diff --git a/GleeBug/Debugger.Breakpoint.Types.h b/GleeBug/Debugger.Breakpoint.Types.h new file mode 100644 index 0000000..76f78bf --- /dev/null +++ b/GleeBug/Debugger.Breakpoint.Types.h @@ -0,0 +1,11 @@ +#ifndef DEBUGGER_BREAKPOINT_TYPES +#define DEBUGGER_BREAKPOINT_TYPES + +/* +Needs more work here. +*/ + +#define SOFT_BP 0xcc + + +#endif \ No newline at end of file diff --git a/GleeBug/Debugger.Breakpoints.h b/GleeBug/Debugger.Breakpoints.h new file mode 100644 index 0000000..558a4ee --- /dev/null +++ b/GleeBug/Debugger.Breakpoints.h @@ -0,0 +1,97 @@ +#ifndef DEBUGGER_BREAKPOINTS_H +#define DEBUGGER_BREAKPOINTS_H + +#include "Debugger.Global.h" + + +/* +Incomplete Job. I'll Continue Later. +*/ +namespace GleeBug{ + + + typedef std::tuple breakpoint; + typedef std::unordered_map bpmap; + + struct BreakPointManager{ + + bpmap breakpoints; + + BreakPointManager(){ + breakpoints = bpmap{}; + } + + bool AddBp(LPPROCESS_INFORMATION procinfo, LPVOID addr, uint32_t type){ + + uint8_t bp_type; + SIZE_T nbytes_written = 0; + + breakpoint bp( procinfo->dwProcessId, addr, type ); + + switch (type) + { + case SOFT_BP: + bp_type = 0xcc; + break; + default: + return false; + } + + if (ReadProcessMemory(procinfo->hProcess, addr, &bp_type, 1, &nbytes_written) == 0) + { + return false; + } + + if (nbytes_written != 1){ + return false; + } + breakpoints[bp] = bp_type; + + + if (WriteProcessMemory(procinfo->hProcess, addr, &bp_type, 1, &nbytes_written) == 0) + { + return false; + } + + if (nbytes_written != 1){ + return false; + } + return true; + } + + bool RemoveBp(LPPROCESS_INFORMATION proc_info, breakpoint bp){ + uint8_t original_instruction; + SIZE_T nbytes_written = 0; + try + { + original_instruction = breakpoints[bp]; + } + catch (const std::out_of_range& oor){ + return false; + } + if (WriteProcessMemory(proc_info->hProcess, std::get<1>(bp), &std::get<2>(bp), 1, &nbytes_written) == 0) + { + return false; + } + if (nbytes_written != 1){ + return false; + } + return true; + } + + bool DeleteBp(LPPROCESS_INFORMATION proc_info, breakpoint bp){ + bool success; + + success = RemoveBp(proc_info, bp); + breakpoints.erase(bp); + return success; + } + + bool DisableAll() + { + + } + }; + +} +#endif \ No newline at end of file diff --git a/GleeBug/Debugger.Global.h b/GleeBug/Debugger.Global.h index 8aaa312..cc89903 100644 --- a/GleeBug/Debugger.Global.h +++ b/GleeBug/Debugger.Global.h @@ -6,9 +6,10 @@ #include #include #include - +#include #include #include +#include "Debugger.Breakpoint.Types.h" namespace GleeBug { diff --git a/GleeBug/Debugger.cpp b/GleeBug/Debugger.cpp index 339d6c3..27ff345 100644 --- a/GleeBug/Debugger.cpp +++ b/GleeBug/Debugger.cpp @@ -11,6 +11,8 @@ namespace GleeBug const wchar_t* szCommandLine, const wchar_t* szCurrentDirectory) { + _breakPoints = BreakPointManager(); + STARTUPINFOW si; memset(&si, 0, sizeof(si)); const wchar_t* szFileNameCreateProcess; @@ -49,4 +51,13 @@ namespace GleeBug { return !!DebugActiveProcessStop(_mainProcess.dwProcessId); } + + bool Debugger::SetBreakPointMainProcess(LPVOID address, uint32_t bp_type){ + return _breakPoints.AddBp(&_mainProcess, address, bp_type); + } + + bool Debugger::DelBreakPointMainProcess(LPVOID address, uint32_t bp_type){ + breakpoint temp(_mainProcess.dwProcessId, address, bp_type); + return _breakPoints.DeleteBp(&_mainProcess, temp); + } }; \ No newline at end of file diff --git a/GleeBug/Debugger.h b/GleeBug/Debugger.h index c8327ae..9c097db 100644 --- a/GleeBug/Debugger.h +++ b/GleeBug/Debugger.h @@ -3,6 +3,7 @@ #include "Debugger.Global.h" #include "Debugger.Process.h" +#include "Debugger.Breakpoints.h" namespace GleeBug { @@ -45,6 +46,11 @@ namespace GleeBug */ void Start(); + /* + adds a brakpoint on the main process being debugger; + */ + bool SetBreakPointMainProcess(LPVOID address, uint32_t bp_type); + bool DelBreakPointMainProcess(LPVOID address, uint32_t bp_type); protected: //debug event callbacks /** \brief Process creation debug event callback. Provide an implementation to use this callback. @@ -184,6 +190,7 @@ namespace GleeBug virtual void exceptionSingleStep(const EXCEPTION_RECORD & exceptionRecord, const bool firstChance); protected: //variables + BreakPointManager _breakPoints; PROCESS_INFORMATION _mainProcess; DWORD _continueStatus; bool _breakDebugger; diff --git a/GleeBug/GleeBug.vcxproj b/GleeBug/GleeBug.vcxproj index ef28bcf..9e779e5 100644 --- a/GleeBug/GleeBug.vcxproj +++ b/GleeBug/GleeBug.vcxproj @@ -159,6 +159,8 @@ + + diff --git a/GleeBug/GleeBug.vcxproj.filters b/GleeBug/GleeBug.vcxproj.filters index 3c4e522..7134884 100644 --- a/GleeBug/GleeBug.vcxproj.filters +++ b/GleeBug/GleeBug.vcxproj.filters @@ -65,5 +65,11 @@ Header Files + + Header Files + + + Header Files + \ No newline at end of file diff --git a/MyDebugger/main.cpp b/MyDebugger/main.cpp index e3398b4..b77adc0 100644 --- a/MyDebugger/main.cpp +++ b/MyDebugger/main.cpp @@ -6,10 +6,10 @@ int main() #ifdef _WIN64 wchar_t szFilePath[256] = L"c:\\test64.exe"; #else //x86 - wchar_t szFilePath[256] = L"c:\\test32.exe"; + wchar_t szFilePath[256] = L"C:\\Users\\JOAO\\Favorites\\Desktop\\crackmes\\chakravyuha\\_sol\\CHAKRAVYUHA.exe"; #endif //_WIN64 wchar_t szCommandLine[256] = L""; - wchar_t szCurrentDir[256] = L"c:\\"; + wchar_t szCurrentDir[256] = L"C:\\Users\\JOAO\\Favorites\\Desktop\\crackmes\\chakravyuha\\_sol\\"; MyDebugger dbg; if (dbg.Init(szFilePath, szCommandLine, szCurrentDir)) {