Hi!
With the help of this little tool, I captured the whole port IO of the
TWAIN driver for the ScanMagic 1200 ED Plus (ASIC 1015, CCD 01)... in a
few days, there will be a new version of the mustek_pp backend :)
-- jochen
>
> Hi!
>
> Since most of my work consists of reversing stupid TWAIN drivers, I've
> written a little (hopefully) handy tool:
>
> it's called vxd (because it works on VXDs :) Since TWAIN drivers (for
> the parallel port) need to access the parallel port, they all come with
> a ring-0 DLL, a so called VxD, that handles the port IO.
>
> In my case, this VxD implements similiar commands to sanei_pa4s2. If I
> can log the calls to these functions I basically know how to operate the
> scanner. To do this, I just need to disassemble the VxD, add some lines
> of code and assemble it again. Unfurtonally, a) I don't have neither
> masm nor the win98-ddk (both needed to compile a windows driver) b) the
> output of normal disassemblers just won't assemble :-(
>
> So I wrote a tool (vxd) to disassemble a VxD in form, I can assemble it
> again using NASM (avoiding the whole damn microsoft stuff :)
>
> This tool won't work for any VxD:
>
> - it must be pure 32bit PM code
> - only one segment (LCODE/LDATA)
> - no VxD service table
> - no stupid tricky code
>
> but it works for the vxd I want to crack...
>
> however I don't know, whether this tool works because of two things:
>
> a) you still need the link.exe from microsoft to produce the VxD
> b) I don't have windows (which is needed to run link.exe & test the
> resulting VxD)
>
> furthermore, I'm still looking for these "some lines of code" that log
> the function calls (after all, I'm not really experienced in writing
> windows code...) when I've figured out some good code, I'll let you
> know...
>
-- Source code, list archive, and docs: http://www.mostang.com/sane/ To unsubscribe: echo unsubscribe sane-devel | mail majordomo@mostang.com
This archive was generated by hypermail 2b29 : Sun Sep 03 2000 - 03:03:09 PDT