From 26c71cc6e49f6405ad89df0f35c1c51967098d72 Mon Sep 17 00:00:00 2001 From: "Mr. eXoDia" Date: Sat, 15 Aug 2015 20:13:47 +0200 Subject: [PATCH] simple software (0xCC) breakpoints working + examples with lambda functions --- GleeBug/Debugger.Loop.Exception.cpp | 12 +++++++++++- MyDebugger/MyDebugger.h | 30 ++++++++++++++--------------- 2 files changed, 25 insertions(+), 17 deletions(-) diff --git a/GleeBug/Debugger.Loop.Exception.cpp b/GleeBug/Debugger.Loop.Exception.cpp index c81c05a..b5a91d4 100644 --- a/GleeBug/Debugger.Loop.Exception.cpp +++ b/GleeBug/Debugger.Loop.Exception.cpp @@ -24,6 +24,16 @@ namespace GleeBug //set continue status _continueStatus = DBG_CONTINUE; + //set back the instruction pointer + _registers->Gip = info.address; + + //restore the original breakpoint byte and do an internal step + _process->MemWrite(info.address, info.internal.software.oldbytes, info.internal.software.size); + _thread->StepInternal(std::bind([this, info]() + { + _process->MemWrite(info.address, info.internal.software.newbytes, info.internal.software.size); + })); + //call the generic callback cbBreakpoint(info); @@ -39,7 +49,7 @@ namespace GleeBug if (_thread->isInternalStepping) //handle internal steps { //set internal status - _thread->isSingleStepping = false; + _thread->isInternalStepping = false; _continueStatus = DBG_CONTINUE; //call the internal step callback diff --git a/MyDebugger/MyDebugger.h b/MyDebugger/MyDebugger.h index a86981d..7dfca27 100644 --- a/MyDebugger/MyDebugger.h +++ b/MyDebugger/MyDebugger.h @@ -8,9 +8,15 @@ using namespace GleeBug; class MyDebugger : public Debugger { protected: - void myBreakpoint(const BreakpointInfo & info) + void cbEntryBreakpoint(const BreakpointInfo & info) { - puts("myBreakpoint()"); + printf("Reached entry breakpoint! GIP: 0x%p\n", + _registers->Gip()); + _thread->StepInto(std::bind([this]() + { + printf("Step after entry breakpoint! GIP: 0x%p\n", + _registers->Gip()); + })); } void cbCreateProcessEvent(const CREATE_PROCESS_DEBUG_INFO & createProcess, const ProcessInfo & process) override @@ -19,7 +25,7 @@ protected: printf("Process %d created with entry 0x%p\n", _debugEvent.dwProcessId, entry); - if(_process->SetBreakpoint(entry, this, &MyDebugger::myBreakpoint)) + if(_process->SetBreakpoint(entry, this, &MyDebugger::cbEntryBreakpoint)) printf("Breakpoint set at 0x%p!\n", entry); else printf("Failed to set breakpoint at 0x%p...\b", entry); @@ -81,25 +87,17 @@ protected: rip.dwError); } - void boobs() + void cbStepSystem() { - printf("(.)Y(.) 0x%p\n", - _registers->Gip.Get()); - } - - void gax() - { - printf("GAX: 0x%p = 0x%p = 0x%p\n", - _registers->Get(Registers::R::GAX), - _registers->Gax.Get(), - _registers->Gax()); + printf("Reached step after system breakpoint, GIP: 0x%p!\n", + _registers->Gip()); } void cbSystemBreakpoint() override { - printf("System breakpoint reached, CIP: 0x%p\n", + printf("System breakpoint reached, GIP: 0x%p\n", _registers->Gip.Get()); - _thread->StepInto(this, &MyDebugger::boobs); + _thread->StepInto(this, &MyDebugger::cbStepSystem); } void cbInternalError(const std::string & error) override