Paul
Paul
# Overview This large PR is to extend the dotnet parsing capabilities to look into the .NET directory and MetaData tables further. Not all MetaData tables are being handled, just...
https://github.com/stevemk14ebr/RETools/blob/633033d6b6dba4b3c09bd9597a0483acc9321188/JITCall/JITLoadDll/ManualMapper/ManualMap.cpp#L349 Should be ``` return RVA2VA(size_t, hModule, exportPtrs.addressOfFunctions[exportPtrs.addressOfNameOrdinals[i]]); ``` https://github.com/stevemk14ebr/RETools/blob/633033d6b6dba4b3c09bd9597a0483acc9321188/JITCall/JITLoadDll/ManualMapper/ManualMap.cpp#L340 should be size_t return for x86 support
Allow plugins to have configs. When logging syscalls we hardcode our target binary. We could support more than one binary, change binary on the fly, even have a follow children...
If anyone wants to create a plugin there are a lot of little settings in the project that would lend better to a template. Also a lot of skeleton code....
Instead of blowing up the driver plugin architecture issue more, I figured I would create a separate issue. A lot of the plugins have a cut and paste of the...
### Converting to a Driver Plugin brings a simpler architecture: 1. Drivers are loaded and unloaded using `ZwLoadDriver` and `ZwUnloadDriver` 2. No manual mapping required which makes symbolic debugging easier...