
			 ProcDump32 Bhrama Services
			    Protocol version 0.3


1) Communication Structure :


DataServices:
 Service 	dd	? ; 0 || 1 || 2
 DataLenght	dd	Sizeof (BhramaComStruc)
 DataPointer	dd	Offset BhramaComStruc

* Service 0 (query PID infos):

 BhramaComStruc	Struc
  version        dd        ?  ; Internal Check (03h)
  PID 		 dd        ?  ; Target PID
  HandleComm	 dd	   ?  ; Communication Handle (dunno how yet).
		 dd 5 dup (?) ; Garbage or whatever.
 BhramaComStruc	Ends

* Service 1 (dump this PID):

 BhramaComStruc	Struc
  version        dd        ?  ; Internal Check (03h)
  PID 		 dd        ?  ; Target PID
  EIP		 dd	   ?  ; EntryPoint to Set after DUMP
  OptL1		 dd	   ?  ; Internal ProcDump Options Dword1
  OptL2		 dd	   ?  ; Internal ProcDump Options Dword2
  OptL3		 dd        ?  ; Internal ProcDump Options Dword3
  OptL4		 dd        ?  ; Internal ProcDump Options Dword4
  OptL5		 dd        ?  ; Internal ProcDump Options Dword5
 BhramaComStruc	Ends

* Service 2 (Dump part of this PID):

 BhramaComStruc	Struc
  version        dd        ?  ; Internal Check (03h)
  PID 		 dd        ?  ; Target PID
  DumpStart	 dd	   ?  ; Start of Memory to dump
  DumpLength     dd	   ?  ; Length to Dump
		 dd 4 dup (?) ; Garbage or whatever.
 BhramaComStruc	Ends

* Addendum for OPTLx descriptions :

Option Struct
 DelayToWait	DD ?    ; Predump : Delay to wait.                 ] Dword1

 AutoDump       DB ?    ; Predump : External Predump               
 FastMode       DB ?    ; Predump : Manual/Delayed predump         
 RangeCheck     DB ?    ; Trace   : Range Checking                  Dword2
 AutoEip        DB ?    ; Trace   : Eip confirmation               

 AutoLayer      DB ?    ; Trace   : MultiLayer confirmation        
 TraceAPI       DB ?    ; Trace   : Trace API                      
 AutoObj        DB ?    ; Restore : Recompute Object Size           Dword3
 ShrinkPE       DB ?    ; Restore : Reorganize PE Structure        

 RestoreReloc   DB ?    ; Restore : Restore Relocations            
 RestoreHeader  DB ?    ; Restore : Restore Header                 
 ImportInfo     DB ?    ; Restore : 0:skip, 1:use, 2:Rebuild, 3:new Dword4
 RawMode        DB ?    ; Loader  : Force RawMode                  

 MergeCode      DB ?    ; Loader  : Objects Merge to one.          
 CheckHeader    DB ?    ; Loader  : Check header sections.         
 ShowDisasm     DB ?    ;                                           Dword5
 Reserved       DB ?    ;                                          
Option EndS

2) Communications mechanisms :


 a) Query service (Not fully done).

 Target window : ProcDump32 - Dumper Server
 Service       : 0
 PID	       : PID of ur target
 HandleComm    : Handle for communication purpose.

 SendMessage HandletoTargetWindow, WM_COPYDATA, 0, Offset DataServices

 b) Dump Service.

 Target window : ProcDump32 - Dumper Server
 Service       : 1
 PID	       : PID of ur target
 EIP	       : EIP of real entrypoint OR 0 if untouched.
 OptL1         
 ...            Dump options.
 OptL5         

 SendMessage HandletoTargetWindow, WM_COPYDATA, 0, Offset DataServices

 b) Partial Dump service.

 Target window : ProcDump32 - Dumper Server
 Service       : 2
 PID	       : PID of ur target
 DumpStart     : From where to dump (Virtual Address).
 DumpLength    : How much to dump.

 SendMessage HandletoTargetWindow, WM_COPYDATA, 0, Offset DataServices
