I need to patch a WDM driver, so that i can listen to all the MMIO being done the driver. I did so before on a Linux driver, but i'm rather clueless on how to do this with a Windows driver.

The WDM driver calls WRITE_REGISTER_ULONG to write to a MMIO area of a PCI device, and AFAIK, i have to replace those calls with something like _MY_DEBUG_FUNC, and there i can forward the write operation and make a copy of the data and address being written.

I have been playing with IDA 4.5 evaluation version, but it just doesnt let me insert any assembler code (very frustrating) ! Finally i decided to dump the Assembler listing to a text file, and try to recompile it with MingW "as.exe" assembler, but it uses a different syntax (argGHHH).

Any ideas ?

Best Regards
Posted on 2003-10-08 08:11:15 by mjander
While IDA is a very nice tool, and definitely worth the money, don't count on being able to reassemble disassemblies and get working output.

Your best bet is probably to patch the stuff in memory, but... tjah. The KMD road is long and hard ^_^
Posted on 2003-10-09 16:17:49 by f0dder