From 7790cc9e127ee035f234700645306a7c84a8d48a Mon Sep 17 00:00:00 2001 From: Duncan Ogilvie Date: Wed, 11 Nov 2020 23:34:55 +0100 Subject: [PATCH] Disable DbgUiIssueRemoteBreakin and switch to safe attach per default --- TitanEngineEmulator/Emulator.h | 2 +- TitanEngineEmulator/NativeAttach.h | 4 ++++ 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/TitanEngineEmulator/Emulator.h b/TitanEngineEmulator/Emulator.h index 7a424f6..d97d0c0 100644 --- a/TitanEngineEmulator/Emulator.h +++ b/TitanEngineEmulator/Emulator.h @@ -68,7 +68,7 @@ public: bool AttachDebugger(DWORD ProcessId, bool KillOnExit, LPVOID DebugInfo, LPVOID CallBack) { - if(!Attach(ProcessId, mSafeAttach ? DebugActiveProcess_ : DebugActiveProcess)) + if(!Attach(ProcessId, DebugActiveProcess_)) return false; mCbATTACHBREAKPOINT = STEPCALLBACK(CallBack); mAttachProcessInfo = (PROCESS_INFORMATION*)DebugInfo; diff --git a/TitanEngineEmulator/NativeAttach.h b/TitanEngineEmulator/NativeAttach.h index 54974a0..c9d5480 100644 --- a/TitanEngineEmulator/NativeAttach.h +++ b/TitanEngineEmulator/NativeAttach.h @@ -130,6 +130,9 @@ static NTSTATUS NTAPI DbgUiDebugActiveProcess_(IN HANDLE Process) { /* Tell the kernel to start debugging */ NTSTATUS Status = NtDebugActiveProcess(Process, NtCurrentTeb()->DbgSsReserved[1]); + return Status; + +#if 0 if (NT_SUCCESS(Status)) { /* Now break-in the process */ @@ -140,6 +143,7 @@ static NTSTATUS NTAPI DbgUiDebugActiveProcess_(IN HANDLE Process) DbgUiStopDebugging(Process); } } +#endif /* Return status */ return Status;