x64dbg
/
GleeBug
mirror of https://github.com/x64dbg/GleeBug
1
0
Fork 0
Code Releases Activity

implement TitanOpenProcess and TitanOpenThread

This commit is contained in:
Duncan Ogilvie 2017-12-11 20:49:25 +01:00
parent 79e52d2d2c
commit 719f349b67
No known key found for this signature in database
GPG Key ID: FC89E0AAA0C1AAD8
1 changed files with 48 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

52
TitanEngineEmulator/Emulator.h
View File

@ -217,14 +217,26 @@ public:
HANDLE TitanOpenProcess(DWORD dwDesiredAccess, bool bInheritHandle, DWORD dwProcessId) HANDLE TitanOpenProcess(DWORD dwDesiredAccess, bool bInheritHandle, DWORD dwProcessId)
{ {
//TODO if(mSetDebugPrivilege)
return OpenProcess(dwDesiredAccess, bInheritHandle, dwProcessId); setDebugPrivilege(GetCurrentProcess(), true);
HANDLE hProcess = OpenProcess(dwDesiredAccess, bInheritHandle, dwProcessId);
DWORD dwLastError = GetLastError();
if(mSetDebugPrivilege)
setDebugPrivilege(GetCurrentProcess(), false);
SetLastError(dwLastError);
return hProcess;
} }
HANDLE TitanOpenThread(DWORD dwDesiredAccess, bool bInheritHandle, DWORD dwThreadId) HANDLE TitanOpenThread(DWORD dwDesiredAccess, bool bInheritHandle, DWORD dwThreadId)
{ {
//TODO if(mSetDebugPrivilege)
return OpenThread(dwDesiredAccess, bInheritHandle, dwThreadId); setDebugPrivilege(GetCurrentProcess(), true);
HANDLE hThread = OpenThread(dwDesiredAccess, bInheritHandle, dwThreadId);
DWORD dwLastError = GetLastError();
if(mSetDebugPrivilege)
setDebugPrivilege(GetCurrentProcess(), false);
SetLastError(dwLastError);
return hThread;
} }
//Stepping //Stepping
@ -847,6 +859,38 @@ private: //functions
} }
} }
static DWORD setDebugPrivilege(HANDLE hProcess, bool bEnablePrivilege)
{
DWORD dwLastError;
HANDLE hToken = 0;
if(!OpenProcessToken(hProcess, TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &hToken))
{
dwLastError = GetLastError();
if(hToken)
CloseHandle(hToken);
return dwLastError;
}
TOKEN_PRIVILEGES tokenPrivileges;
memset(&tokenPrivileges, 0, sizeof(TOKEN_PRIVILEGES));
LUID luid;
if(!LookupPrivilegeValue(NULL, SE_DEBUG_NAME, &luid))
{
dwLastError = GetLastError();
CloseHandle(hToken);
return dwLastError;
}
tokenPrivileges.PrivilegeCount = 1;
tokenPrivileges.Privileges[0].Luid = luid;
if(bEnablePrivilege)
tokenPrivileges.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
else
tokenPrivileges.Privileges[0].Attributes = 0;
AdjustTokenPrivileges(hToken, FALSE, &tokenPrivileges, sizeof(TOKEN_PRIVILEGES), NULL, NULL);
dwLastError = GetLastError();
CloseHandle(hToken);
return dwLastError;
}
private: //variables private: //variables
bool mSetDebugPrivilege = false; bool mSetDebugPrivilege = false;
typedef void(*CUSTOMHANDLER)(const void*); typedef void(*CUSTOMHANDLER)(const void*);