From c5197f92d574024e6855b396c5f802290d2a3ede Mon Sep 17 00:00:00 2001 From: mrexodia Date: Wed, 4 Jan 2017 03:08:21 +0100 Subject: [PATCH] added various functions to TitanEngineEmulator --- MyDebugger/MyDebugger.h | 6 ++++ TitanEngineEmulator/Emulator.h | 36 +++++++++++++++++++-- TitanEngineEmulator/TitanEngineEmulator.cpp | 30 +++++++++++++++++ 3 files changed, 69 insertions(+), 3 deletions(-) diff --git a/MyDebugger/MyDebugger.h b/MyDebugger/MyDebugger.h index 589e4b9..7590128 100644 --- a/MyDebugger/MyDebugger.h +++ b/MyDebugger/MyDebugger.h @@ -135,6 +135,12 @@ protected: rip.dwError); } + void cbAttachBreakpoint() override + { + printf("Attach breakpoint reached, GIP: 0x%p\n", + mRegisters->Gip()); + } + void cbSystemBreakpoint() override { printf("System breakpoint reached, GIP: 0x%p\n", diff --git a/TitanEngineEmulator/Emulator.h b/TitanEngineEmulator/Emulator.h index 71b74f9..0be7e15 100644 --- a/TitanEngineEmulator/Emulator.h +++ b/TitanEngineEmulator/Emulator.h @@ -9,6 +9,7 @@ public: //Debugger PROCESS_INFORMATION* InitDebugW(const wchar_t* szFileName, const wchar_t* szCommandLine, const wchar_t* szCurrentFolder) { + mCbATTACHBREAKPOINT = nullptr; if (!Init(szFileName, szCommandLine, szCurrentFolder)) return nullptr; return &mMainProcess; @@ -27,13 +28,16 @@ public: bool AttachDebugger(DWORD ProcessId, bool KillOnExit, LPVOID DebugInfo, LPVOID CallBack) { - //TODO - return false; + if(!Attach(ProcessId)) + return false; + mCbATTACHBREAKPOINT = STEPCALLBACK(CallBack); + mAttachProcessInfo = (PROCESS_INFORMATION*)DebugInfo; + DebugLoop(); + return true; } bool DetachDebuggerEx(DWORD ProcessId) { - //TODO Detach(); return true; } @@ -141,6 +145,16 @@ public: mSetDebugPrivilege = VariableSet; } + PROCESS_INFORMATION* TitanGetProcessInformation() + { + return &mMainProcess; + } + + STARTUPINFOW* TitanGetStartupInformation() + { + return &mMainStartupInfo; + } + //Misc bool IsJumpGoingToExecuteEx(HANDLE hProcess, HANDLE hThread, ULONG_PTR InstructionAddress, ULONG_PTR RegFlags) { @@ -532,6 +546,16 @@ protected: mCbDEBUGEVENT(&debugEvent); } + void cbAttachBreakpoint() override + { + if(mCbATTACHBREAKPOINT) + { + if(mAttachProcessInfo) + *mAttachProcessInfo = mMainProcess; + mCbATTACHBREAKPOINT(); + } + } + void cbSystemBreakpoint() override { if (mCbSYSTEMBREAKPOINT) @@ -588,12 +612,16 @@ private: //functions Thread* threadFromHandle(HANDLE hThread) const { + if(!hThread) + return mThread; //TODO: properly implement this return mThread; } Process* processFromHandle(HANDLE hProcess) const { + if(!hProcess) + return mProcess; //TODO: properly implement this return mProcess; } @@ -648,4 +676,6 @@ private: //variables CUSTOMHANDLER mCbOUTPUTDEBUGSTRING = nullptr; CUSTOMHANDLER mCbUNHANDLEDEXCEPTION = nullptr; CUSTOMHANDLER mCbDEBUGEVENT = nullptr; + STEPCALLBACK mCbATTACHBREAKPOINT = nullptr; + PROCESS_INFORMATION* mAttachProcessInfo = nullptr; }; \ No newline at end of file diff --git a/TitanEngineEmulator/TitanEngineEmulator.cpp b/TitanEngineEmulator/TitanEngineEmulator.cpp index 46a186a..ba809d9 100644 --- a/TitanEngineEmulator/TitanEngineEmulator.cpp +++ b/TitanEngineEmulator/TitanEngineEmulator.cpp @@ -81,6 +81,16 @@ __declspec(dllexport) void TITCALL SetEngineVariable(DWORD VariableId, bool Vari emu.SetEngineVariable(VariableId, VariableSet); } +__declspec(dllexport) PROCESS_INFORMATION* TITCALL TitanGetProcessInformation() +{ + return emu.TitanGetProcessInformation(); +} + +__declspec(dllexport) STARTUPINFOW* TITCALL TitanGetStartupInformation() +{ + return emu.TitanGetStartupInformation(); +} + //Misc __declspec(dllexport) bool TITCALL IsJumpGoingToExecuteEx(HANDLE hProcess, HANDLE hThread, ULONG_PTR InstructionAddress, ULONG_PTR RegFlags) { @@ -118,6 +128,11 @@ __declspec(dllexport) ULONG_PTR TITCALL GetContextDataEx(HANDLE hActiveThread, D return emu.GetContextDataEx(hActiveThread, IndexOfRegister); } +__declspec(dllexport) ULONG_PTR TITCALL GetContextData(DWORD IndexOfRegister) +{ + return GetContextDataEx(nullptr, IndexOfRegister); +} + __declspec(dllexport) bool TITCALL SetContextDataEx(HANDLE hActiveThread, DWORD IndexOfRegister, ULONG_PTR NewRegisterValue) { return emu.SetContextDataEx(hActiveThread, IndexOfRegister, NewRegisterValue); @@ -149,6 +164,11 @@ __declspec(dllexport) bool TITCALL StaticFileLoadW(const wchar_t* szFileName, DW return emu.StaticFileLoadW(szFileName, DesiredAccess, SimulateLoad, FileHandle, LoadedSize, FileMap, FileMapVA); } +__declspec(dllexport) bool TITCALL StaticFileLoad(const char* szFileName, DWORD DesiredAccess, bool SimulateLoad, LPHANDLE FileHandle, LPDWORD LoadedSize, LPHANDLE FileMap, PULONG_PTR FileMapVA) +{ + return StaticFileLoadW(Utf8ToUtf16(szFileName).c_str(), DesiredAccess, SimulateLoad, FileHandle, LoadedSize, FileMap, FileMapVA); +} + __declspec(dllexport) bool TITCALL StaticFileUnloadW(const wchar_t* szFileName, bool CommitChanges, HANDLE FileHandle, DWORD LoadedSize, HANDLE FileMap, ULONG_PTR FileMapVA) { return emu.StaticFileUnloadW(szFileName, CommitChanges, FileHandle, LoadedSize, FileMap, FileMapVA); @@ -164,6 +184,11 @@ __declspec(dllexport) ULONG_PTR TITCALL ConvertVAtoFileOffsetEx(ULONG_PTR FileMa return emu.ConvertVAtoFileOffsetEx(FileMapVA, FileSize, ImageBase, AddressToConvert, AddressIsRVA, ReturnType); } +__declspec(dllexport) ULONG_PTR TITCALL ConvertVAtoFileOffset(ULONG_PTR FileMapVA, ULONG_PTR AddressToConvert, bool ReturnType) +{ + return ConvertVAtoFileOffsetEx(FileMapVA, 0, 0, AddressToConvert, false, ReturnType); +} + __declspec(dllexport) ULONG_PTR TITCALL GetPE32DataFromMappedFile(ULONG_PTR FileMapVA, DWORD WhichSection, DWORD WhichData) { return emu.GetPE32DataFromMappedFile(FileMapVA, WhichSection, WhichData); @@ -174,6 +199,11 @@ __declspec(dllexport) ULONG_PTR TITCALL GetPE32DataW(const wchar_t* szFileName, return emu.GetPE32DataW(szFileName, WhichSection, WhichData); } +__declspec(dllexport) ULONG_PTR TITCALL GetPE32Data(const char* szFileName, DWORD WhichSection, DWORD WhichData) +{ + return GetPE32DataW(Utf8ToUtf16(szFileName).c_str(), WhichSection, WhichData); +} + __declspec(dllexport) bool TITCALL IsFileDLLW(const wchar_t* szFileName, ULONG_PTR FileMapVA) { return emu.IsFileDLLW(szFileName, FileMapVA);