KDRPC protocol version A

Each KDRPC request is executed via GuestRPC mechanism. A handler is invoked inside KDCLIENT.DLL running in VMWARE-VMX.EXE address space.
Request format: [header][command][body]
Reply format: [signature][specific info]

Commands

The following commands are supported by KDRPC:

Connection test

Body: char array of KDRPC_TEST_BUFFER_SIZE, arr[i] = i & 0xFF;
Reply: exact array filled by rule arr[i] = (i ^ 0x55) & 0xFF;

Receive Packet

Body: [packet type:ULONG][globals:4][1st data:SendableKdBuffer][2nd data:SendableKdBuffer][context:KD_CONTEXT]
Reply: ['r'][1st data:SendableKdBuffer][2nd data:SendableKdBuffer][context:KD_CONTEXT][code:4][PayloadBytes:4][size1:4][size2:4][globals:4][data]

Send Packet

Body: [1st data:SendableKdBuffer][2nd data:SendableKdBuffer][context:KD_CONTEXT][packet type:4][size1:4][size2:4][globals:4][data]
Reply: ['s'][context:KD_CONTEXT]

Report version

Body: [KDVM.DLL protocol version:4]
Reply: [KDCLIENT.DLL protocol version:4]