Yang's status report - #5 of 16

["veotax" <hsluoyz () qq com>]

Hi everyone,Here's my status report for week #5.
I spent a lot of time constructing an easy-to-use debugging environment with VS2012 instead of the old WinDbg way. I 
have succeeded in debugging a remote Windows 8 target machine. However, some problems occurred when debugging a Win7 
system. I can break in the current instruction of a Win7 guest, but cannot set a breakpoint in my source code with 
VS2012, nor with the orginal WinDbg. The combination of WDK7600 and WinDbg can accomplish this goal easily, and I had 
no idea with this problem for several days. I will figure this out next week. Accomplishments: 
* Found the cheap code signing price fyodor mentioned before -- 99$ from VeriSign for the first year. Given that 
VeriSign would charge 499$ from the second year, we can turn to other code signing services like K software (213$ one 
year) and Comodo (180$ one year). 

* ported the NPcap code from NDIS6.0 to NDIS6.2 by following the tutorials from MSDN. At present, this driver can be 
installed and uninstalled normally, while, the actual functions still need further debugging.
* worked on building a comfortable debugging environment for drivers, the best choice is the network debugging, but 
only Win8 target is supported. So Win8 target debugging is OK now. The other selection is local VMWare virtual machine 
debugging. When debugging a Win7 target, I have to use this way. And now I encountered that problem. I have removed 
some bugs in current NPcap, but still leave a long way to go.
Priorities: 
* Build a comfortable debugging environment for Win7 targets.
* Remove the bugs in current NPcap and make it behave just like WinPcap. 
* Have a meeting with my mentor for the next step. 
Cheers, Yang Luo http://veotax.com
_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/