev_Major_Version db ? DDB_Dev_Minor_Version db ? DDB_Flags dw ? DDB_Name db 8 dup(?) DDB_Init_Order dd ? DDB_Control_Proc dd ? DDB_V86_API_Proc dd ? DDB_PM_API_Proc dd ? DDB_V86_API_CSIP dd ? DDB_PM_API_CSIP dd ? DDB_Reference_Data dd ? DDB_Service_Table_Ptr dd ? DDB_Service_Table_Size dd ? VXDBYNAME ENDS GET_GDT EQU 10h GET_LDT EQU 11h GET_IDT EQU 12h LIST_VXDNAMES EQU 20h GET_VXDBYNAME EQU 21h GET_DUMP EQU 30h ;************************************************************************************************* VxD_LOCKED_DATA_SEG ;************************************************************************************************* pDPageFault dd ? ; ptr on Descriptor PageFault pWinPFHandler dd ? ; zin Handler for PageFault ;************************************************************************************************* VxD_LOCKED_DATA_ENDS ;************************************************************************************************* VxD_LOCKED_CODE_SEG ;************************************************************************************************* DECLARE_VIRTUAL_DEVICE SYSACCES, 1, 0, SYSACCES_control, UNDEFINED_DEVICE_ID, UNDEFINED_INIT_ORDER BeginProc SYSACCES_control Control_Dispatch w32_DeviceIoControl, On_Ioctl Control_Dispatch Sys_Dynamic_Device_Init, On_DeviceInit Control_Dispatch Sys_Dynamic_Device_Exit, On_DeviceExit clc ret EndProc SYSACCES_control BeginProc SysAccesPFHandler ; ... ; Faulter CS ; esp+18h ; Faulter EIP ; esp+14h ; Error Code ; esp+10h ; WinHandler ; esp+0Ch ; flags ; esp+08h ; ds ; esp+04h ; eax ; esp+00h push eax pushfd push ds push eax ; initialize data segment mov eax, WIN32_VXD_DATA_SEG mov ds, eax ; check if SysAcces cause fault lea eax, PageFaultIsHere cmp eax, [esp+14h] ; faulter EIP / Flat, we don't check CS je CorrectFault ; it isn't SysAcces, call WinHandler mov eax, pWinPFHandler mov [esp+0Ch], eax pop eax pop ds popfd ret CorrectFault: sti lea eax, Ioctl_NotExist mov [esp+14h], eax add esp, 5*4 iretd EndProc SysAccesPFHandler BeginProc On_DeviceExit ; restore previous PageFaultHandler mov eax, pWinPFHandler mov esi, pDPageFault mov edx, eax shr eax, 16 cli mov [esi], dx mov [esi+6], ax sti clc ret EndProc On_DeviceExit BeginProc On_Ioctl ASSUME esi:PTR DIOCParams mov eax, [esi].dwIoControlCode and eax, eax je Ioctl_Open mov edi, [esi].lpvOutBuffer mov ecx, [esi].cbOutBuffer mov ebx, [esi].lpcbBytesReturned mov edx, [esi].lpvInBuffer and edi, edi je Ioctl_InvalidParameter cmp ecx, 6 jb Ioctl_BufferTooSmall cmp eax, LIST_VXDNAMES je Ioctl_GetVxDList cmp eax, GET_IDT je Ioctl_GetIDT cmp eax, GET_GDT jz Ioctl_GetGDT and edx, edx je Ioctl_InvalidParameter cmp eax, GET_DUMP je Ioctl_GetDump cmp eax, GET_LDT je Ioctl_GetLDT cmp eax, GET_VXDBYNAME je Ioctl_GetVxDByName return UNKNOW_COMMAND Ioctl_Open: RETZ Ioctl_GetGDT: sgdt qword ptr [edi] jmp Ioctl_CopyDT Ioctl_GetIDT: sidt qword ptr [edi] jmp Ioctl_CopyDT Ioctl_GetLDT: cmp [esi].cbInBuffer, 4 jne Ioctl_InvalidParameter ASSUME edi:PTR DTR sgdt qword ptr [edi] mov eax, [edx] movzx edx, [edi].lim inc edx shr edx, 3 cmp eax, edx ja Ioctl_InvalidParameter mov edx, [edi].p lea edx, [edx+eax*8] mov eax, [edx+4] shr eax, 8 and al, 1Fh cmp al, 2 jne Ioctl_InvalidParameter mov eax, [edx] mov edx, [edx+4] mov [edi].lim, ax mov al, dl shr edx, 16 mov ah, dh rol eax, 16 mov [edi].p, eax Ioctl_CopyDT: movzx edx, [edi].lim mov eax, edx add edx, SIZEOF DTR+1 inc eax cmp ecx, edx jb Ioctl_BufferTooSmall shr eax, 2 mov esi, [edi].p mov ecx, eax add edi, SIZEOF DTR ASSUME edi:NOTHING rep movsd mov [ebx], edx RETZ Ioctl_GetVxdList: sub ecx, 4 shr ecx, 3 ; ecx = nbVxDLogeable je Ioctl_BufferTooSmall VMMCall VMM_GetDDBList push edi xor edx, edx add edi, 4 and eax, eax je Ioctl_NotExist @@: mov esi, eax mov eax, dword ptr [esi+0Ch] push dword ptr [esi+10h] stosd pop eax stosd lodsd inc edx and eax, eax loopnz @B pop edi mov [edi], edx shl edx, 3 mov [ebx], edx and eax, eax jne Ioctl_BufferTooSmall ret Ioctl_GetVxDByName: cmp [esi].cbInBuffer, 8 jne Ioctl_InvalidParameter cmp ecx, SIZEOF VXDBYNAME jb Ioctl_BufferTooSmall VMMCall VMM_GetDDBList @@: mov esi, eax and eax, eax je Ioctl_NotExist mov eax, dword ptr [esi+0Ch] mov ecx, dword ptr [esi+10h] cmp eax, [edx] lodsd jne @B cmp ecx, [edx+4] jne @B mov ecx, ((SIZEOF VXDBYNAME) SHR 2) rep movsd mov dword ptr [ebx], SIZEOF VXDBYNAME RETZ Ioctl_GetDump: cmp [esi].cbInBuffer, 4 jne Ioctl_InvalidParameter mov esi, dword ptr [edx] mov eax, 4096 cmp ecx, eax jb Ioctl_BufferTooSmall shr eax, 2 mov ecx, eax PageFaultIsHere: rep movsd mov dword ptr [ebx], 4096 RETZ Ioctl_InternalError: return INTERNAL_ERROR Ioctl_NotExist: return NOT_EXIST Ioctl_AlreadyExist: return ALREADY_EXIST Ioctl_InvalidParameter: return INVALID_PARAMETER Ioctl_BufferTooSmall: return BUFFER_TOO_SMALL ASSUME esi:NOTHING EndProc On_Ioctl ;************************************************************************************************* VxD_LOCKED_CODE_ENDS ;************************************************************************************************* VxD_INIT_CODE_SEG ;************************************************************************************************* ;the interrupt descriptor table register is stored here IDTR_win: dw ? dd ? BeginProc On_DeviceInit ; install our debug handler by redirecting the vector for interrupt 14 ( = 0Eh) lea esi, IDTR_win ;save the interrupt descriptor table register sidt qword ptr [esi] mov esi, dword ptr [esi+2] lea edi, [esi+14*8] ;get current Int 0Eh vector mov pDPageFault, edi mov ax, [edi+6] mov dx, [edi] shl eax, 16 mov ax, dx mov pWinPFHandler, eax lea eax, SysAccesPFHandler mov edx, eax shr eax, 16 cli mov [edi], dx mov [edi+6], ax sti clc ret EndProc On_DeviceInit ;************************************************************************************************* VxD_INIT_CODE_ENDS ;************************************************************************************************* end [b]Save this as "sysacces.def"[/b] VXD SYSACCES DYNAMIC SEGMENTS _LPTEXT CLASS 'LCODE' PRELOAD NONDISCARDABLE _LTEXT CLASS 'LCODE' PRELOAD NONDISCARDABLE _LDATA CLASS 'LCODE' PRELOAD NONDISCARDABLE _TEXT CLASS 'LCODE' PRELOAD NONDISCARDABLE _DATA CLASS 'LCODE' PRELOAD NONDISCARDABLE CONST CLASS 'LCODE' PRELOAD NONDISCARDABLE _TLS CLASS 'LCODE' PRELOAD NONDISCARDABLE _BSS CLASS 'LCODE' PRELOAD NONDISCARDABLE _LMGTABLE CLASS 'MCODE' PRELOAD NONDISCARDABLE IOPL _LMSGDATA CLASS 'MCODE' PRELOAD NONDISCARDABLE IOPL _IMSGTABLE CLASS 'MCODE' PRELOAD DISCARDABLE IOPL _IMSGDATA CLASS 'MCODE' PRELOAD DISCARDABLE IOPL _ITEXT CLASS 'ICODE' DISCARDABLE _IDATA CLASS 'ICODE' DISCARDABLE _PTEXT CLASS 'PCODE' NONDISCARDABLE _PMSGTABLE CLASS 'MCODE' NONDISCARDABLE IOPL _PMSGDATA CLASS 'MCODE' NONDISCARDABLE IOPL _PDATA CLASS 'PDATA' NONDISCARDABLE SHARED _STEXT CLASS 'SCODE' RESIDENT _SDATA CLASS 'SCODE' RESIDENT _DBOSTART CLASS 'DBOCODE' PRELOAD NONDISCARDABLE CONFORMING _DBOCODE CLASS 'DBOCODE' PRELOAD NONDISCARDABLE CONFORMING _DBODATA CLASS 'DBOCODE' PRELOAD NONDISCARDABLE CONFORMING _16ICODE CLASS '16ICODE' PRELOAD DISCARDABLE _RCODE CLASS 'RCODE' EXPORTS SYSACCES_DDB @1 [b]Save this as "Make.bat"[/b] C:\masm32\bin\ml.exe -Fl -coff -c -Cx -DMASM6 -DBLD_COFF -DIS_32 C:\masm32\RamView\sysacces.asm C:\masm32\bin\link -vxd -def:C:\masm32\RamView\sysacces.def C:\masm32\RamView\sysacces.obj exit
TheirCorp's SourceForge project includes:
- API Helper --- a code generator for the Win32 API
- BinEditPlus --- a decompiler and more
- ComHelper --- a code generator for the COM programming
- "Flex" --- an editor with novel features
- GDI Debug --- catches programming errors that could lead
to resource leaks - Import Monitor --- (an API hook) Intercepts and monitors
calls to imported functions - Intricately Mergeable Templates
- Jellyfish Pro enhancer plugin (adds drag-and-drop and more..)
- TheirEdit --- an editor for PowerBASIC code
- TheirNote --- a KeyNote clone
- TheirSheet --- a spreadsheet
- SrcFrmt --- a source code formatter
- Tooltipper --- a tooltip code generator
PowerBASIC article in Wikipedia
The attached zip file creates a folder named "RamView". It contains all
source and binary files.