View previous topic :: View next topic |
Author |
Message |
SpaMx01 How do I cheat? Reputation: 0
Joined: 16 Sep 2017 Posts: 6
|
Posted: Sat Sep 16, 2017 1:41 am Post subject: DbgPrint (ntoskrnl.exe) declaration in Delphi |
|
|
Dear community,
I am developing kernel driver in Delphi and have a problem to use DbgPrint function from ntoskrnl.exe. DebugView app NOT show anything from my driver. If i load different driver (created in c) I see DbgPrint messages in DebugView correctly ... so looks like the problem is in declaration of DbgPrint in pas file:
Code: |
..
const
NtKernel = 'ntoskrnl.exe';
..
function DbgPrint(Format: PAnsiChar): NTSTATUS; cdecl; varargs;
..
implementation
..
function DbgPrint; external NtKernel name '_DbgPrint';
..
|
This is C++ Syntax:
Code: |
ULONG DbgPrint(
_In_ PCHAR Format,
arguments
);
|
I think my pas declaration is correct (NTSTATUS = Cardinal). But why I not see debug messages then? Can someone help me?
Thanks!
|
|
Back to top |
|
|
Dark Byte Site Admin Reputation: 458
Joined: 09 May 2003 Posts: 25287 Location: The netherlands
|
Posted: Sat Sep 16, 2017 2:50 am Post subject: |
|
|
try
Code: |
function DbgPrint(Format: PAnsiChar; Args : Array of const): NTSTATUS; cdecl;
|
and then call it like:
DbgPrint(pchar('this may work %d'),[100]);
alternatively, your code never gets executed
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
Back to top |
|
|
SpaMx01 How do I cheat? Reputation: 0
Joined: 16 Sep 2017 Posts: 6
|
Posted: Sat Sep 16, 2017 3:15 am Post subject: |
|
|
Hello,
I tryed lots of variants like this but without success.
I am using Meerkat to generate sys driver from Delphi pas file. Maybe there are some compiler settings that can ignore DbgPrint while compiling? All Meerkat samples not show anything in DebugView so looks like original declaration from autors of DbgPrint is wrong...
|
|
Back to top |
|
|
Dark Byte Site Admin Reputation: 458
Joined: 09 May 2003 Posts: 25287 Location: The netherlands
|
Posted: Sat Sep 16, 2017 7:01 am Post subject: |
|
|
does your driver load ?
do the functions return the proper values ?
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
Back to top |
|
|
SpaMx01 How do I cheat? Reputation: 0
Joined: 16 Sep 2017 Posts: 6
|
Posted: Sat Sep 16, 2017 8:34 am Post subject: |
|
|
Umm ... I use Turla Driver Loader so I can not see my driver in driver list (tryed driverqueue command or 3rd party software). But If it can load and run simple c driver with success, I think I can count that it work. I am testing DbgPrint with base template:
Code: |
unit BasicDriver;
interface
uses nt_status, ntoskrnl;
function _DriverEntry(DriverObject:PDriverObject;RegistryPath:PUnicodeString):NTSTATUS; stdcall;
implementation
function _DriverEntry(DriverObject:PDriverObject;RegistryPath:PUnicodeString):NTSTATUS; stdcall;
begin
Result := STATUS_SUCCESS;
DbgPrint('this may work %d' + #13#10, [100]);
end;
end.
|
Because of Kernel Driver I can not test any functions returns right? I mean from Delphi GUI (debug mode).
EDIT: I tryed sample driver which should create directory and file inside but nothing happen. Looks like all drivers created with Meerkat not work ...
|
|
Back to top |
|
|
|