Skip to content
/ RpcView Public

RpcView is a free tool to explore and decompile Microsoft RPC interfaces

License

GPL-3.0 license
967 stars 255 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

silverf0x/RpcView

1 Branch3 Tags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

silverf0xsilverf0x
add runtime support by OS version
May 31, 2023
14d5e1a · May 31, 2023

History

156 Commits
.github/workflows
.github/workflows
Jan 2, 2023
Qt
Qt
Nov 7, 2017
RpcCommon
RpcCommon
Jan 20, 2019
RpcCore
RpcCore
Oct 26, 2021
RpcDecompiler
RpcDecompiler
Mar 6, 2021
RpcView
RpcView
May 31, 2023
.gitignore
.gitignore
Mar 14, 2017
CMakeLists.txt
CMakeLists.txt
Dec 11, 2017
LICENSE
LICENSE
Mar 14, 2017
README.md
README.md
Mar 6, 2021
appveyor.yml
appveyor.yml
Oct 24, 2022

Repository files navigation

RpcView

RpcView is an open-source tool to explore and decompile all RPC functionalities present on a Microsoft system.

You can download the last automatically built release

Build status

Warning: you have to install "Microsoft Visual C++ 2019 Redistributable" to use RpcView.

How to add a new RPC runtime

Basically you have two possibilities to support a new RPC runtime (rpcrt4.dll) version:

  • The easy way: just edit the RpcInternals.h file in the corresponding RpcCore directories (32 and 64-bit versions) to add your runtime version in the RPC_CORE_RUNTIME_VERSION table.
  • The best way: reverse the rpcrt4.dll to define the required structures used by RpcView, e.g. RPC_SERVER, RPC_INTERFACE and RPC_ADDRESS.

Currently, the supported versions are organized as follows:

  • RpcCore1 for Windows XP
  • RpcCore2 for Windows 7
  • RpcCore3 for Windows 8
  • RpcCore4 for Windows 8.1 and 10

Compilation

Required elements to compiled the project:

  • Visual Studio (currently Visual Studio 2019 Community)
  • CMake (currently 3.13.2)
  • Qt5 (currently 5.15.2)

Before running CMake you have to set the CMAKE_PREFIX_PATH environment variable with the Qt full path, for instance (x64):

set CMAKE_PREFIX_PATH=C:\Qt\5.15.2\msvc2019_64\

Before running CMake to produce the project solution you have to create the build directories:

  • RpcView/Build/x64 for 64-bit targets
  • RpcView/Build/x86 for 32-bit targets.

Here is an example to generate the x64 solution with Visual Studio 2019 from the RpcView/Build/x64 directory:

cmake ../../ -A x64
-- Building for: Visual Studio 16 2019
-- Selecting Windows SDK version 10.0.17763.0 to target Windows 10.0.19041.
-- The C compiler identification is MSVC 19.28.29334.0
-- The CXX compiler identification is MSVC 19.28.29334.0
-- Check for working C compiler: C:/Program Files (x86)/Microsoft Visual Studio/2019/Community/VC/Tools/MSVC/14.28.29333/bin/Hostx64/x64/cl.exe
-- Check for working C compiler: C:/Program Files (x86)/Microsoft Visual Studio/2019/Community/VC/Tools/MSVC/14.28.29333/bin/Hostx64/x64/cl.exe -- works
-- Detecting C compiler ABI info
-- Detecting C compiler ABI info - done
-- Detecting C compile features
-- Detecting C compile features - done
-- Check for working CXX compiler: C:/Program Files (x86)/Microsoft Visual Studio/2019/Community/VC/Tools/MSVC/14.28.29333/bin/Hostx64/x64/cl.exe
-- Check for working CXX compiler: C:/Program Files (x86)/Microsoft Visual Studio/2019/Community/VC/Tools/MSVC/14.28.29333/bin/Hostx64/x64/cl.exe -- works
-- Detecting CXX compiler ABI info
-- Detecting CXX compiler ABI info - done
-- Detecting CXX compile features
-- Detecting CXX compile features - done
[RpcView]
[RpcDecompiler]
[RpcCore1_32bits]
[RpcCore2_32bits]
[RpcCore2_64bits]
[RpcCore3_32bits]
[RpcCore3_64bits]
[RpcCore4_32bits]
[RpcCore4_64bits]
-- Configuring done
-- Generating done
-- Build files have been written to: C:/Dev/RpcView/Build/x64

To produce the Win32 solution:

set CMAKE_PREFIX_PATH=C:\Qt\5.15.2\msvc2019

Then from the RpcView/Build/x86 directory:

cmake ../../ -A win32
-- Building for: Visual Studio 16 2019
-- Selecting Windows SDK version 10.0.17763.0 to target Windows 10.0.19041.
-- The C compiler identification is MSVC 19.28.29334.0
-- The CXX compiler identification is MSVC 19.28.29334.0
-- Check for working C compiler: C:/Program Files (x86)/Microsoft Visual Studio/2019/Community/VC/Tools/MSVC/14.28.29333/bin/Hostx64/x86/cl.exe
-- Check for working C compiler: C:/Program Files (x86)/Microsoft Visual Studio/2019/Community/VC/Tools/MSVC/14.28.29333/bin/Hostx64/x86/cl.exe -- works
-- Detecting C compiler ABI info
-- Detecting C compiler ABI info - done
-- Detecting C compile features
-- Detecting C compile features - done
-- Check for working CXX compiler: C:/Program Files (x86)/Microsoft Visual Studio/2019/Community/VC/Tools/MSVC/14.28.29333/bin/Hostx64/x86/cl.exe
-- Check for working CXX compiler: C:/Program Files (x86)/Microsoft Visual Studio/2019/Community/VC/Tools/MSVC/14.28.29333/bin/Hostx64/x86/cl.exe -- works
-- Detecting CXX compiler ABI info
-- Detecting CXX compiler ABI info - done
-- Detecting CXX compile features
-- Detecting CXX compile features - done
[RpcView]
[RpcDecompiler]
[RpcCore1_32bits]
[RpcCore2_32bits]
[RpcCore3_32bits]
[RpcCore4_32bits]
-- Configuring done
-- Generating done
-- Build files have been written to: C:/Dev/RpcView/Build/x86

Now you can compile the solution with Visual Studio or CMAKE:

cmake --build . --config Release

RpcView32 binaries are produced in the RpcView/Build/bin/x86 directory and RpcView64 ones in the RpcView/Build/bin/x64

Acknowledgements

  • Jeremy
  • Julien
  • Yoanne
  • Bruno

About

RpcView is a free tool to explore and decompile Microsoft RPC interfaces

Resources

Readme

License

GPL-3.0 license
Activity

Stars

967 stars

Watchers

51 watching

Forks

255 forks
Report repository

Releases 2

v0.3.1.90 Latest
May 31, 2023
+ 1 release

Packages

No packages published

Contributors 17

+ 3 contributors

Languages