x64dbg
/
GleeBug
mirror of https://github.com/x64dbg/GleeBug
1
0
Fork 0
Code Releases Activity

massive cleanup + fixed various code problems

This commit is contained in:
Mr. eXoDia 2015-07-15 02:48:11 +02:00
parent 3ce2a318ca
commit 2481e33abd
22 changed files with 928 additions and 914 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@ -3,3 +3,4 @@ Release/
*.suo *.suo
*.sdf *.sdf
*.opensdf *.opensdf
*.orig

6
GleeBug/Debugger.Dll.cpp
View File

@ -6,10 +6,10 @@ namespace GleeBug
{ {
} }
DllInfo::DllInfo(LPVOID lpBaseOfDll, DWORD sizeOfImage, LPVOID entryPoint) DllInfo::DllInfo(LPVOID lpBaseOfDll, ULONG_PTR sizeOfImage, LPVOID entryPoint)
{ {
this->lpBaseOfDll = (ULONG_PTR)lpBaseOfDll; this->lpBaseOfDll = reinterpret_cast<ULONG_PTR>(lpBaseOfDll);
this->sizeOfImage = sizeOfImage; this->sizeOfImage = sizeOfImage;
this->entryPoint = (ULONG_PTR)entryPoint; this->entryPoint = reinterpret_cast<ULONG_PTR>(entryPoint);
} }
}; };

4
GleeBug/Debugger.Dll.h
View File

@ -12,7 +12,7 @@ namespace GleeBug
{ {
public: public:
ULONG_PTR lpBaseOfDll; ULONG_PTR lpBaseOfDll;
DWORD sizeOfImage; ULONG_PTR sizeOfImage;
ULONG_PTR entryPoint; ULONG_PTR entryPoint;
/** /**
@ -26,7 +26,7 @@ namespace GleeBug
\param sizeOfImage Size of the image. \param sizeOfImage Size of the image.
\param entryPoint The entry point. \param entryPoint The entry point.
*/ */
DllInfo(LPVOID lpBaseOfDll, DWORD sizeOfImage, LPVOID entryPoint); DllInfo(LPVOID lpBaseOfDll, ULONG_PTR sizeOfImage, LPVOID entryPoint);
}; };
}; };

6
GleeBug/Debugger.Loop.Dll.cpp
View File

@ -8,7 +8,7 @@ namespace GleeBug
MODULEINFO modinfo; MODULEINFO modinfo;
memset(&modinfo, 0, sizeof(MODULEINFO)); memset(&modinfo, 0, sizeof(MODULEINFO));
GetModuleInformation(_process->hProcess, GetModuleInformation(_process->hProcess,
(HMODULE)loadDll.lpBaseOfDll, reinterpret_cast<HMODULE>(loadDll.lpBaseOfDll),
&modinfo, &modinfo,
sizeof(MODULEINFO)); sizeof(MODULEINFO));
DllInfo dll(loadDll.lpBaseOfDll, modinfo.SizeOfImage, modinfo.EntryPoint); DllInfo dll(loadDll.lpBaseOfDll, modinfo.SizeOfImage, modinfo.EntryPoint);
@ -24,12 +24,12 @@ namespace GleeBug
void Debugger::unloadDllEvent(const UNLOAD_DLL_DEBUG_INFO & unloadDll) void Debugger::unloadDllEvent(const UNLOAD_DLL_DEBUG_INFO & unloadDll)
{ {
//call the debug event callback //call the debug event callback
ULONG_PTR lpBaseOfDll = (ULONG_PTR)unloadDll.lpBaseOfDll; ULONG_PTR lpBaseOfDll = reinterpret_cast<ULONG_PTR>(unloadDll.lpBaseOfDll);
auto dll = _process->dlls.find(Range(lpBaseOfDll, lpBaseOfDll)); auto dll = _process->dlls.find(Range(lpBaseOfDll, lpBaseOfDll));
if (dll != _process->dlls.end()) if (dll != _process->dlls.end())
cbUnloadDllEvent(unloadDll, dll->second); cbUnloadDllEvent(unloadDll, dll->second);
else else
cbUnloadDllEvent(unloadDll, DllInfo(unloadDll.lpBaseOfDll, 0, 0)); cbUnloadDllEvent(unloadDll, DllInfo(unloadDll.lpBaseOfDll, 0, nullptr));
//DLL housekeeping //DLL housekeeping
if (dll != _process->dlls.end()) if (dll != _process->dlls.end())

3
GleeBug/Debugger.Loop.Exception.cpp
View File

@ -12,9 +12,6 @@ namespace GleeBug
//call the callback //call the callback
cbSystemBreakpoint(); cbSystemBreakpoint();
} }
else //handle other breakpoint exceptions
{
}
} }
void Debugger::exceptionSingleStep(const EXCEPTION_RECORD & exceptionRecord, const bool firstChance) void Debugger::exceptionSingleStep(const EXCEPTION_RECORD & exceptionRecord, const bool firstChance)

4
GleeBug/Debugger.Process.cpp
View File

@ -19,11 +19,11 @@ namespace GleeBug
bool ProcessInfo::MemRead(ULONG_PTR address, const size_t size, void* buffer) bool ProcessInfo::MemRead(ULONG_PTR address, const size_t size, void* buffer)
{ {
return !!ReadProcessMemory(this->hProcess, (const void*)address, buffer, size, NULL); return !!ReadProcessMemory(this->hProcess, reinterpret_cast<const void*>(address), buffer, size, nullptr);
} }
bool ProcessInfo::MemWrite(ULONG_PTR address, const size_t size, const void* buffer) bool ProcessInfo::MemWrite(ULONG_PTR address, const size_t size, const void* buffer)
{ {
return !!WriteProcessMemory(this->hProcess, (void*)address, buffer, size, NULL); return !!WriteProcessMemory(this->hProcess, reinterpret_cast<void*>(address), buffer, size, nullptr);
} }
}; };

6
GleeBug/Debugger.Thread.cpp
View File

@ -11,8 +11,8 @@ namespace GleeBug
{ {
this->dwThreadId = dwThreadId; this->dwThreadId = dwThreadId;
this->hThread = hThread; this->hThread = hThread;
this->lpThreadLocalBase = (ULONG_PTR)lpThreadLocalBase; this->lpThreadLocalBase = reinterpret_cast<ULONG_PTR>(lpThreadLocalBase);
this->lpStartAddress = (ULONG_PTR)lpStartAddress; this->lpStartAddress = reinterpret_cast<ULONG_PTR>(lpStartAddress);
} }
bool ThreadInfo::RegReadContext() bool ThreadInfo::RegReadContext()
@ -42,7 +42,7 @@ namespace GleeBug
return bReturn; return bReturn;
} }
void ThreadInfo::StepInto(StepCallback cbStep) void ThreadInfo::StepInto(const StepCallback & cbStep)
{ {
StepInto(); StepInto();
stepCallbacks.push_back(cbStep); stepCallbacks.push_back(cbStep);

2
GleeBug/Debugger.Thread.h
View File

@ -55,7 +55,7 @@ namespace GleeBug
\brief Step into. \brief Step into.
\param cbStep StepCallback. Can be written using BIND(this, MyDebugger::cb). \param cbStep StepCallback. Can be written using BIND(this, MyDebugger::cb).
*/ */
void StepInto(StepCallback cbStep); void StepInto(const StepCallback & cbStep);
/** /**
\brief Step into. \brief Step into.

31
GleeBug/Debugger.cpp
View File

@ -7,6 +7,10 @@ namespace GleeBug
_processes.clear(); _processes.clear();
} }
Debugger::~Debugger()
{
}
bool Debugger::Init(const wchar_t* szFilePath, bool Debugger::Init(const wchar_t* szFilePath,
const wchar_t* szCommandLine, const wchar_t* szCommandLine,
const wchar_t* szCurrentDirectory) const wchar_t* szCurrentDirectory)
@ -14,30 +18,37 @@ namespace GleeBug
STARTUPINFOW si; STARTUPINFOW si;
memset(&si, 0, sizeof(si)); memset(&si, 0, sizeof(si));
const wchar_t* szFileNameCreateProcess; const wchar_t* szFileNameCreateProcess;
wchar_t* szCommandLineCreateProcess; wchar_t* szCommandLineCreateProcess = nullptr;
if (szCommandLine == NULL || !wcslen(szCommandLine)) wchar_t* szCreateWithCmdLine = nullptr;
if (szCommandLine == nullptr || !wcslen(szCommandLine))
{ {
szCommandLineCreateProcess = 0; szCommandLineCreateProcess = nullptr;
szFileNameCreateProcess = szFilePath; szFileNameCreateProcess = szFilePath;
} }
else else
{ {
wchar_t szCreateWithCmdLine[1024]; auto size = 1 + wcslen(szFilePath) + 2 + wcslen(szCommandLine) + 1;
swprintf_s(szCreateWithCmdLine, L"\"%s\" %s", szFilePath, szCommandLine); szCreateWithCmdLine = new wchar_t[size];
swprintf_s(szCreateWithCmdLine, size, L"\"%s\" %s", szFilePath, szCommandLine);
szCommandLineCreateProcess = szCreateWithCmdLine; szCommandLineCreateProcess = szCreateWithCmdLine;
szFileNameCreateProcess = 0; szFileNameCreateProcess = nullptr;
} }
return !!CreateProcessW(szFileNameCreateProcess, bool result = !!CreateProcessW(szFileNameCreateProcess,
szCommandLineCreateProcess, szCommandLineCreateProcess,
NULL, nullptr,
NULL, nullptr,
FALSE, FALSE,
DEBUG_PROCESS | CREATE_NEW_CONSOLE, DEBUG_PROCESS | CREATE_NEW_CONSOLE,
NULL, nullptr,
szCurrentDirectory, szCurrentDirectory,
&si, &si,
&_mainProcess); &_mainProcess);
if (szCreateWithCmdLine)
delete[] szCreateWithCmdLine;
return result;
} }
bool Debugger::Stop() bool Debugger::Stop()

5
GleeBug/Debugger.h
View File

@ -17,6 +17,11 @@ namespace GleeBug
*/ */
Debugger(); Debugger();
/**
\brief Destructs the Debugger instance.
*/
virtual ~Debugger();
/** /**
\brief Start the debuggee. \brief Start the debuggee.
\param szFilePath Full pathname of the file to debug. \param szFilePath Full pathname of the file to debug.

4
GleeBug/GleeBug.vcxproj.filters
View File

@ -9,10 +9,6 @@
<UniqueIdentifier>{93995380-89BD-4b04-88EB-625FBE52EBFB}</UniqueIdentifier> <UniqueIdentifier>{93995380-89BD-4b04-88EB-625FBE52EBFB}</UniqueIdentifier>
<Extensions>h;hh;hpp;hxx;hm;inl;inc;xsd</Extensions> <Extensions>h;hh;hpp;hxx;hm;inl;inc;xsd</Extensions>
</Filter> </Filter>
<Filter Include="Resource Files">
<UniqueIdentifier>{67DA6AB6-F800-4c08-8B7A-83BB121AAD01}</UniqueIdentifier>
<Extensions>rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms</Extensions>
</Filter>
</ItemGroup> </ItemGroup>
<ItemGroup> <ItemGroup>
<ClCompile Include="Debugger.cpp"> <ClCompile Include="Debugger.cpp">

48
MyDebugger/MyDebugger.h
View File

@ -8,81 +8,85 @@ using namespace GleeBug;
class MyDebugger : public Debugger class MyDebugger : public Debugger
{ {
protected: protected:
virtual void cbCreateProcessEvent(const CREATE_PROCESS_DEBUG_INFO & createProcess, const ProcessInfo & process) void cbCreateProcessEvent(const CREATE_PROCESS_DEBUG_INFO & createProcess, const ProcessInfo & process) override
{ {
printf("Process %d created with entry 0x%p\n", printf("Process %d created with entry 0x%p\n",
_debugEvent.dwProcessId, _debugEvent.dwProcessId,
createProcess.lpStartAddress); createProcess.lpStartAddress);
}; }
virtual void cbExitProcessEvent(const EXIT_PROCESS_DEBUG_INFO & exitProcess, const ProcessInfo & process) void cbExitProcessEvent(const EXIT_PROCESS_DEBUG_INFO & exitProcess, const ProcessInfo & process) override
{ {
printf("Process %d terminated with exit code 0x%08X\n", printf("Process %u terminated with exit code 0x%08X\n",
_debugEvent.dwProcessId, _debugEvent.dwProcessId,
exitProcess.dwExitCode); exitProcess.dwExitCode);
} }
virtual void cbCreateThreadEvent(const CREATE_THREAD_DEBUG_INFO & createThread, const ThreadInfo & thread) void cbCreateThreadEvent(const CREATE_THREAD_DEBUG_INFO & createThread, const ThreadInfo & thread) override
{ {
printf("Thread %d created with entry 0x%p\n", printf("Thread %u created with entry 0x%p\n",
_debugEvent.dwThreadId, _debugEvent.dwThreadId,
createThread.lpStartAddress); createThread.lpStartAddress);
}; }
virtual void cbExitThreadEvent(const EXIT_THREAD_DEBUG_INFO & exitThread, const ThreadInfo & thread) void cbExitThreadEvent(const EXIT_THREAD_DEBUG_INFO & exitThread, const ThreadInfo & thread) override
{ {
printf("Thread %d terminated with exit code 0x%08X\n", printf("Thread %u terminated with exit code 0x%08X\n",
_debugEvent.dwThreadId, _debugEvent.dwThreadId,
exitThread.dwExitCode); exitThread.dwExitCode);
}; }
virtual void cbLoadDllEvent(const LOAD_DLL_DEBUG_INFO & loadDll, const DllInfo & dll) void cbLoadDllEvent(const LOAD_DLL_DEBUG_INFO & loadDll, const DllInfo & dll) override
{ {
printf("DLL loaded at 0x%p\n", printf("DLL loaded at 0x%p\n",
loadDll.lpBaseOfDll); loadDll.lpBaseOfDll);
}; }
virtual void cbUnloadDllEvent(const UNLOAD_DLL_DEBUG_INFO & unloadDll, const DllInfo & dll) void cbUnloadDllEvent(const UNLOAD_DLL_DEBUG_INFO & unloadDll, const DllInfo & dll) override
{ {
printf("DLL 0x%p unloaded\n", printf("DLL 0x%p unloaded\n",
unloadDll.lpBaseOfDll); unloadDll.lpBaseOfDll);
}; }
virtual void cbExceptionEvent(const EXCEPTION_DEBUG_INFO & exceptionInfo) void cbExceptionEvent(const EXCEPTION_DEBUG_INFO & exceptionInfo) override
{ {
printf("Exception with code 0x%08X at 0x%p\n", printf("Exception with code 0x%08X at 0x%p\n",
exceptionInfo.ExceptionRecord.ExceptionCode, exceptionInfo.ExceptionRecord.ExceptionCode,
exceptionInfo.ExceptionRecord.ExceptionAddress); exceptionInfo.ExceptionRecord.ExceptionAddress);
}; }
virtual void cbDebugStringEvent(const OUTPUT_DEBUG_STRING_INFO & debugString) void cbDebugStringEvent(const OUTPUT_DEBUG_STRING_INFO & debugString) override
{ {
printf("Debug string at 0x%p with length %d\n", printf("Debug string at 0x%p with length %d\n",
debugString.lpDebugStringData, debugString.lpDebugStringData,
debugString.nDebugStringLength); debugString.nDebugStringLength);
}; }
virtual void cbRipEvent(const RIP_INFO & rip) void cbRipEvent(const RIP_INFO & rip) override
{ {
printf("RIP event type 0x%X, error 0x%X", printf("RIP event type 0x%X, error 0x%X",
rip.dwType, rip.dwType,
rip.dwError); rip.dwError);
}; }
void boobs() void boobs()
{ {
printf("(.)Y(.) 0x%p\n", printf("(.)Y(.) 0x%p\n",
#ifdef _WIN64
_thread->registers.Rip); _thread->registers.Rip);
#else //x32
_thread->registers.Eip);
#endif //_WIN64
} }
virtual void cbSystemBreakpoint() void cbSystemBreakpoint() override
{ {
printf("System breakpoint reached, CIP: 0x%p\n", printf("System breakpoint reached, CIP: 0x%p\n",
_thread->registers.Rip); _thread->registers.Rip);
_thread->StepInto(BIND(this, MyDebugger::boobs)); _thread->StepInto(BIND(this, MyDebugger::boobs));
} }
virtual void cbInternalError(const std::string & error) void cbInternalError(const std::string & error) override
{ {
printf("Internal Error: %s\n", printf("Internal Error: %s\n",
error.c_str()); error.c_str());