Joseph Doherty
fe2a6db786
rust / build / test / clippy / fmt (push) Has been cancelled
Layout:
- src/ .NET 10 x64 reference: MxNativeCodec, MxNativeClient,
MxAsbClient, probes, tests, harnesses. Executable spec.
- design/ Architectural plan for the Rust port (M0–M6), error
model, protocol invariants, risks (R1–R16), adversarial
review log (review.md).
- rust/ Rust workspace. M0 skeleton + M1 codec parity.
mxaccess-codec: 215 unit tests + 2 cross-implementation
parity tests (byte-identical against .NET reference).
Other crates are M0 stubs awaiting M2+.
- captures/ Frida + netsh + pcap evidence per CLAUDE.md
("captures are evidence, not throwaway logs").
- analysis/ Decompiled C# (frida/proxy/decompiled-*),
Ghidra exports for native DLLs (`exports/` only —
working state at `projects/` and AVEVA's input
binaries at `input/` are gitignored).
- docs/ Reverse-engineering reference docs.
- tools/ Setup-LiveProbeEnv.ps1 (Infisical credential fetcher),
Compute-Crc.ps1 (.NET parity helper).
- .github/workflows/ Rust CI: fmt + build + test + clippy on Windows.
- LICENSE MIT (Joseph Doherty, 2026).
Verified:
- cargo test --workspace → 217 passed (215 unit + 2 .NET parity), 0 failed
- cargo clippy --workspace -- -D warnings → clean
- cargo fmt --all -- --check → clean
- cargo publish --dry-run -p mxaccess-codec → packages cleanly
Excluded from history (see .gitignore):
- **/bin, **/obj, **/target — build artifacts
- analysis/ghidra/projects/ — Ghidra working state (regenerable)
- analysis/ghidra/input/ — AVEVA proprietary DLLs (vendor IP)
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
54 lines
12 KiB
Plaintext
54 lines
12 KiB
Plaintext
time event module name ecx retval args candidate_index candidate_size candidate_ptr value_hits hex
|
|
2026-04-25T19:54:59.868Z hook.installed LmxProxy.dll CLMXProxyServer.Write.variantA []
|
|
2026-04-25T19:54:59.869Z hook.installed LmxProxy.dll CLMXProxyServer.Write.variantB []
|
|
2026-04-25T19:54:59.870Z hook.installed LmxProxy.dll CLMXProxyServer.WriteSecured.variantA []
|
|
2026-04-25T19:54:59.870Z hook.installed LmxProxy.dll CLMXProxyServer.WriteSecured.variantB []
|
|
2026-04-25T19:54:59.871Z hook.installed LmxProxy.dll CLMXProxyServer.AdviseSupervisory []
|
|
2026-04-25T19:55:06.914Z hook.installed Lmx.dll MxConnection.PrebindReference []
|
|
2026-04-25T19:55:06.915Z hook.installed Lmx.dll MxConnection.UserRegisterPreboundReference []
|
|
2026-04-25T19:55:06.916Z hook.installed Lmx.dll IMxReference.GetMxHandle []
|
|
2026-04-25T19:55:06.916Z hook.installed Lmx.dll AccessManager.FixUpMxHandle []
|
|
2026-04-25T19:55:06.917Z hook.installed Lmx.dll PreboundReference.Resolve []
|
|
2026-04-25T19:55:06.917Z hook.installed Lmx.dll PreboundReference.OnPlatformResolveReferenceResults []
|
|
2026-04-25T19:55:06.918Z hook.installed Lmx.dll PreboundReference.OnSetAttributeResult []
|
|
2026-04-25T19:55:07.015Z hook.installed NmxAdptr.dll CNmxAdapter.TransferData []
|
|
2026-04-25T19:55:07.016Z hook.installed NmxAdptr.dll CNmxAdapter.ProcessDataReceived []
|
|
2026-04-25T19:55:07.017Z hook.installed NmxAdptr.dll CNmxAdapter.PutRequest []
|
|
2026-04-25T19:55:07.018Z hook.installed NmxAdptr.dll CNmxAdapter.PutRequestEx []
|
|
2026-04-25T19:55:07.072Z lmx.fixup-mxhandle.enter Lmx.dll AccessManager.FixUpMxHandle []
|
|
2026-04-25T19:55:07.073Z lmx.fixup-mxhandle.leave Lmx.dll AccessManager.FixUpMxHandle 0xefe464 []
|
|
2026-04-25T19:55:07.073Z lmx.fixup-mxhandle.enter Lmx.dll AccessManager.FixUpMxHandle []
|
|
2026-04-25T19:55:07.073Z lmx.fixup-mxhandle.leave Lmx.dll AccessManager.FixUpMxHandle 0xefe464 []
|
|
2026-04-25T19:55:07.168Z lmx.prebind.enter Lmx.dll MxConnection.PrebindReference 0x10188a34 []
|
|
2026-04-25T19:55:07.170Z lmx.prebound-resolve.enter Lmx.dll PreboundReference.Resolve []
|
|
2026-04-25T19:55:07.170Z lmx.mxhandle.read Lmx.dll IMxReference.GetMxHandle 0xefe968 []
|
|
2026-04-25T19:55:07.170Z lmx.mxhandle.read Lmx.dll IMxReference.GetMxHandle 0xefe954 []
|
|
2026-04-25T19:55:07.171Z lmx.fixup-mxhandle.enter Lmx.dll AccessManager.FixUpMxHandle []
|
|
2026-04-25T19:55:07.171Z lmx.fixup-mxhandle.leave Lmx.dll AccessManager.FixUpMxHandle 0xefe954 []
|
|
2026-04-25T19:55:07.171Z lmx.mxhandle.read Lmx.dll IMxReference.GetMxHandle 0xefd550 []
|
|
2026-04-25T19:55:07.172Z lmx.mxhandle.read Lmx.dll IMxReference.GetMxHandle 0xefd550 []
|
|
2026-04-25T19:55:07.172Z lmx.mxhandle.read Lmx.dll IMxReference.GetMxHandle 0xefd550 []
|
|
2026-04-25T19:55:07.173Z lmx.mxhandle.read Lmx.dll IMxReference.GetMxHandle 0xefe968 []
|
|
2026-04-25T19:55:07.173Z lmx.mxhandle.read Lmx.dll IMxReference.GetMxHandle 0xefe968 []
|
|
2026-04-25T19:55:07.173Z lmx.mxhandle.read Lmx.dll IMxReference.GetMxHandle 0xefd51c []
|
|
2026-04-25T19:55:07.175Z lmx.mxhandle.read Lmx.dll IMxReference.GetMxHandle 0xefd51c []
|
|
2026-04-25T19:55:07.175Z lmx.prebound-resolve.leave Lmx.dll PreboundReference.Resolve 0x70fe1e01 []
|
|
2026-04-25T19:55:07.175Z lmx.prebind.leave Lmx.dll MxConnection.PrebindReference []
|
|
2026-04-25T19:55:07.177Z call.enter LmxProxy.dll CLMXProxyServer.AdviseSupervisory 0xefeb2c "[""0x5fd8ff0"",""0x1"",""0x1"",""0xbd9ce1cd"",""0x74794704""]"
|
|
2026-04-25T19:55:07.177Z lmx.fixup-mxhandle.enter Lmx.dll AccessManager.FixUpMxHandle []
|
|
2026-04-25T19:55:07.179Z lmx.fixup-mxhandle.leave Lmx.dll AccessManager.FixUpMxHandle 0xefe9ac []
|
|
2026-04-25T19:55:07.179Z call.leave LmxProxy.dll CLMXProxyServer.AdviseSupervisory 0x0 []
|
|
2026-04-25T19:55:07.304Z nmx.enter NmxAdptr.dll CNmxAdapter.PutRequest 0x1 "[""0x950c738"",""0x1"",""0x1"",""0x1"",""0x2"",""0x0"",""0x1ca"",""0x9510648"",""0xefe7f0"",""0x9cf61b62""]" 0 1 0x2
|
|
2026-04-25T19:55:07.304Z nmx.enter NmxAdptr.dll CNmxAdapter.PutRequest 0x1 "[""0x950c738"",""0x1"",""0x1"",""0x1"",""0x2"",""0x0"",""0x1ca"",""0x9510648"",""0xefe7f0"",""0x9cf61b62""]" 1 458 0x9510648 17 01 00 01 01 00 01 00 00 00 65 00 71 00 0a 00 00 00 00 00 08 6a 00 00 00 40 00 00 81 44 00 65 00 76 00 50 00 6c 00 61 00 74 00 66 00 6f 00 72 00 6d 00 2e 00 47 00 52 00 2e 00 54 00 69 00 6d 00 65 00 4f 00 66 00 4c 00 61 00 73 00 74 00 44 00 65 00 70 00 6c 00 6f 00 79 00 00 00 02 00 00 00 00 00 02 00 00 00 00 00 02 00 00 00 00 00 01 01 00 01 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 01 d0 fc 50 09 1f 01 00 52 c7 d7 40 49 87 92 43 8c 42 bc 3a 17 2c 9a 99 00 00 01 00 00 00 17 01 00 01 01 00 01 00 00 00 65 00 71 00 0a 00 00 00 00 00 08 76 00 00 00 4c 00 00 81 44 00 65 00 76 00 50 00 6c 00 61 00 74 00 66 00 6f 00 72 00 6d 00 2e 00 47 00 52 00 2e 00 54 00 69 00 6d 00 65 00 4f 00 66 00 4c 00 61 00 73 00 74 00 43 00 6f 00 6e 00 66 00 69 00 67 00 43 00 68 00 61 00 6e 00 67 00 65 00 00 00 02 00 00 00 00 00 02 00 00 00 00 00 02 00 00 00 00 00 01 01 00 01 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 01 50 03 51 09 20 01 00 02 00 00 00 01 01 00 01 00 00 00 65 00 71 00 0a 00 00 00 00 00 08 76 00 00 00 3a 00 00 81 44 00 65 00 76 00 50 00 6c 00 61 00 74 00 66 00 6f 00 72 00 6d 00 2e 00 5f 00 45 00 6e 00 67 00 55 00 6e 00 69 00 74 00 73 00 50 00 65 00 72 00 63 00 65 00 6e 00 74 00 00 00 18 00 00 00 44 00 65 00 76 00 50 00 6c 00 61 00 74 00 66 00 6f 00 72 00 6d 00 00 00 00 00 00 00 00 00 00 00 01 01 00 01 00 01 00 53 f2 ff ff 00 00 00 00 00 00 00 00 01 88 05 51 09
|
|
2026-04-25T19:55:07.309Z nmx.enter NmxAdptr.dll CNmxAdapter.TransferData 0x950c738 "[""0x1"",""0x1"",""0x1"",""0x1f8"",""0x9eb7020"",""0x9ba16637"",""0x9510214"",""0x9510204"",""0x641add04"",""0x0""]" 0 504 0x9eb7020 01 00 ca 01 00 00 00 00 00 00 01 00 00 00 01 00 00 00 01 00 00 00 fb 7f 00 00 01 00 00 00 01 00 00 00 01 00 00 00 01 02 00 00 30 75 00 00 17 01 00 01 01 00 01 00 00 00 65 00 71 00 0a 00 00 00 00 00 08 6a 00 00 00 40 00 00 81 44 00 65 00 76 00 50 00 6c 00 61 00 74 00 66 00 6f 00 72 00 6d 00 2e 00 47 00 52 00 2e 00 54 00 69 00 6d 00 65 00 4f 00 66 00 4c 00 61 00 73 00 74 00 44 00 65 00 70 00 6c 00 6f 00 79 00 00 00 02 00 00 00 00 00 02 00 00 00 00 00 02 00 00 00 00 00 01 01 00 01 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 01 d0 fc 50 09 1f 01 00 52 c7 d7 40 49 87 92 43 8c 42 bc 3a 17 2c 9a 99 00 00 01 00 00 00 17 01 00 01 01 00 01 00 00 00 65 00 71 00 0a 00 00 00 00 00 08 76 00 00 00 4c 00 00 81 44 00 65 00 76 00 50 00 6c 00 61 00 74 00 66 00 6f 00 72 00 6d 00 2e 00 47 00 52 00 2e 00 54 00 69 00 6d 00 65 00 4f 00 66 00 4c 00 61 00 73 00 74 00 43 00 6f 00 6e 00 66 00 69 00 67 00 43 00 68 00 61 00 6e 00 67 00 65 00 00 00 02 00 00 00 00 00 02 00 00 00 00 00 02 00 00 00 00 00 01 01 00 01 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 01 50 03 51 09 20 01 00 02 00 00 00 01 01 00 01 00 00 00 65 00 71 00 0a 00 00 00 00 00 08 76 00 00 00 3a 00 00 81 44 00 65 00 76 00 50 00 6c 00 61 00 74 00 66 00 6f 00 72 00 6d 00 2e 00 5f 00 45 00 6e 00 67 00 55 00 6e 00 69 00 74 00 73 00 50 00 65 00 72 00 63 00 65 00 6e 00 74 00 00 00 18 00 00 00 44 00 65 00 76 00 50 00 6c 00 61 00 74 00 66 00 6f 00 72 00 6d 00 00 00 00 00 00 00 00 00 00 00 01 01 00 01 00 01 00 53 f2 ff ff 00 00 00 00 00 00 00 00 01 88 05 51 09
|
|
2026-04-25T19:55:07.310Z nmx.leave NmxAdptr.dll CNmxAdapter.TransferData 0x0 []
|
|
2026-04-25T19:55:07.310Z nmx.leave NmxAdptr.dll CNmxAdapter.PutRequest 0x0 []
|
|
2026-04-25T19:55:07.352Z nmx.enter NmxAdptr.dll CNmxAdapter.ProcessDataReceived 0x950c738 "[""0x3d3"",""0x80543ac"",""0x779eae0"",""0x76ffedd8"",""0x950c744"",""0x3d3"",""0x80543ac"",""0x206"",""0x3"",""0x7b0180c""]" 0 979 0x80543ac d3 03 00 00 01 00 a5 03 00 00 00 00 00 00 01 00 00 00 01 00 00 00 01 00 00 00 01 00 00 00 01 00 00 00 01 00 00 00 fb 7f 00 00 02 02 00 00 30 75 00 00 40 1f 50 80 08 a6 00 00 00 40 00 00 91 44 00 65 00 76 00 50 00 6c 00 61 00 74 00 66 00 6f 00 72 00 6d 00 2e 00 47 00 52 00 2e 00 54 00 69 00 6d 00 65 00 4f 00 66 00 4c 00 61 00 73 00 74 00 44 00 65 00 70 00 6c 00 6f 00 79 00 00 00 18 00 00 00 44 00 65 00 76 00 50 00 6c 00 61 00 74 00 66 00 6f 00 72 00 6d 00 00 00 28 00 00 00 47 00 52 00 2e 00 54 00 69 00 6d 00 65 00 4f 00 66 00 4c 00 61 00 73 00 74 00 44 00 65 00 70 00 6c 00 6f 00 79 00 00 00 02 00 00 00 00 00 01 01 00 01 00 01 00 53 f2 9a 00 6a 00 0a 00 5f f1 00 00 01 6c 00 00 00 41 00 6e 00 20 00 69 00 6e 00 74 00 65 00 72 00 6e 00 61 00 6c 00 20 00 65 00 72 00 72 00 6f 00 72 00 20 00 6f 00 63 00 63 00 75 00 72 00 72 00 65 00 64 00 20 00 69 00 6e 00 20 00 74 00 68 00 65 00 20 00 42 00 61 00 73 00 65 00 20 00 52 00 75 00 6e 00 74 00 69 00 6d 00 65 00 20 00 4f 00 62 00 6a 00 65 00 63 00 74 00 00 00 1f 00 00 50 80 01 00 01 00 01 00 30 75 00 00 5e 28 9f 74 28 36 f6 4c be b3 c6 16 bc 76 32 dd 52 c7 d7 40 49 87 92 43 8c 42 bc 3a 17 2c 9a 99 40 1f 50 80 08 be 00 00 00 4c 00 00 91 44 00 65 00 76 00 50 00 6c 00 61 00 74 00 66 00 6f 00 72 00 6d 00 2e 00 47 00 52 00 2e 00 54 00 69 00 6d 00 65 00 4f 00 66 00 4c 00 61 00 73 00 74 00 43 00 6f 00 6e 00 66 00 69 00 67 00 43 00 68 00 61 00 6e 00 67 00 65 00 00 00 18 00 00 00 44 00 65 00 76 00 50 00 6c 00 61 00 74 00 66 00 6f 00 72 00 6d 00 00 00 34 00 00 00 47 00 52 00 2e 00 54 00 69 00 6d 00 65 00 4f 00 66 00 4c 00 61 00 73 00 74 00 43 00 6f 00 6e 00 66 00 69 00 67 00 43 00 68 00 61 00 6e 00 67 00 65 00 00 00 02 00 00 00 00 00 01 01 00 01 00 01 00 53 f2 9a 00 6b 00 0a 00 87 3a 00 00 01 6c 00 00 00 41 00 6e 00 20 00 69 00 6e 00 74 00 65 00 72 00 6e 00 61 00 6c 00 20 00 65 00 72 00 72 00 6f 00 72 00 20 00 6f 00 63 00 63 00 75 00 72 00 72 00 65 00 64 00 20 00 69 00 6e 00 20 00 74 00 68 00 65 00 20 00 42 00 61 00 73 00 65 00 20 00 52 00 75 00 6e 00 74 00 69 00 6d 00 65 00 20 00 4f 00 62 00 6a 00 65 00 63 00 74 00 00 00 20 00 00 50 80 01 00 01 00 01 00 30 75 00 00 40 1f 50 80 08 98 00 00 00 3a 00 00 81 44 00 65 00 76 00 50 00 6c 00 61 00 74 00 66 00 6f 00 72 00 6d 00 2e 00 5f 00 45 00 6e 00 67 00 55 00 6e 00 69 00 74 00 73 00 50 00 65 00 72 00 63 00 65 00 6e 00 74 00 00 00 18 00 00 00 44 00 65 00 76 00 50 00 6c 00 61 00 74 00 66 00 6f 00 72 00 6d 00 00 00 22 00 00 00 5f 00 45 00 6e 00 67 00 55 00 6e 00 69 00 74 00 73 00 50 00 65 00 72 00 63 00 65 00 6e 00 74 00 00 00 00 00 00 00 01 01 00 01 00 01 00 53 f2 64 00 a9 00 0a 00 0d f3 00 00 01 6c 00 00 00 41 00 6e 00 20 00 69 00 6e 00 74 00 65 00 72 00 6e 00 61 00 6c 00 20 00 65 00 72 00 72 00 6f 00 72 00 20 00 6f 00 63 00 63 00 75 00 72 00 72 00 65 00 64 00 20 00 69 00 6e 00 20 00 74 00 68 00 65 00 20 00 42 00 61 00 73 00 65 00 20 00 52 00 75 00 6e 00 74 00 69 00 6d 00 65 00 20 00 4f 00 62 00 6a 00 65 00 63 00
|
|
2026-04-25T19:55:07.352Z nmx.enter NmxAdptr.dll CNmxAdapter.ProcessDataReceived 0x950c738 "[""0x3d3"",""0x80543ac"",""0x779eae0"",""0x76ffedd8"",""0x950c744"",""0x3d3"",""0x80543ac"",""0x206"",""0x3"",""0x7b0180c""]" 1 518 0x3
|
|
2026-04-25T19:55:07.352Z nmx.enter NmxAdptr.dll CNmxAdapter.ProcessDataReceived 0x950c738 "[""0x3d3"",""0x80543ac"",""0x779eae0"",""0x76ffedd8"",""0x950c744"",""0x3d3"",""0x80543ac"",""0x206"",""0x3"",""0x7b0180c""]" 2 3 0x7b0180c d0 46 a3
|
|
2026-04-25T19:55:07.355Z nmx.leave NmxAdptr.dll CNmxAdapter.ProcessDataReceived 0x0 []
|
|
2026-04-25T19:55:07.359Z nmx.enter NmxAdptr.dll CNmxAdapter.ProcessDataReceived 0x950c738 "[""0x97"",""0x805ff04"",""0x779eae0"",""0x76ffedd8"",""0x950c744"",""0x97"",""0x805ff04"",""0x206"",""0x3"",""0x7b0180c""]" 0 151 0x805ff04 97 00 00 00 01 00 69 00 00 00 00 00 00 00 62 e2 0b 00 01 00 00 00 01 00 00 00 01 00 00 00 01 00 00 00 01 00 00 00 fb 7f 00 00 01 02 00 00 30 75 00 00 32 01 00 02 00 00 00 5e 28 9f 74 28 36 f6 4c be b3 c6 16 bc 76 32 dd 52 c7 d7 40 49 87 92 43 8c 42 bc 3a 17 2c 9a 99 01 00 00 00 03 00 00 00 c0 00 20 2e 5a 46 28 d3 dc 01 06 0a 00 00 00 00 a0 41 c3 55 bd dc 01 00 00 02 00 00 00 03 00 00 00 c0 00 80 18 5b 46 28 d3 dc 01 06 0a 00 00 00 80 c1 75 25 a5 bd
|
|
2026-04-25T19:55:07.359Z nmx.enter NmxAdptr.dll CNmxAdapter.ProcessDataReceived 0x950c738 "[""0x97"",""0x805ff04"",""0x779eae0"",""0x76ffedd8"",""0x950c744"",""0x97"",""0x805ff04"",""0x206"",""0x3"",""0x7b0180c""]" 1 518 0x3
|
|
2026-04-25T19:55:07.359Z nmx.enter NmxAdptr.dll CNmxAdapter.ProcessDataReceived 0x950c738 "[""0x97"",""0x805ff04"",""0x779eae0"",""0x76ffedd8"",""0x950c744"",""0x97"",""0x805ff04"",""0x206"",""0x3"",""0x7b0180c""]" 2 3 0x7b0180c d0 46 a3
|
|
2026-04-25T19:55:07.361Z nmx.leave NmxAdptr.dll CNmxAdapter.ProcessDataReceived 0x0 []
|