Comments (8)
imerzan
commented on August 17, 2024
1
@ufrisk thanks for the response
I tried the first one and it didn't work:
0x1000 0x9E000 0x9F000 0xA0000 0x100000 0x40D3B000 0x44FFF000 0x45000000 0x10000000 0x8B0800000It doesn't even load for a bit like without memmap:
TX: MRd32: Len: 000 ReqID: 0900 BE_FL: ff Tag: 77 Addr: 00077000 0000 00 00 00 00 09 00 77 ff 00 07 70 00 ......w...p. TX: MRd32: Len: 000 ReqID: 0900 BE_FL: ff Tag: 78 Addr: 00078000 0000 00 00 00 00 09 00 78 ff 00 07 80 00 ......x..... TX: MRd32: Len: 000 ReqID: 0900 BE_FL: ff Tag: 79 Addr: 00079000 0000 00 00 00 00 09 00 79 ff 00 07 90 00 ......y..... [CORE] DTB located at: 00000000001ae000. MemoryModel: X64 [PROCESS] BAD DTB: PID=4 DTB=00000000001ae000 [CORE] Initialization Failed. Unable to locate ntoskrnl.exe. #3 VmmProc: Unable to auto-identify operating system. Specify PageDirectoryBase (DTB/CR3) in -dtb option if value if known. If arm64 dump, specify architecture: -arch arm64 [CORE] Failed to initialize. [CORE] SHUTDOWN COMPLETED (00000170F70AB040). [CORE] TIME: 2023-12-04 10:58:47 UTC. [CORE] RUNTIME: 1s. Unable to initialize DMAI'll try the other one later today or tomorrow. It doesn't seem to me like the firmware is the issue if it works fine when targeting the same PC from another computer.
Another question - this is an Intel machine but I think the mobo ports are thunderbolt - I need to look at the specs. If that's the case, do you think connecting through a USB-C PCIE card would help?
Shave 1 byte off the top of each mem map entry, I didn't do that and had issues.
1000 - 9dfff
9f000 - 9ffff
etc.
from memprocfs.
caiovlp
commented on August 17, 2024
1
memmap didn't work for me but I manage to work around this issue with pci-e usb-c card. Thanks for the help
from memprocfs.
imerzan
commented on August 17, 2024
per
[PDB] Functionality may be limited. Extended debug information disabled
[PDB] Offline symbols unavailable - file 'info.db' not found
[PDB] Reason: Could not load PDB required files - symsrv.dll/dbghelp.dll.
I would put symsrv.dll and dbghelp.dll in your directory and see if that helps. MemProcFS should auto load them during initialization and download ntoskrnl symbols.
Also make sure you have the latest info.db file from the latest release.
All of these files are included in the downloads from the releases section.
from memprocfs.
caiovlp
commented on August 17, 2024
Thanks for the comment but I've tried that before and it doesn't work. I have different output depending on parameters and versions and I might've missed the info.db and other files in that one example but here's one with the latest version (5.8) that fails to initialize:
----- FPGA DEVICE CONFIG REGISTERS: CORE-READ-ONLY SIZE: 40 BYTES -----
0000 89 ab 00 00 28 00 00 00 04 0a 04 00 00 00 00 00 ....(...........
0010 27 c0 1c 1d 39 01 00 00 29 c0 1c 1d 39 01 00 00 '...9...)...9...
0020 00 00 02 00 ff ff ff ff ........
----- FPGA DEVICE CONFIG REGISTERS: CORE-READ-WRITE SIZE: 30 BYTES -----
0000 cd ef 04 00 1e 00 00 00 a0 86 01 00 00 00 00 00 ................
0010 ee 10 07 00 ee 10 66 06 02 34 00 00 7f 00 ......f..4.. .
----- FPGA DEVICE CONFIG REGISTERS: PCIE-READ-ONLY SIZE: 48 BYTES -----
0000 01 23 00 00 30 00 00 00 09 00 16 08 7c 00 00 00 .#..0.......|...
0010 00 00 00 00 00 00 00 00 30 29 00 00 00 00 40 00 ........0)....@.
0020 12 10 00 00 1e 7f 00 00 00 00 01 88 00 00 00 00 ..... ..........
----- FPGA DEVICE CONFIG REGISTERS: PCIE-READ-WRITE SIZE: 88 BYTES -----
0000 45 67 10 f0 58 00 00 00 35 0a 00 01 01 00 00 00 Eg..X...5.......
0010 00 00 00 ff 01 80 48 00 00 00 00 0e 00 00 00 00 ......H.........
0020 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0040 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0050 00 00 00 00 24 f4 00 00 ....$...
----- PCIe CORE Dynamic Reconfiguration Port (DRP) SIZE: 0x100 BYTES -----
0000 00 02 00 01 00 02 01 00 10 00 d0 04 00 00 e0 00 ................
0010 ff ff c0 00 ff ff 00 00 00 00 00 00 00 00 00 00 ................
0020 00 00 00 00 00 00 00 00 00 00 00 44 00 00 00 00 ...........D....
0030 00 03 05 07 30 00 22 4c 02 00 00 00 00 03 00 00 ....0."L........
0040 02 a1 03 ff 01 00 1f fd 7f ff 09 ff 01 20 01 60 ........ .... .`
0050 00 05 01 7c 11 9c 00 00 00 00 00 00 00 00 00 00 ...|............
0060 00 00 10 7c 00 02 44 21 00 78 3d 60 00 23 00 00 ...|..D!.x=`.#..
0070 00 00 00 00 00 00 00 00 00 00 00 00 00 15 00 01 ................
0080 00 01 00 00 00 01 00 00 00 01 00 00 00 01 00 00 ................
0090 00 01 00 00 00 01 00 00 00 00 00 00 00 00 00 00 ................
00a0 00 00 00 00 00 00 00 00 00 02 00 00 12 34 10 18 .............4..
00b0 00 0b 00 01 00 11 00 00 00 00 00 00 00 01 00 00 ................
00c0 00 28 00 41 ff ff ff ff 00 e0 00 00 80 08 00 22 .(.A..........."
00d0 07 ff 03 52 02 48 00 08 00 40 0e 84 fa ac 00 00 ...R.H...@......
00e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00f0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
----- PCIe CONFIGURATION SPACE (no user set values) SIZE: 0x200 BYTES -----
0000 d2 14 10 80 00 00 10 00 a1 03 00 07 10 00 00 00 ................
0010 00 40 80 50 00 00 80 50 00 00 00 00 00 00 00 00 [email protected]........
0020 00 00 00 00 00 00 00 00 00 00 00 00 d2 14 10 80 ................
0030 00 00 00 00 44 00 00 00 00 00 00 00 ff 01 00 00 ....D...........
0040 00 00 00 00 01 60 23 7e 08 00 00 00 00 00 00 00 .....`#~........
0050 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0060 05 7c 80 00 00 00 00 00 00 00 00 00 00 00 00 00 .|..............
0070 00 00 00 00 00 00 00 00 00 00 00 00 10 00 02 00 ................
0080 22 83 e8 07 30 29 00 00 12 f4 03 00 40 00 12 10 "...0)......@...
0090 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00a0 01 00 00 00 00 00 00 00 00 00 00 00 02 00 00 00 ................
00b0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00c0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00d0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00f0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0100 01 00 01 00 00 00 00 00 00 00 40 00 30 20 46 00 [email protected] F.
0110 00 00 00 00 00 20 00 00 20 00 00 00 00 00 00 00 ..... .. .......
0120 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0130 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0140 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0150 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0160 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0170 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0180 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0190 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
01a0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
01b0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
01c0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
01d0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
01e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
01f0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
----- PCIe SHADOW CONFIGURATION SPACE (only user set values) SIZE: 0x1000 BYTES -----
0000 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0020 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0040 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0050 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0060 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0070 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0080 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0090 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00a0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00b0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00c0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00d0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00f0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0100 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0110 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0120 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0130 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0140 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0150 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0160 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0170 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0180 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0190 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
01a0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
01b0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
01c0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
01d0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
01e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
01f0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0200 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0210 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0220 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0230 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0240 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0250 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0260 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0270 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0280 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0290 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
02a0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
02b0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
02c0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
02d0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
02e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
02f0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0300 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0310 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0320 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0330 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0340 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0350 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0360 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0370 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0380 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0390 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
03a0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
03b0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
03c0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
03d0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
03e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
03f0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0400 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0410 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0420 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0430 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0440 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0450 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0460 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0470 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0480 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0490 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
04a0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
04b0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
04c0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
04d0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
04e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
04f0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0500 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0510 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0520 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0530 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0540 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0550 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0560 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0570 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0580 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0590 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
05a0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
05b0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
05c0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
05d0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
05e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
05f0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0600 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0610 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0620 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0630 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0640 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0650 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0660 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0670 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0680 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0690 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
06a0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
06b0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
06c0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
06d0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
06e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
06f0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0700 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0710 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0720 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0730 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0740 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0750 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0760 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0770 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0780 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0790 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
07a0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
07b0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
07c0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
07d0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
07e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
07f0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0800 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0810 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0820 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0830 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0840 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0850 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0860 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0870 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0880 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0890 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
08a0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
08b0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
08c0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
08d0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
08e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
08f0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0900 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0910 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0920 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0930 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0940 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0950 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0960 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0970 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0980 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0990 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
09a0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
09b0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
09c0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
09d0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
09e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
09f0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0a00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0a10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0a20 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0a30 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0a40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0a50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0a60 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0a70 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0a80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0a90 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0aa0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0ab0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0ac0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0ad0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0ae0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0af0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0b00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0b10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0b20 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0b30 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0b40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0b50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0b60 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0b70 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0b80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0b90 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0ba0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0bb0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0bc0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0bd0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0be0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0bf0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0c00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0c10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0c20 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0c30 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0c40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0c50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0c60 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0c70 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0c80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0c90 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0ca0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0cb0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0cc0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0cd0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0ce0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0cf0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0d00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0d10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0d20 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0d30 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0d40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0d50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0d60 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0d70 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0d80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0d90 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0da0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0db0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0dc0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0dd0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0de0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0df0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0e00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0e10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0e20 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0e30 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0e40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0e50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0e60 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0e70 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0e80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0e90 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0ea0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0eb0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0ec0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0ed0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0ee0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0ef0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0f00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0f10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0f20 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0f30 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0f40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0f50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0f60 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0f70 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0f80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0f90 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0fa0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0fb0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0fc0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0fd0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0fe0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0ff0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
LcMemMap_AddRange: 0000000000000000-000000000009ffff -> 0000000000000000
LcMemMap_AddRange: 0000000000100000-00000008b07fffff -> 0000000000100000
LeechCore v2.16.9: Open Device: fpga
[CORE] DTB located at: 00000000001ae000. MemoryModel: X64
[CORE] NTOS located at: fffff80437e00000
[INFODB] INIT: SUCCESS: va=0xfffff80437e00000
[SYMBOL] Initialization of debug symbol .pdb functionality completed
[SYMBOL] [ srv*\build\Debug\Symbols*https://msdl.microsoft.com/download/symbols ]
[SYMBOL] Initialized symbol subsystem (Microsoft).
[CORE] Initialization Failed. Unable to locate EPROCESS. #4
VmmProc: Unable to auto-identify operating system.
Specify PageDirectoryBase (DTB/CR3) in -dtb option if value if known.
If arm64 dump, specify architecture: -arch arm64
[CORE] Failed to initialize.
[CORE] SHUTDOWN COMPLETED (0000020238330040).
[CORE] TIME: 2023-12-04 05:30:34 UTC.
[CORE] RUNTIME: 2s.
Unable to initialize DMA
I'm able to attack this PC from another PC. But I'm unable to attack it from the same computer for some reason.
from memprocfs.
ufrisk
commented on August 17, 2024
Try two things:
-
First make sure you use a memory map: https://github.com/ufrisk/LeechCore/wiki/Device_FPGA_AMD_Thunderbolt it would look something like
-memmap c:\\temp\\my_memmap.txt -
If the memmap doesn't work try to flash the default firmware (instead of your custom one) and try if it works better. The default firmware is found here: https://github.com/ufrisk/pcileech-fpga/tree/master/PCIeSquirrel
Let me know how it goes.
from memprocfs.
caiovlp
commented on August 17, 2024
@ufrisk thanks for the response
I tried the first one and it didn't work:
0x1000 0x9E000
0x9F000 0xA0000
0x100000 0x40D3B000
0x44FFF000 0x45000000
0x10000000 0x8B0800000
It doesn't even load for a bit like without memmap:
TX: MRd32: Len: 000 ReqID: 0900 BE_FL: ff Tag: 77 Addr: 00077000
0000 00 00 00 00 09 00 77 ff 00 07 70 00 ......w...p.
TX: MRd32: Len: 000 ReqID: 0900 BE_FL: ff Tag: 78 Addr: 00078000
0000 00 00 00 00 09 00 78 ff 00 07 80 00 ......x.....
TX: MRd32: Len: 000 ReqID: 0900 BE_FL: ff Tag: 79 Addr: 00079000
0000 00 00 00 00 09 00 79 ff 00 07 90 00 ......y.....
[CORE] DTB located at: 00000000001ae000. MemoryModel: X64
[PROCESS] BAD DTB: PID=4 DTB=00000000001ae000
[CORE] Initialization Failed. Unable to locate ntoskrnl.exe. #3
VmmProc: Unable to auto-identify operating system.
Specify PageDirectoryBase (DTB/CR3) in -dtb option if value if known.
If arm64 dump, specify architecture: -arch arm64
[CORE] Failed to initialize.
[CORE] SHUTDOWN COMPLETED (00000170F70AB040).
[CORE] TIME: 2023-12-04 10:58:47 UTC.
[CORE] RUNTIME: 1s.
Unable to initialize DMA
I'll try the other one later today or tomorrow. It doesn't seem to me like the firmware is the issue if it works fine when targeting the same PC from another computer.
Another question - this is an Intel machine but I think the mobo ports are thunderbolt - I need to look at the specs. If that's the case, do you think connecting through a USB-C PCIE card would help?
from memprocfs.
ufrisk
commented on August 17, 2024
@caiovlp did you resolve this issue with the above help or is it still not working?
from memprocfs.
ufrisk
commented on August 17, 2024
Many thanks for the update. It's nice to see the issue is resolved. I'm closing this issue.
from memprocfs.
Related Issues (20)
- VMMDLL_Map_GetHeapAlloc() VMMDLL_MAP_HEAPALLOCENTRY.cb off by 8 low HOT 3
- Python process.maps.heapalloc() size and memory read issues. HOT 1
- Rust API: VmmYaraResult.result is empty even if VmmYaraResult.total_results>0. HOT 9
- How do you set the interval in the configset vmmdll_opt_refresh HOT 2
- Question: Best way to get findevil results from Rust API HOT 3
- VMMDLL_Initialize init problems on AMD + LINUX HOT 1
- Some Windows 7 memory images cannot analyze dst ip and dst port. HOT 1
- An issue with mounting image files HOT 2
- How can I achieve threading with this? (rust) HOT 1
- Can we further optimize it HOT 3
- need kernl call Example HOT 1
- Java Vabase return minus value HOT 4
- C++ Scatter abnormal HOT 2
- rust: yara SIGSEGV HOT 12
- Rust API: Yara Match Rules are truncated HOT 7
- C++ freezing the Read Requests HOT 1
- [FYI] A quick experiment with ReactOS as a qemu guest HOT 2
- The PID can be found, but its base address cannot be found. HOT 5
- MemProcFS.exe加载报错,DTB HOT 2
- DOKANY file system library is not installed. HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from memprocfs.