From 1a15ff13eab53b017f4317815e2243217cbe85a4 Mon Sep 17 00:00:00 2001 From: mrexodia Date: Tue, 29 Dec 2015 04:28:19 +0100 Subject: [PATCH] finished TitanEngineEmulator.cpp layer, implemented software + hardware breakpoints + register setting + full context getting/setting (so you can now use this with x64dbg without missing many features) --- TitanEngineEmulator/Emulator.h | 404 +++++++++++++++++++- TitanEngineEmulator/TitanEngineEmulator.cpp | 107 ++---- 2 files changed, 422 insertions(+), 89 deletions(-) diff --git a/TitanEngineEmulator/Emulator.h b/TitanEngineEmulator/Emulator.h index 56282da..8ad448b 100644 --- a/TitanEngineEmulator/Emulator.h +++ b/TitanEngineEmulator/Emulator.h @@ -14,24 +14,55 @@ public: return &_mainProcess; } + PROCESS_INFORMATION* InitDLLDebugW(const wchar_t* szFileName, bool ReserveModuleBase, const wchar_t* szCommandLine, const wchar_t* szCurrentFolder, LPVOID EntryCallBack) + { + //TODO + return nullptr; + } + + bool StopDebug() + { + return Stop(); + } + + bool AttachDebugger(DWORD ProcessId, bool KillOnExit, LPVOID DebugInfo, LPVOID CallBack) + { + //TODO + return false; + } + + bool DetachDebuggerEx(DWORD ProcessId) + { + //TODO + return Detach(); + } + + void DebugLoop() + { + Start(); + } + void SetNextDbgContinueStatus(DWORD SetDbgCode) { this->_continueStatus = SetDbgCode; } //Memory - bool MemoryReadSafe(HANDLE hProcess, LPVOID lpBaseAddress, LPVOID lpBuffer, SIZE_T nSize, SIZE_T* lpNumberOfBytesRead) + bool MemoryReadSafe(HANDLE hProcess, LPVOID lpBaseAddress, LPVOID lpBuffer, SIZE_T nSize, SIZE_T* lpNumberOfBytesRead) const { - if (!_process) + auto process = processFromHandle(hProcess); + if (!process) return false; - return _process->MemReadSafe(ptr(lpBaseAddress), lpBuffer, nSize, (ptr*)lpNumberOfBytesRead); + return process->MemReadSafe(ptr(lpBaseAddress), lpBuffer, nSize, (ptr*)lpNumberOfBytesRead); } bool MemoryWriteSafe(HANDLE hProcess, LPVOID lpBaseAddress, LPCVOID lpBuffer, SIZE_T nSize, SIZE_T* lpNumberOfBytesWritten) { - if (!_process) + auto process = processFromHandle(hProcess); + if (!process) return false; - return _process->MemWriteSafe(ptr(lpBaseAddress), lpBuffer, nSize, (ptr*)lpNumberOfBytesWritten); + //TODO process->MemWriteSafe + return process->MemWrite(ptr(lpBaseAddress), lpBuffer, nSize, (ptr*)lpNumberOfBytesWritten); } bool Fill(LPVOID MemoryStart, DWORD MemorySize, PBYTE FillByte) @@ -47,6 +78,13 @@ public: } //Engine + bool EngineCheckStructAlignment(DWORD StructureType, ULONG_PTR StructureSize) const + { + if (StructureType == UE_STRUCT_TITAN_ENGINE_CONTEXT) + return StructureSize == sizeof(TITAN_ENGINE_CONTEXT_t); + return false; + } + bool IsFileBeingDebugged() const { return _isDebugging; @@ -62,34 +100,34 @@ public: switch (ExceptionId) { case UE_CH_CREATEPROCESS: - _cbCREATEPROCESS = (CUSTOMHANDLER)CallBack; + _cbCREATEPROCESS = CUSTOMHANDLER(CallBack); break; case UE_CH_EXITPROCESS: - _cbEXITPROCESS = (CUSTOMHANDLER)CallBack; + _cbEXITPROCESS = CUSTOMHANDLER(CallBack); break; case UE_CH_CREATETHREAD: - _cbCREATETHREAD = (CUSTOMHANDLER)CallBack; + _cbCREATETHREAD = CUSTOMHANDLER(CallBack); break; case UE_CH_EXITTHREAD: - _cbEXITTHREAD = (CUSTOMHANDLER)CallBack; + _cbEXITTHREAD = CUSTOMHANDLER(CallBack); break; case UE_CH_SYSTEMBREAKPOINT: - _cbSYSTEMBREAKPOINT = (CUSTOMHANDLER)CallBack; + _cbSYSTEMBREAKPOINT = CUSTOMHANDLER(CallBack); break; case UE_CH_LOADDLL: - _cbLOADDLL = (CUSTOMHANDLER)CallBack; + _cbLOADDLL = CUSTOMHANDLER(CallBack); break; case UE_CH_UNLOADDLL: - _cbUNLOADDLL = (CUSTOMHANDLER)CallBack; + _cbUNLOADDLL = CUSTOMHANDLER(CallBack); break; case UE_CH_OUTPUTDEBUGSTRING: - _cbOUTPUTDEBUGSTRING = (CUSTOMHANDLER)CallBack; + _cbOUTPUTDEBUGSTRING = CUSTOMHANDLER(CallBack); break; case UE_CH_UNHANDLEDEXCEPTION: - _cbUNHANDLEDEXCEPTION = (CUSTOMHANDLER)CallBack; + _cbUNHANDLEDEXCEPTION = CUSTOMHANDLER(CallBack); break; case UE_CH_DEBUGEVENT: - _cbDEBUGEVENT = (CUSTOMHANDLER)CallBack; + _cbDEBUGEVENT = CUSTOMHANDLER(CallBack); break; default: break; @@ -103,13 +141,38 @@ public: } //Misc + bool IsJumpGoingToExecuteEx(HANDLE hProcess, HANDLE hThread, ULONG_PTR InstructionAddress, ULONG_PTR RegFlags) + { + //TODO + return false; + } + + void* GetPEBLocation(HANDLE hProcess) + { + //TODO + return nullptr; + } + + bool HideDebugger(HANDLE hProcess, DWORD PatchAPILevel) + { + //TODO + return false; + } + HANDLE TitanOpenProces(DWORD dwDesiredAccess, bool bInheritHandle, DWORD dwProcessId) { + //TODO return OpenProcess(dwDesiredAccess, bInheritHandle, dwProcessId); } + ULONG_PTR ImporterGetRemoteAPIAddress(HANDLE hProcess, ULONG_PTR APIAddress) + { + //TODO + return 0; + } + //Stepping - void StepOver(LPVOID CallBack) const + void StepOver(LPVOID CallBack) { //TODO StepInto(CallBack); @@ -124,14 +187,14 @@ public: if (!StepCount) { if (CallBack) - ((STEPCALLBACK)CallBack)(); + (STEPCALLBACK(CallBack))(); } else SingleStep(StepCount - 1, CallBack); }); } - void StepInto(LPVOID CallBack) const + void StepInto(LPVOID CallBack) { if (!_thread || !CallBack) return; @@ -141,9 +204,262 @@ public: //Registers ULONG_PTR GetContextDataEx(HANDLE hActiveThread, DWORD IndexOfRegister) const { - if (!_thread) + auto thread = threadFromHandle(hActiveThread); + if (!thread) return 0; - return _thread->registers.Get(registerFromDword(IndexOfRegister)); + return thread->registers.Get(registerFromDword(IndexOfRegister)); + } + + bool SetContextDataEx(HANDLE hActiveThread, DWORD IndexOfRegister, ULONG_PTR NewRegisterValue) + { + auto thread = threadFromHandle(hActiveThread); + if (!thread) + return false; + thread->registers.Set(registerFromDword(IndexOfRegister), NewRegisterValue); + return true; + } + + bool GetFullContextDataEx(HANDLE hActiveThread, TITAN_ENGINE_CONTEXT_t* titcontext) const + { + auto thread = threadFromHandle(hActiveThread); + if (!thread || !titcontext) + return false; + memset(titcontext, 0, sizeof(TITAN_ENGINE_CONTEXT_t)); + auto context = thread->registers.GetContext(); + titcontext->cax = thread->registers.Gax(); + titcontext->ccx = thread->registers.Gcx(); + titcontext->cdx = thread->registers.Gdx(); + titcontext->cbx = thread->registers.Gbx(); + titcontext->csp = thread->registers.Gsp(); + titcontext->cbp = thread->registers.Gbp(); + titcontext->csi = thread->registers.Gsi(); + titcontext->cdi = thread->registers.Gdi(); +#ifdef _WIN64 + titcontext->r8 = thread->registers.R8(); + titcontext->r9 = thread->registers.R9(); + titcontext->r10 = thread->registers.R10(); + titcontext->r11 = thread->registers.R11(); + titcontext->r12 = thread->registers.R12(); + titcontext->r13 = thread->registers.R13(); + titcontext->r14 = thread->registers.R14(); + titcontext->r15 = thread->registers.R15(); +#endif //_WIN64 + titcontext->cip = thread->registers.Gip(); + titcontext->eflags = thread->registers.Eflags(); + titcontext->gs = (unsigned short)context->SegGs; + titcontext->fs = (unsigned short)context->SegFs; + titcontext->es = (unsigned short)context->SegEs; + titcontext->ds = (unsigned short)context->SegDs; + titcontext->cs = (unsigned short)context->SegCs; + titcontext->ss = (unsigned short)context->SegSs; + titcontext->dr0 = thread->registers.Dr0(); + titcontext->dr1 = thread->registers.Dr1(); + titcontext->dr2 = thread->registers.Dr2(); + titcontext->dr3 = thread->registers.Dr3(); + titcontext->dr6 = thread->registers.Dr6(); + titcontext->dr7 = thread->registers.Dr7(); + return true; + } + + bool SetFullContextDataEx(HANDLE hActiveThread, TITAN_ENGINE_CONTEXT_t* titcontext) + { + auto thread = threadFromHandle(hActiveThread); + if (!thread || !titcontext) + return false; + thread->registers.Gax = titcontext->cax; + thread->registers.Gcx = titcontext->ccx; + thread->registers.Gdx = titcontext->cdx; + thread->registers.Gbx = titcontext->cbx; + thread->registers.Gsp = titcontext->csp; + thread->registers.Gbp = titcontext->cbp; + thread->registers.Gsi = titcontext->csi; + thread->registers.Gdi = titcontext->cdi; +#ifdef _WIN64 + thread->registers.R8 = titcontext->r8; + thread->registers.R9 = titcontext->r9; + thread->registers.R10 = titcontext->r10; + thread->registers.R11 = titcontext->r11; + thread->registers.R12 = titcontext->r12; + thread->registers.R13 = titcontext->r13; + thread->registers.R14 = titcontext->r14; + thread->registers.R15 = titcontext->r15; +#endif //_WIN64 + thread->registers.Gip = titcontext->cip; + thread->registers.Eflags = titcontext->eflags; + thread->registers.Dr0 = titcontext->dr0; + thread->registers.Dr1 = titcontext->dr1; + thread->registers.Dr2 = titcontext->dr2; + thread->registers.Dr3 = titcontext->dr3; + thread->registers.Dr6 = titcontext->dr6; + thread->registers.Dr7 = titcontext->dr7; + auto context = *(thread->registers.GetContext()); + context.SegGs = titcontext->gs; + context.SegFs = titcontext->fs; + context.SegEs = titcontext->es; + context.SegDs = titcontext->ds; + context.SegCs = titcontext->cs; + context.SegSs = titcontext->ss; + thread->registers.SetContext(context); + return true; + } + + void GetMMXRegisters(uint64_t mmx[8], TITAN_ENGINE_CONTEXT_t* titcontext) + { + //TODO + memset(mmx, 0, sizeof(uint64_t) * 8); + } + + void Getx87FPURegisters(x87FPURegister_t x87FPURegisters[8], TITAN_ENGINE_CONTEXT_t* titcontext) + { + //TODO + memset(x87FPURegisters, 0, sizeof(x87FPURegister_t) * 8); + } + + //PE + bool StaticFileLoadW(const wchar_t* szFileName, DWORD DesiredAccess, bool SimulateLoad, LPHANDLE FileHandle, LPDWORD LoadedSize, LPHANDLE FileMap, PULONG_PTR FileMapVA) + { + //TODO + return false; + } + + bool StaticFileUnloadW(const wchar_t* szFileName, bool CommitChanges, HANDLE FileHandle, DWORD LoadedSize, HANDLE FileMap, ULONG_PTR FileMapVA) + { + //TODO + return false; + } + + ULONG_PTR ConvertFileOffsetToVA(ULONG_PTR FileMapVA, ULONG_PTR AddressToConvert, bool ReturnType) + { + //TODO + return 0; + } + + ULONG_PTR ConvertVAtoFileOffsetEx(ULONG_PTR FileMapVA, DWORD FileSize, ULONG_PTR ImageBase, ULONG_PTR AddressToConvert, bool AddressIsRVA, bool ReturnType) + { + //TODO + return 0; + } + + ULONG_PTR GetPE32DataFromMappedFile(ULONG_PTR FileMapVA, DWORD WhichSection, DWORD WhichData) + { + //TODO + return 0; + } + + ULONG_PTR GetPE32DataW(const wchar_t* szFileName, DWORD WhichSection, DWORD WhichData) + { + //TODO + return 0; + } + + bool IsFileDLLW(const wchar_t* szFileName, ULONG_PTR FileMapVA) + { + //TODO + return false; + } + + long GetPE32SectionNumberFromVA(ULONG_PTR FileMapVA, ULONG_PTR AddressToConvert) + { + //TODO + return 0; + } + + bool TLSGrabCallBackDataW(const wchar_t* szFileName, LPVOID ArrayOfCallBacks, LPDWORD NumberOfCallBacks) + { + //TODO + return false; + } + + //Software Breakpoints + bool SetBPX(ULONG_PTR bpxAddress, DWORD bpxType, LPVOID bpxCallBack) + { + if (!_process) + return false; + return _process->SetBreakpoint(bpxAddress, [bpxCallBack](const BreakpointInfo &) + { + (BPCALLBACK(bpxCallBack))(); + }, (bpxType & UE_SINGLESHOOT) == UE_SINGLESHOOT); + } + + bool DeleteBPX(ULONG_PTR bpxAddress) + { + if (!_process) + return false; + return _process->DeleteBreakpoint(bpxAddress); + } + + bool IsBPXEnabled(ULONG_PTR bpxAddress) + { + return (_process->MemIsValidPtr(bpxAddress) && + _process->breakpoints.find({ BreakpointType::Software, bpxAddress }) != _process->breakpoints.end()); + } + + void SetBPXOptions(long DefaultBreakPointType) + { + } + + //Memory Breakpoints + bool SetMemoryBPXEx(ULONG_PTR MemoryStart, SIZE_T SizeOfMemory, DWORD BreakPointType, bool RestoreOnHit, LPVOID bpxCallBack) + { + //TODO + return false; + } + + bool RemoveMemoryBPX(ULONG_PTR MemoryStart, SIZE_T SizeOfMemory) + { + //TODO + return false; + } + + //Hardware Breakpoints + bool SetHardwareBreakPoint(ULONG_PTR bpxAddress, DWORD IndexOfRegister, DWORD bpxType, DWORD bpxSize, LPVOID bpxCallBack) + { + if (!_process) + return false; + return _process->SetHardwareBreakpoint(bpxAddress, + (HardwareBreakpointSlot)IndexOfRegister, [bpxCallBack](const BreakpointInfo & info) + { + (HWBPCALLBACK(bpxCallBack))((const void*)info.address); + }, hwtypeFromTitan(bpxType), hwsizeFromTitan(bpxSize)); + } + + bool DeleteHardwareBreakPoint(DWORD IndexOfRegister) + { + if (!_process || IndexOfRegister < 0 || IndexOfRegister > 3) + return false; + auto address = _process->hardwareBreakpoints[IndexOfRegister].address; + return _process->DeleteHardwareBreakpoint(address); + } + + bool GetUnusedHardwareBreakPointRegister(LPDWORD RegisterIndex) + { + if (!_process || !RegisterIndex) + return false; + HardwareBreakpointSlot slot; + bool result = _process->GetFreeHardwareBreakpointSlot(slot); + if (result) + *RegisterIndex = (DWORD)slot; + return result; + } + + //Librarian Breakpoints + bool LibrarianSetBreakPoint(const char* szLibraryName, DWORD bpxType, bool SingleShoot, LPVOID bpxCallBack) + { + //TODO + return false; + } + + bool LibrarianRemoveBreakPoint(const char* szLibraryName, DWORD bpxType) + { + //TODO + return false; + } + + //Generic Breakpoints + bool RemoveAllBreakPoints(DWORD RemoveOption) + { + //TODO + return false; } protected: @@ -255,10 +571,58 @@ private: //functions } } + inline ThreadInfo* threadFromHandle(HANDLE hThread) const + { + //TODO: properly implement this + return _thread; + } + + inline ProcessInfo* processFromHandle(HANDLE hProcess) const + { + //TODO: properly implement this + return _process; + } + + static inline HardwareBreakpointType hwtypeFromTitan(DWORD type) + { + switch (type) + { + case UE_HARDWARE_EXECUTE: + return HardwareBreakpointType::Execute; + case UE_HARDWARE_WRITE: + return HardwareBreakpointType::Write; + case UE_HARDWARE_READWRITE: + return HardwareBreakpointType::Access; + default: + return HardwareBreakpointType::Access; + } + } + + static inline HardwareBreakpointSize hwsizeFromTitan(DWORD size) + { + switch (size) + { + case UE_HARDWARE_SIZE_1: + return HardwareBreakpointSize::SizeByte; + case UE_HARDWARE_SIZE_2: + return HardwareBreakpointSize::SizeWord; + case UE_HARDWARE_SIZE_4: + return HardwareBreakpointSize::SizeDword; +#ifdef _WIN64 + case UE_HARDWARE_SIZE_8: + return HardwareBreakpointSize::SizeQword; +#endif //_WIN64 + default: + return HardwareBreakpointSize::SizeByte; + } + } + private: //variables bool _setDebugPrivilege = false; typedef void(*CUSTOMHANDLER)(const void*); typedef void(*STEPCALLBACK)(); + typedef STEPCALLBACK BPCALLBACK; + typedef CUSTOMHANDLER HWBPCALLBACK; CUSTOMHANDLER _cbCREATEPROCESS = nullptr; CUSTOMHANDLER _cbEXITPROCESS = nullptr; CUSTOMHANDLER _cbCREATETHREAD = nullptr; diff --git a/TitanEngineEmulator/TitanEngineEmulator.cpp b/TitanEngineEmulator/TitanEngineEmulator.cpp index e95917b..80033e8 100644 --- a/TitanEngineEmulator/TitanEngineEmulator.cpp +++ b/TitanEngineEmulator/TitanEngineEmulator.cpp @@ -11,29 +11,27 @@ __declspec(dllexport) void* TITCALL InitDebugW(const wchar_t* szFileName, const __declspec(dllexport) void* TITCALL InitDLLDebugW(const wchar_t* szFileName, bool ReserveModuleBase, const wchar_t* szCommandLine, const wchar_t* szCurrentFolder, LPVOID EntryCallBack) { - //TODO - return nullptr; + return emu.InitDLLDebugW(szFileName, ReserveModuleBase, szCommandLine, szCurrentFolder, EntryCallBack); } __declspec(dllexport) bool TITCALL StopDebug() { - return emu.Stop(); + return emu.StopDebug(); } __declspec(dllexport) bool TITCALL AttachDebugger(DWORD ProcessId, bool KillOnExit, LPVOID DebugInfo, LPVOID CallBack) { - //TODO - return false; + return emu.AttachDebugger(ProcessId, KillOnExit, DebugInfo, CallBack); } __declspec(dllexport) bool TITCALL DetachDebuggerEx(DWORD ProcessId) { - return emu.Detach(); + return emu.DetachDebuggerEx(ProcessId); } __declspec(dllexport) void TITCALL DebugLoop() { - emu.Start(); + emu.DebugLoop(); } __declspec(dllexport) void TITCALL SetNextDbgContinueStatus(DWORD SetDbgCode) @@ -60,7 +58,7 @@ __declspec(dllexport) bool TITCALL Fill(LPVOID MemoryStart, DWORD MemorySize, PB //Engine __declspec(dllexport) bool TITCALL EngineCheckStructAlignment(DWORD StructureType, ULONG_PTR StructureSize) { - return true; + return emu.EngineCheckStructAlignment(StructureType, StructureSize); } __declspec(dllexport) bool TITCALL IsFileBeingDebugged() @@ -86,32 +84,27 @@ __declspec(dllexport) void TITCALL SetEngineVariable(DWORD VariableId, bool Vari //Misc __declspec(dllexport) bool TITCALL IsJumpGoingToExecuteEx(HANDLE hProcess, HANDLE hThread, ULONG_PTR InstructionAddress, ULONG_PTR RegFlags) { - //TODO - return false; + return emu.IsJumpGoingToExecuteEx(hProcess, hThread, InstructionAddress, RegFlags); } __declspec(dllexport) void* TITCALL GetPEBLocation(HANDLE hProcess) { - //TODO - return nullptr; + return emu.GetPEBLocation(hProcess); } __declspec(dllexport) bool TITCALL HideDebugger(HANDLE hProcess, DWORD PatchAPILevel) { - //TODO - return false; + return emu.HideDebugger(hProcess, PatchAPILevel); } __declspec(dllexport) HANDLE TITCALL TitanOpenProcess(DWORD dwDesiredAccess, bool bInheritHandle, DWORD dwProcessId) { - //TODO - return 0; + return emu.TitanOpenProces(dwDesiredAccess, bInheritHandle, dwProcessId); } __declspec(dllexport) ULONG_PTR TITCALL ImporterGetRemoteAPIAddress(HANDLE hProcess, ULONG_PTR APIAddress) { - //TODO - return 0; + return emu.ImporterGetRemoteAPIAddress(hProcess, APIAddress); } //Registers @@ -122,162 +115,138 @@ __declspec(dllexport) ULONG_PTR TITCALL GetContextDataEx(HANDLE hActiveThread, D __declspec(dllexport) bool TITCALL SetContextDataEx(HANDLE hActiveThread, DWORD IndexOfRegister, ULONG_PTR NewRegisterValue) { - //TODO - return false; + return emu.SetContextDataEx(hActiveThread, IndexOfRegister, NewRegisterValue); } __declspec(dllexport) bool TITCALL GetFullContextDataEx(HANDLE hActiveThread, TITAN_ENGINE_CONTEXT_t* titcontext) { - memset(titcontext, 0, sizeof(TITAN_ENGINE_CONTEXT_t)); - //TODO - return false; + return emu.GetFullContextDataEx(hActiveThread, titcontext); } __declspec(dllexport) bool TITCALL SetFullContextDataEx(HANDLE hActiveThread, TITAN_ENGINE_CONTEXT_t* titcontext) { - //TODO - return false; + return emu.SetFullContextDataEx(hActiveThread, titcontext); } __declspec(dllexport) void TITCALL GetMMXRegisters(uint64_t mmx[8], TITAN_ENGINE_CONTEXT_t* titcontext) { - //TODO + emu.GetMMXRegisters(mmx, titcontext); } __declspec(dllexport) void TITCALL Getx87FPURegisters(x87FPURegister_t x87FPURegisters[8], TITAN_ENGINE_CONTEXT_t* titcontext) { - //TODO + emu.Getx87FPURegisters(x87FPURegisters, titcontext); } //PE __declspec(dllexport) bool TITCALL StaticFileLoadW(const wchar_t* szFileName, DWORD DesiredAccess, bool SimulateLoad, LPHANDLE FileHandle, LPDWORD LoadedSize, LPHANDLE FileMap, PULONG_PTR FileMapVA) { - //TODO - return false; + return emu.StaticFileLoadW(szFileName, DesiredAccess, SimulateLoad, FileHandle, LoadedSize, FileMap, FileMapVA); } __declspec(dllexport) bool TITCALL StaticFileUnloadW(const wchar_t* szFileName, bool CommitChanges, HANDLE FileHandle, DWORD LoadedSize, HANDLE FileMap, ULONG_PTR FileMapVA) { - //TODO - return false; + return emu.StaticFileUnloadW(szFileName, CommitChanges, FileHandle, LoadedSize, FileMap, FileMapVA); } __declspec(dllexport) ULONG_PTR TITCALL ConvertFileOffsetToVA(ULONG_PTR FileMapVA, ULONG_PTR AddressToConvert, bool ReturnType) { - //TODO - return 0; + return emu.ConvertFileOffsetToVA(FileMapVA, AddressToConvert, ReturnType); } __declspec(dllexport) ULONG_PTR TITCALL ConvertVAtoFileOffsetEx(ULONG_PTR FileMapVA, DWORD FileSize, ULONG_PTR ImageBase, ULONG_PTR AddressToConvert, bool AddressIsRVA, bool ReturnType) { - //TODO - return 0; + return emu.ConvertVAtoFileOffsetEx(FileMapVA, FileSize, ImageBase, AddressToConvert, AddressIsRVA, ReturnType); } __declspec(dllexport) ULONG_PTR TITCALL GetPE32DataFromMappedFile(ULONG_PTR FileMapVA, DWORD WhichSection, DWORD WhichData) { - //TODO - return 0; + return emu.GetPE32DataFromMappedFile(FileMapVA, WhichSection, WhichData); } __declspec(dllexport) ULONG_PTR TITCALL GetPE32DataW(const wchar_t* szFileName, DWORD WhichSection, DWORD WhichData) { - //TODO - return 0; + return emu.GetPE32DataW(szFileName, WhichSection, WhichData); } __declspec(dllexport) bool TITCALL IsFileDLLW(const wchar_t* szFileName, ULONG_PTR FileMapVA) { - //TODO - return false; + return emu.IsFileDLLW(szFileName, FileMapVA); } __declspec(dllexport) long TITCALL GetPE32SectionNumberFromVA(ULONG_PTR FileMapVA, ULONG_PTR AddressToConvert) { - //TODO - return 0; + return emu.GetPE32SectionNumberFromVA(FileMapVA, AddressToConvert); } __declspec(dllexport) bool TITCALL TLSGrabCallBackDataW(const wchar_t* szFileName, LPVOID ArrayOfCallBacks, LPDWORD NumberOfCallBacks) { - //TODO - return false; + return emu.TLSGrabCallBackDataW(szFileName, ArrayOfCallBacks, NumberOfCallBacks); } //Software Breakpoints __declspec(dllexport) bool TITCALL SetBPX(ULONG_PTR bpxAddress, DWORD bpxType, LPVOID bpxCallBack) { - //TODO - return false; + return emu.SetBPX(bpxAddress, bpxType, bpxCallBack); } __declspec(dllexport) bool TITCALL DeleteBPX(ULONG_PTR bpxAddress) { - //TODO - return false; + return emu.DeleteBPX(bpxAddress); } __declspec(dllexport) bool TITCALL IsBPXEnabled(ULONG_PTR bpxAddress) { - //TODO - return false; + return emu.IsBPXEnabled(bpxAddress); } __declspec(dllexport) void TITCALL SetBPXOptions(long DefaultBreakPointType) { - //TODO + emu.SetBPXOptions(DefaultBreakPointType); } //Memory Breakpoints __declspec(dllexport) bool TITCALL SetMemoryBPXEx(ULONG_PTR MemoryStart, SIZE_T SizeOfMemory, DWORD BreakPointType, bool RestoreOnHit, LPVOID bpxCallBack) { - //TODO - return false; + return emu.SetMemoryBPXEx(MemoryStart, SizeOfMemory, BreakPointType, RestoreOnHit, bpxCallBack); } __declspec(dllexport) bool TITCALL RemoveMemoryBPX(ULONG_PTR MemoryStart, SIZE_T SizeOfMemory) { - //TODO - return false; + return emu.RemoveMemoryBPX(MemoryStart, SizeOfMemory); } -//Hardwre Breakpoints +//Hardware Breakpoints __declspec(dllexport) bool TITCALL SetHardwareBreakPoint(ULONG_PTR bpxAddress, DWORD IndexOfRegister, DWORD bpxType, DWORD bpxSize, LPVOID bpxCallBack) { - //TODO - return false; + return emu.SetHardwareBreakPoint(bpxAddress, IndexOfRegister, bpxType, bpxSize, bpxCallBack); } __declspec(dllexport) bool TITCALL DeleteHardwareBreakPoint(DWORD IndexOfRegister) { - //TODO - return false; + return emu.DeleteHardwareBreakPoint(IndexOfRegister); } __declspec(dllexport) bool TITCALL GetUnusedHardwareBreakPointRegister(LPDWORD RegisterIndex) { - //TODO - return false; + return emu.GetUnusedHardwareBreakPointRegister(RegisterIndex); } //Librarian Breakpoints __declspec(dllexport) bool TITCALL LibrarianSetBreakPoint(const char* szLibraryName, DWORD bpxType, bool SingleShoot, LPVOID bpxCallBack) { - //TODO - return false; + return emu.LibrarianSetBreakPoint(szLibraryName, bpxType, SingleShoot, bpxCallBack); } __declspec(dllexport) bool TITCALL LibrarianRemoveBreakPoint(const char* szLibraryName, DWORD bpxType) { - //TODO - return false; + return emu.LibrarianRemoveBreakPoint(szLibraryName, bpxType); } //Generic Breakpoints __declspec(dllexport) bool TITCALL RemoveAllBreakPoints(DWORD RemoveOption) { - //TODO - return false; + return emu.RemoveAllBreakPoints(RemoveOption); } //Stepping