x64dbg
/
GleeBug
mirror of https://github.com/x64dbg/GleeBug
1
0
Fork 0
Code Releases Activity

Merge pull request #55 from Mattiwatti/staticfileload-getpe32data 

Emulator: implement StaticFileLoad and GetPE32Data
This commit is contained in:
Duncan Ogilvie 2020-10-10 17:51:06 +02:00 committed by GitHub
parent ab5716c6fb 6b6fdd5bb5
commit c5aed9fccc
Signed by: GitHub
GPG Key ID: 4AEE18F83AFDEB23
6 changed files with 52 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
GleeBug/GleeBug.vcxproj
View File

@ -171,6 +171,7 @@
<ClCompile Include="Static.File.cpp" /> <ClCompile Include="Static.File.cpp" />
<ClCompile Include="Static.Pattern.cpp" /> <ClCompile Include="Static.Pattern.cpp" />
<ClCompile Include="Static.Pe.cpp" /> <ClCompile Include="Static.Pe.cpp" />
<ClCompile Include="stringutils.cpp" />
<ClCompile Include="zyan-disassembler-engine\src\Decoder.c" /> <ClCompile Include="zyan-disassembler-engine\src\Decoder.c" />
<ClCompile Include="zyan-disassembler-engine\src\Formatter.c"> <ClCompile Include="zyan-disassembler-engine\src\Formatter.c">
<PreprocessorDefinitions Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">_CRT_SECURE_NO_WARNINGS;_USING_V110_SDK71_;%(PreprocessorDefinitions)</PreprocessorDefinitions> <PreprocessorDefinitions Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">_CRT_SECURE_NO_WARNINGS;_USING_V110_SDK71_;%(PreprocessorDefinitions)</PreprocessorDefinitions>
@ -203,6 +204,7 @@
<ClInclude Include="Static.Pe.h" /> <ClInclude Include="Static.Pe.h" />
<ClInclude Include="Static.Pe.Section.h" /> <ClInclude Include="Static.Pe.Section.h" />
<ClInclude Include="Static.Region.h" /> <ClInclude Include="Static.Region.h" />
<ClInclude Include="stringutils.h" />
<ClInclude Include="zyan-disassembler-engine\include\Zydis\Decoder.h" /> <ClInclude Include="zyan-disassembler-engine\include\Zydis\Decoder.h" />
<ClInclude Include="zyan-disassembler-engine\include\Zydis\Defines.h" /> <ClInclude Include="zyan-disassembler-engine\include\Zydis\Defines.h" />
<ClInclude Include="zyan-disassembler-engine\include\Zydis\Formatter.h" /> <ClInclude Include="zyan-disassembler-engine\include\Zydis\Formatter.h" />

6
GleeBug/GleeBug.vcxproj.filters
View File

@ -104,6 +104,9 @@
<ClCompile Include="zyan-disassembler-engine\src\Zydis.c"> <ClCompile Include="zyan-disassembler-engine\src\Zydis.c">
<Filter>Source Files\Zydis</Filter> <Filter>Source Files\Zydis</Filter>
</ClCompile> </ClCompile>
<ClCompile Include="stringutils.cpp">
<Filter>Source Files</Filter>
</ClCompile>
</ItemGroup> </ItemGroup>
<ItemGroup> <ItemGroup>
<ClInclude Include="Debugger.h"> <ClInclude Include="Debugger.h">
@ -193,6 +196,9 @@
<ClInclude Include="oprintf.h"> <ClInclude Include="oprintf.h">
<Filter>Header Files</Filter> <Filter>Header Files</Filter>
</ClInclude> </ClInclude>
<ClInclude Include="stringutils.h">
<Filter>Header Files</Filter>
</ClInclude>
</ItemGroup> </ItemGroup>
<ItemGroup> <ItemGroup>
<None Include="zyan-disassembler-engine\include\Zydis\Internal\GeneratedTypes.inc"> <None Include="zyan-disassembler-engine\include\Zydis\Internal\GeneratedTypes.inc">

13
StaticEngine/Emulator.h
View File

@ -5,7 +5,8 @@
#include "ntdll.h" #include "ntdll.h"
#include "FileMap.h" #include "FileMap.h"
#include <GleeBug/Static.Pe.h> #include <GleeBug/Static.Pe.h>
#include <GleeBug/Static.Bufferfile.h> #include <GleeBug/Static.BufferFile.h>
#include <GleeBug/stringutils.h>
#pragma comment(lib, "psapi.lib") #pragma comment(lib, "psapi.lib")
@ -467,6 +468,11 @@ public:
std::unordered_map<ULONG_PTR, MappedPe> mappedFiles; std::unordered_map<ULONG_PTR, MappedPe> mappedFiles;
//PE //PE
bool StaticFileLoad(const char* szFileName, DWORD DesiredAccess, bool SimulateLoad, LPHANDLE FileHandle, LPDWORD LoadedSize, LPHANDLE FileMap, PULONG_PTR FileMapVA)
{
return StaticFileLoadW(Utf8ToUtf16(szFileName).c_str(), DesiredAccess, SimulateLoad, FileHandle, LoadedSize, FileMap, FileMapVA);
}
bool StaticFileLoadW(const wchar_t* szFileName, DWORD DesiredAccess, bool SimulateLoad, LPHANDLE FileHandle, LPDWORD LoadedSize, LPHANDLE FileMap, PULONG_PTR FileMapVA) bool StaticFileLoadW(const wchar_t* szFileName, DWORD DesiredAccess, bool SimulateLoad, LPHANDLE FileHandle, LPDWORD LoadedSize, LPHANDLE FileMap, PULONG_PTR FileMapVA)
{ {
auto file = new ::FileMap<unsigned char>; auto file = new ::FileMap<unsigned char>;
@ -594,6 +600,11 @@ public:
: GetPE32DataW_impl(found->second.pe->GetNtHeaders32(), WhichSection, WhichData, sections); : GetPE32DataW_impl(found->second.pe->GetNtHeaders32(), WhichSection, WhichData, sections);
} }
ULONG_PTR GetPE32Data(const char* szFileName, DWORD WhichSection, DWORD WhichData)
{
return GetPE32DataW(Utf8ToUtf16(szFileName).c_str(), WhichSection, WhichData);
}
ULONG_PTR GetPE32DataW(const wchar_t* szFileName, DWORD WhichSection, DWORD WhichData) ULONG_PTR GetPE32DataW(const wchar_t* szFileName, DWORD WhichSection, DWORD WhichData)
{ {
FileMap<unsigned char> file; FileMap<unsigned char> file;

12
StaticEngine/TitanEngineEmulator.cpp
View File

@ -1,4 +1,4 @@
#include <windows.h> #include <Windows.h>
#include "Emulator.h" #include "Emulator.h"
Emulator emu; Emulator emu;
@ -172,6 +172,11 @@ __declspec(dllexport) void TITCALL Getx87FPURegisters(x87FPURegister_t x87FPUReg
} }
//PE //PE
__declspec(dllexport) bool TITCALL StaticFileLoad(const char* szFileName, DWORD DesiredAccess, bool SimulateLoad, LPHANDLE FileHandle, LPDWORD LoadedSize, LPHANDLE FileMap, PULONG_PTR FileMapVA)
{
return emu.StaticFileLoad(szFileName, DesiredAccess, SimulateLoad, FileHandle, LoadedSize, FileMap, FileMapVA);
}
__declspec(dllexport) bool TITCALL StaticFileLoadW(const wchar_t* szFileName, DWORD DesiredAccess, bool SimulateLoad, LPHANDLE FileHandle, LPDWORD LoadedSize, LPHANDLE FileMap, PULONG_PTR FileMapVA) __declspec(dllexport) bool TITCALL StaticFileLoadW(const wchar_t* szFileName, DWORD DesiredAccess, bool SimulateLoad, LPHANDLE FileHandle, LPDWORD LoadedSize, LPHANDLE FileMap, PULONG_PTR FileMapVA)
{ {
return emu.StaticFileLoadW(szFileName, DesiredAccess, SimulateLoad, FileHandle, LoadedSize, FileMap, FileMapVA); return emu.StaticFileLoadW(szFileName, DesiredAccess, SimulateLoad, FileHandle, LoadedSize, FileMap, FileMapVA);
@ -202,6 +207,11 @@ __declspec(dllexport) ULONG_PTR TITCALL GetPE32DataFromMappedFile(ULONG_PTR File
return emu.GetPE32DataFromMappedFile(FileMapVA, WhichSection, WhichData); return emu.GetPE32DataFromMappedFile(FileMapVA, WhichSection, WhichData);
} }
__declspec(dllexport) ULONG_PTR TITCALL GetPE32Data(const char* szFileName, DWORD WhichSection, DWORD WhichData)
{
return emu.GetPE32Data(szFileName, WhichSection, WhichData);
}
__declspec(dllexport) ULONG_PTR TITCALL GetPE32DataW(const wchar_t* szFileName, DWORD WhichSection, DWORD WhichData) __declspec(dllexport) ULONG_PTR TITCALL GetPE32DataW(const wchar_t* szFileName, DWORD WhichSection, DWORD WhichData)
{ {
return emu.GetPE32DataW(szFileName, WhichSection, WhichData); return emu.GetPE32DataW(szFileName, WhichSection, WhichData);

11
TitanEngineEmulator/Emulator.h
View File

@ -2,6 +2,7 @@
#include <GleeBug/Static.Pe.h> #include <GleeBug/Static.Pe.h>
#include <GleeBug/Static.Bufferfile.h> #include <GleeBug/Static.Bufferfile.h>
#include <GleeBug/Debugger.Thread.Registers.h> #include <GleeBug/Debugger.Thread.Registers.h>
#include <GleeBug/stringutils.h>
#include "TitanEngine.h" #include "TitanEngine.h"
#include "FileMap.h" #include "FileMap.h"
#include "PEB.h" #include "PEB.h"
@ -531,6 +532,11 @@ public:
std::unordered_map<ULONG_PTR, MappedPe> mappedFiles; std::unordered_map<ULONG_PTR, MappedPe> mappedFiles;
//PE //PE
bool StaticFileLoad(const char* szFileName, DWORD DesiredAccess, bool SimulateLoad, LPHANDLE FileHandle, LPDWORD LoadedSize, LPHANDLE FileMap, PULONG_PTR FileMapVA)
{
return StaticFileLoadW(Utf8ToUtf16(szFileName).c_str(), DesiredAccess, SimulateLoad, FileHandle, LoadedSize, FileMap, FileMapVA);
}
bool StaticFileLoadW(const wchar_t* szFileName, DWORD DesiredAccess, bool SimulateLoad, LPHANDLE FileHandle, LPDWORD LoadedSize, LPHANDLE FileMap, PULONG_PTR FileMapVA) bool StaticFileLoadW(const wchar_t* szFileName, DWORD DesiredAccess, bool SimulateLoad, LPHANDLE FileHandle, LPDWORD LoadedSize, LPHANDLE FileMap, PULONG_PTR FileMapVA)
{ {
auto file = new ::FileMap<unsigned char>; auto file = new ::FileMap<unsigned char>;
@ -655,6 +661,11 @@ public:
: GetPE32DataW_impl(found->second.pe->GetNtHeaders32(), WhichSection, WhichData, sections); : GetPE32DataW_impl(found->second.pe->GetNtHeaders32(), WhichSection, WhichData, sections);
} }
ULONG_PTR GetPE32Data(const char* szFileName, DWORD WhichSection, DWORD WhichData)
{
return GetPE32DataW(Utf8ToUtf16(szFileName).c_str(), WhichSection, WhichData);
}
ULONG_PTR GetPE32DataW(const wchar_t* szFileName, DWORD WhichSection, DWORD WhichData) ULONG_PTR GetPE32DataW(const wchar_t* szFileName, DWORD WhichSection, DWORD WhichData)
{ {
FileMap<unsigned char> file; FileMap<unsigned char> file;

10
TitanEngineEmulator/TitanEngineEmulator.cpp
View File

@ -172,6 +172,11 @@ __declspec(dllexport) void TITCALL Getx87FPURegisters(x87FPURegister_t x87FPUReg
} }
//PE //PE
__declspec(dllexport) bool TITCALL StaticFileLoad(const char* szFileName, DWORD DesiredAccess, bool SimulateLoad, LPHANDLE FileHandle, LPDWORD LoadedSize, LPHANDLE FileMap, PULONG_PTR FileMapVA)
{
return emu.StaticFileLoad(szFileName, DesiredAccess, SimulateLoad, FileHandle, LoadedSize, FileMap, FileMapVA);
}
__declspec(dllexport) bool TITCALL StaticFileLoadW(const wchar_t* szFileName, DWORD DesiredAccess, bool SimulateLoad, LPHANDLE FileHandle, LPDWORD LoadedSize, LPHANDLE FileMap, PULONG_PTR FileMapVA) __declspec(dllexport) bool TITCALL StaticFileLoadW(const wchar_t* szFileName, DWORD DesiredAccess, bool SimulateLoad, LPHANDLE FileHandle, LPDWORD LoadedSize, LPHANDLE FileMap, PULONG_PTR FileMapVA)
{ {
return emu.StaticFileLoadW(szFileName, DesiredAccess, SimulateLoad, FileHandle, LoadedSize, FileMap, FileMapVA); return emu.StaticFileLoadW(szFileName, DesiredAccess, SimulateLoad, FileHandle, LoadedSize, FileMap, FileMapVA);
@ -202,6 +207,11 @@ __declspec(dllexport) ULONG_PTR TITCALL GetPE32DataFromMappedFile(ULONG_PTR File
return emu.GetPE32DataFromMappedFile(FileMapVA, WhichSection, WhichData); return emu.GetPE32DataFromMappedFile(FileMapVA, WhichSection, WhichData);
} }
__declspec(dllexport) ULONG_PTR TITCALL GetPE32Data(const char* szFileName, DWORD WhichSection, DWORD WhichData)
{
return emu.GetPE32Data(szFileName, WhichSection, WhichData);
}
__declspec(dllexport) ULONG_PTR TITCALL GetPE32DataW(const wchar_t* szFileName, DWORD WhichSection, DWORD WhichData) __declspec(dllexport) ULONG_PTR TITCALL GetPE32DataW(const wchar_t* szFileName, DWORD WhichSection, DWORD WhichData)
{ {
return emu.GetPE32DataW(szFileName, WhichSection, WhichData); return emu.GetPE32DataW(szFileName, WhichSection, WhichData);