diff --git a/StaticEngine/Emulator.h b/StaticEngine/Emulator.h index 21946b1..4232b11 100644 --- a/StaticEngine/Emulator.h +++ b/StaticEngine/Emulator.h @@ -407,6 +407,11 @@ public: return hThread; } + PROCESS_INFORMATION* TitanGetProcessInformation() + { + return &mProcessInfo; + } + //Registers ULONG_PTR GetContextDataEx(HANDLE hActiveThread, DWORD IndexOfRegister) const { diff --git a/StaticEngine/TitanEngineEmulator.cpp b/StaticEngine/TitanEngineEmulator.cpp index 172a0ae..3e25710 100644 --- a/StaticEngine/TitanEngineEmulator.cpp +++ b/StaticEngine/TitanEngineEmulator.cpp @@ -107,12 +107,45 @@ __declspec(dllexport) HANDLE TITCALL TitanOpenThread(DWORD dwDesiredAccess, bool return emu.TitanOpenThread(dwDesiredAccess, bInheritHandle, dwThreadId); } +__declspec(dllexport) PROCESS_INFORMATION* TITCALL TitanGetProcessInformation() +{ + return emu.TitanGetProcessInformation(); +} + +__declspec(dllexport) ULONG_PTR TITCALL ImporterGetRemoteAPIAddressEx(const char* szDLLName, const char* szAPIName) +{ +#ifdef _WIN64 +#define X64DBG_DLL L"x64dbg.dll" +#else +#define X64DBG_DLL L"x32dbg.dll" +#endif // _WIN64 + static auto hModule = GetModuleHandleW(X64DBG_DLL); +#undef X64DBG_DLL + + if (hModule) + { + static auto DbgValFromString = (ULONG_PTR(*)(const char*))GetProcAddress(hModule, "DbgValFromString"); + if (DbgValFromString) + { + char expr[1024] = ""; + _snprintf_s(expr, _TRUNCATE, "\"%s\":%s", szDLLName, szAPIName); + return DbgValFromString(expr); + } + } + return 0; +} + //Registers __declspec(dllexport) ULONG_PTR TITCALL GetContextDataEx(HANDLE hActiveThread, DWORD IndexOfRegister) { return emu.GetContextDataEx(hActiveThread, IndexOfRegister); } +__declspec(dllexport) ULONG_PTR TITCALL GetContextData(DWORD IndexOfRegister) +{ + return GetContextDataEx(TitanGetProcessInformation()->hThread, IndexOfRegister); +} + __declspec(dllexport) bool TITCALL SetContextDataEx(HANDLE hActiveThread, DWORD IndexOfRegister, ULONG_PTR NewRegisterValue) { return emu.SetContextDataEx(hActiveThread, IndexOfRegister, NewRegisterValue); diff --git a/TitanEngineEmulator/Emulator.h b/TitanEngineEmulator/Emulator.h index c9043fb..1b9dba6 100644 --- a/TitanEngineEmulator/Emulator.h +++ b/TitanEngineEmulator/Emulator.h @@ -294,6 +294,11 @@ public: return hThread; } + PROCESS_INFORMATION* TitanGetProcessInformation() + { + return &mMainProcess; + } + //Stepping void StepOver(LPVOID CallBack) { diff --git a/TitanEngineEmulator/TitanEngineEmulator.cpp b/TitanEngineEmulator/TitanEngineEmulator.cpp index fb03228..80ad997 100644 --- a/TitanEngineEmulator/TitanEngineEmulator.cpp +++ b/TitanEngineEmulator/TitanEngineEmulator.cpp @@ -107,12 +107,45 @@ __declspec(dllexport) HANDLE TITCALL TitanOpenThread(DWORD dwDesiredAccess, bool return emu.TitanOpenThread(dwDesiredAccess, bInheritHandle, dwThreadId); } +__declspec(dllexport) PROCESS_INFORMATION* TITCALL TitanGetProcessInformation() +{ + return emu.TitanGetProcessInformation(); +} + +__declspec(dllexport) ULONG_PTR TITCALL ImporterGetRemoteAPIAddressEx(const char* szDLLName, const char* szAPIName) +{ +#ifdef _WIN64 +#define X64DBG_DLL L"x64dbg.dll" +#else +#define X64DBG_DLL L"x32dbg.dll" +#endif // _WIN64 + static auto hModule = GetModuleHandleW(X64DBG_DLL); +#undef X64DBG_DLL + + if (hModule) + { + static auto DbgValFromString = (ULONG_PTR(*)(const char*))GetProcAddress(hModule, "DbgValFromString"); + if (DbgValFromString) + { + char expr[1024] = ""; + _snprintf_s(expr, _TRUNCATE, "\"%s\":%s", szDLLName, szAPIName); + return DbgValFromString(expr); + } + } + return 0; +} + //Registers __declspec(dllexport) ULONG_PTR TITCALL GetContextDataEx(HANDLE hActiveThread, DWORD IndexOfRegister) { return emu.GetContextDataEx(hActiveThread, IndexOfRegister); } +__declspec(dllexport) ULONG_PTR TITCALL GetContextData(DWORD IndexOfRegister) +{ + return GetContextDataEx(TitanGetProcessInformation()->hThread, IndexOfRegister); +} + __declspec(dllexport) bool TITCALL SetContextDataEx(HANDLE hActiveThread, DWORD IndexOfRegister, ULONG_PTR NewRegisterValue) { return emu.SetContextDataEx(hActiveThread, IndexOfRegister, NewRegisterValue);