mirror of https://github.com/x64dbg/TitanEngine
- TitanEngine.Debugger now uses dynamic lists
- TitanEngine.Librarian now uses dynamic lists
This commit is contained in:
parent
bc7906460c
commit
2770c22838
|
|
@ -26,7 +26,7 @@ DEBUG_EVENT TerminateDBGEvent = {};
|
|||
DWORD ProcessExitCode = 0;
|
||||
HANDLE DBGFileHandle;
|
||||
ULONG_PTR tlsCallBackList[100];
|
||||
LPVOID hListProcess = 0;
|
||||
std::vector<PROCESS_ITEM_DATA> hListProcess;
|
||||
int engineStepCount = INFINITE;
|
||||
LPVOID engineStepCallBack = NULL;
|
||||
bool engineStepActive = false;
|
||||
|
|
@ -65,3 +65,8 @@ void DebuggerReset()
|
|||
RtlZeroMemory(&myDBGCustomHandler, sizeof CustomHandler);
|
||||
}
|
||||
}
|
||||
|
||||
void ClearProcessList()
|
||||
{
|
||||
std::vector<PROCESS_ITEM_DATA>().swap(hListProcess);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,6 +1,8 @@
|
|||
#ifndef _GLOBAL_DEBUGGER_H
|
||||
#define _GLOBAL_DEBUGGER_H
|
||||
|
||||
#include <vector>
|
||||
|
||||
extern HARDWARE_DATA DebugRegister[4];
|
||||
extern PROCESS_INFORMATION dbgProcessInformation;
|
||||
extern CustomHandler myDBGCustomHandler;
|
||||
|
|
@ -24,7 +26,7 @@ extern DEBUG_EVENT TerminateDBGEvent;
|
|||
extern DWORD ProcessExitCode;
|
||||
extern HANDLE DBGFileHandle;
|
||||
extern ULONG_PTR tlsCallBackList[100];
|
||||
extern LPVOID hListProcess;
|
||||
extern std::vector<PROCESS_ITEM_DATA> hListProcess;
|
||||
extern int engineStepCount;
|
||||
extern LPVOID engineStepCallBack;
|
||||
extern bool engineStepActive;
|
||||
|
|
@ -36,5 +38,6 @@ extern LPVOID engineAttachedProcessDebugInfo;
|
|||
|
||||
long DebugLoopInSecondThread(LPVOID InputParameter);
|
||||
void DebuggerReset();
|
||||
void ClearProcessList();
|
||||
|
||||
#endif //_GLOBAL_DEBUGGER_H
|
||||
|
|
@ -3,6 +3,10 @@
|
|||
#include "Global.Librarian.h"
|
||||
|
||||
// Global.Engine.Librarian:
|
||||
LIBRARY_ITEM_DATA LibraryInfoData = {};
|
||||
LPVOID LibrarianData = VirtualAlloc(NULL, MAX_LIBRARY_BPX * sizeof LIBRARY_BREAK_DATA, MEM_COMMIT, PAGE_READWRITE);
|
||||
LPVOID hListLibrary = 0;
|
||||
std::vector<LIBRARY_ITEM_DATAW> hListLibrary;
|
||||
std::vector<LIBRARY_BREAK_DATA> LibrarianData;
|
||||
|
||||
void ClearLibraryList()
|
||||
{
|
||||
std::vector<LIBRARY_ITEM_DATAW>().swap(hListLibrary);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,8 +1,11 @@
|
|||
#ifndef _GLOBAL_LIBRARIAN_H
|
||||
#define _GLOBAL_LIBRARIAN_H
|
||||
|
||||
extern LIBRARY_ITEM_DATA LibraryInfoData;
|
||||
extern LPVOID LibrarianData;
|
||||
extern LPVOID hListLibrary;
|
||||
#include <vector>
|
||||
|
||||
extern std::vector<LIBRARY_ITEM_DATAW> hListLibrary;
|
||||
extern std::vector<LIBRARY_BREAK_DATA> LibrarianData;
|
||||
|
||||
void ClearLibraryList();
|
||||
|
||||
#endif //_GLOBAL_LIBRARIAN_H
|
||||
|
|
@ -8,54 +8,35 @@
|
|||
|
||||
__declspec(dllexport) void TITCALL ForceClose()
|
||||
{
|
||||
/*wchar_t szTempName[MAX_PATH];
|
||||
wchar_t szTempFolder[MAX_PATH];*/
|
||||
PPROCESS_ITEM_DATA hListProcessPtr = NULL;
|
||||
PTHREAD_ITEM_DATA hListThreadPtr = NULL;
|
||||
PLIBRARY_ITEM_DATAW hListLibraryPtr = NULL;
|
||||
//manage lists
|
||||
if(hListProcess != NULL)
|
||||
//manage process list
|
||||
int processcount=hListProcess.size();
|
||||
for(int i=0; i<processcount; i++)
|
||||
{
|
||||
hListProcessPtr = (PPROCESS_ITEM_DATA)hListProcess;
|
||||
while(hListProcessPtr->hProcess != NULL)
|
||||
{
|
||||
__try
|
||||
{
|
||||
EngineCloseHandle(hListProcessPtr->hFile);
|
||||
EngineCloseHandle(hListProcessPtr->hProcess);
|
||||
}
|
||||
__except(EXCEPTION_EXECUTE_HANDLER)
|
||||
{
|
||||
|
||||
}
|
||||
hListProcessPtr = (PPROCESS_ITEM_DATA)((ULONG_PTR)hListProcessPtr + sizeof PROCESS_ITEM_DATA);
|
||||
}
|
||||
RtlZeroMemory(hListProcess, MAX_DEBUG_DATA * sizeof PROCESS_ITEM_DATA);
|
||||
EngineCloseHandle(hListProcess.at(i).hFile);
|
||||
EngineCloseHandle(hListProcess.at(i).hProcess);
|
||||
}
|
||||
|
||||
ClearProcessList();
|
||||
//manage thread list
|
||||
int threadcount=hListThread.size();
|
||||
for(int i=threadcount-1; i>-1; i--)
|
||||
for(int i=0; i<threadcount; i++)
|
||||
EngineCloseHandle(hListThread.at(i).hThread);
|
||||
ClearThreadList();
|
||||
|
||||
if(hListLibrary != NULL)
|
||||
//manage library list
|
||||
int libcount=hListLibrary.size();
|
||||
for(int i=0; i<libcount; i++)
|
||||
{
|
||||
hListLibraryPtr = (PLIBRARY_ITEM_DATAW)hListLibrary;
|
||||
while(hListLibraryPtr->hFile != NULL)
|
||||
if(hListLibrary.at(i).hFile != (HANDLE)-1)
|
||||
{
|
||||
if(hListLibraryPtr->hFile != (HANDLE)-1)
|
||||
if(hListLibrary.at(i).hFileMappingView != NULL)
|
||||
{
|
||||
if(hListLibraryPtr->hFileMappingView != NULL)
|
||||
{
|
||||
UnmapViewOfFile(hListLibraryPtr->hFileMappingView);
|
||||
EngineCloseHandle(hListLibraryPtr->hFileMapping);
|
||||
}
|
||||
EngineCloseHandle(hListLibraryPtr->hFile);
|
||||
UnmapViewOfFile(hListLibrary.at(i).hFileMappingView);
|
||||
EngineCloseHandle(hListLibrary.at(i).hFileMapping);
|
||||
}
|
||||
hListLibraryPtr = (PLIBRARY_ITEM_DATAW)((ULONG_PTR)hListLibraryPtr + sizeof LIBRARY_ITEM_DATAW);
|
||||
EngineCloseHandle(hListLibrary.at(i).hFile);
|
||||
}
|
||||
RtlZeroMemory(hListLibrary, MAX_DEBUG_DATA * sizeof LIBRARY_ITEM_DATAW);
|
||||
}
|
||||
ClearLibraryList();
|
||||
|
||||
if(!engineProcessIsNowDetached)
|
||||
{
|
||||
StopDebug();
|
||||
|
|
|
|||
|
|
@ -17,23 +17,16 @@ static DWORD engineWaitForDebugEventTimeOut = INFINITE;
|
|||
|
||||
__declspec(dllexport) void TITCALL DebugLoop()
|
||||
{
|
||||
int j = NULL;
|
||||
int k = NULL;
|
||||
bool FirstBPX = true;
|
||||
bool ResetBPX = false;
|
||||
bool BreakDBG = false;
|
||||
bool ResetHwBPX = false;
|
||||
bool ResetMemBPX = false;
|
||||
bool CompareResult = false;
|
||||
bool SecondChance = false;
|
||||
ULONG_PTR CmpValue1 = NULL;
|
||||
ULONG_PTR CmpValue2 = NULL;
|
||||
bool hListProcessFirst = true;
|
||||
bool hListThreadFirst = true;
|
||||
bool hListLibraryFirst = true;
|
||||
PPROCESS_ITEM_DATA hListProcessPtr = NULL;
|
||||
//PTHREAD_ITEM_DATA hListThreadPtr = NULL;
|
||||
PLIBRARY_ITEM_DATAW hListLibraryPtr = NULL;
|
||||
bool MemoryBpxFound = false;
|
||||
PLIBRARY_ITEM_DATAW hLoadedLibData = NULL;
|
||||
PLIBRARY_BREAK_DATA ptrLibrarianData = NULL;
|
||||
typedef void(TITCALL *fCustomBreakPoint)(void);
|
||||
|
|
@ -46,7 +39,6 @@ __declspec(dllexport) void TITCALL DebugLoop()
|
|||
ULONG_PTR ResetBPXAddressTo = 0;
|
||||
ULONG_PTR ResetMemBPXAddress = 0;
|
||||
SIZE_T ResetMemBPXSize = 0;
|
||||
//int MaximumBreakPoints = 0;
|
||||
ULONG_PTR NumberOfBytesReadWritten = 0;
|
||||
MEMORY_BASIC_INFORMATION MemInfo;
|
||||
HANDLE hActiveThread;
|
||||
|
|
@ -61,7 +53,7 @@ __declspec(dllexport) void TITCALL DebugLoop()
|
|||
HANDLE hFileMapping;
|
||||
LPVOID hFileMappingView;
|
||||
LPVOID DBGEntryPoint;
|
||||
bool MemoryBpxFound = false;
|
||||
|
||||
wchar_t* szTranslatedNativeName;
|
||||
|
||||
DBGFileHandle = NULL;
|
||||
|
|
@ -73,9 +65,9 @@ __declspec(dllexport) void TITCALL DebugLoop()
|
|||
DebugRegister[3].DrxEnabled = false;
|
||||
engineProcessIsNowDetached = false;
|
||||
engineResumeProcessIfNoThreadIsActive = false;
|
||||
RtlZeroMemory(&DBGEvent, sizeof DEBUG_EVENT);
|
||||
RtlZeroMemory(&TerminateDBGEvent, sizeof DEBUG_EVENT);
|
||||
RtlZeroMemory(&DLLDebugFileName, 512);
|
||||
memset(&DBGEvent, 0, sizeof(DEBUG_EVENT));
|
||||
memset(&TerminateDBGEvent, 0, sizeof(DEBUG_EVENT));
|
||||
memset(&DLLDebugFileName, 0, sizeof(DLLDebugFileName));
|
||||
ExtensionManagerPluginResetCallBack();
|
||||
engineFileIsBeingDebugged = true;
|
||||
if(engineExecutePluginCallBack)
|
||||
|
|
@ -131,30 +123,14 @@ __declspec(dllexport) void TITCALL DebugLoop()
|
|||
VirtualAllocEx(dbgProcessInformation.hProcess, (void*)DebugReserveModuleBase, 0x1000, MEM_RESERVE, PAGE_READWRITE); //return value nt used, yea just ignore. return value doesnt matter and there is no possible fix when failed :D this is only used to make sure DLL loads on another image base
|
||||
}
|
||||
}
|
||||
if(hListProcess == NULL)
|
||||
{
|
||||
hListProcess = VirtualAlloc(NULL, MAX_DEBUG_DATA * sizeof PROCESS_ITEM_DATA, MEM_COMMIT, PAGE_READWRITE);
|
||||
}
|
||||
else
|
||||
{
|
||||
if(hListProcessFirst == true)
|
||||
{
|
||||
RtlZeroMemory(hListProcess, MAX_DEBUG_DATA * sizeof PROCESS_ITEM_DATA);
|
||||
}
|
||||
}
|
||||
if(hListProcessFirst) //clear process list
|
||||
ClearProcessList();
|
||||
hListProcessFirst = false;
|
||||
|
||||
if(hListThreadFirst) //clear thread list
|
||||
ClearThreadList();
|
||||
|
||||
hListProcessPtr = (PPROCESS_ITEM_DATA)hListProcess;
|
||||
hListProcessPtr->hFile = DBGEvent.u.CreateProcessInfo.hFile;
|
||||
hListProcessPtr->hProcess = DBGEvent.u.CreateProcessInfo.hProcess;
|
||||
hListProcessPtr->hThread = DBGEvent.u.CreateProcessInfo.hThread;
|
||||
hListProcessPtr->dwProcessId = DBGEvent.dwProcessId;
|
||||
hListProcessPtr->dwThreadId = DBGEvent.dwThreadId;
|
||||
hListProcessPtr->BaseOfImage = (void*)DBGEvent.u.CreateProcessInfo.lpBaseOfImage;
|
||||
hListProcessPtr->ThreadStartAddress = (void*)DBGEvent.u.CreateProcessInfo.lpStartAddress;
|
||||
hListProcessPtr->ThreadLocalBase = (void*)DBGEvent.u.CreateProcessInfo.lpThreadLocalBase;
|
||||
|
||||
hListThreadFirst = false;
|
||||
//update thread list
|
||||
THREAD_ITEM_DATA NewThreadData;
|
||||
memset(&NewThreadData, 0, sizeof(THREAD_ITEM_DATA));
|
||||
NewThreadData.dwThreadId = DBGEvent.dwThreadId;
|
||||
|
|
@ -162,28 +138,19 @@ __declspec(dllexport) void TITCALL DebugLoop()
|
|||
NewThreadData.ThreadStartAddress = (void*)DBGEvent.u.CreateProcessInfo.lpStartAddress;
|
||||
NewThreadData.ThreadLocalBase = (void*)DBGEvent.u.CreateProcessInfo.lpThreadLocalBase;
|
||||
hListThread.push_back(NewThreadData);
|
||||
hListThreadFirst = false;
|
||||
}
|
||||
else //we have a valid handle already (which means a child process started)
|
||||
{
|
||||
hListProcessPtr = (PPROCESS_ITEM_DATA)hListProcess;
|
||||
while(hListProcessPtr->hProcess != NULL)
|
||||
{
|
||||
hListProcessPtr = (PPROCESS_ITEM_DATA)((ULONG_PTR)hListProcessPtr + sizeof PROCESS_ITEM_DATA);
|
||||
}
|
||||
if(hListProcessPtr->hProcess == NULL)
|
||||
{
|
||||
hListProcessPtr->hFile = DBGEvent.u.CreateProcessInfo.hFile;
|
||||
hListProcessPtr->hProcess = DBGEvent.u.CreateProcessInfo.hProcess;
|
||||
hListProcessPtr->hThread = DBGEvent.u.CreateProcessInfo.hThread;
|
||||
hListProcessPtr->dwProcessId = DBGEvent.dwProcessId;
|
||||
hListProcessPtr->dwThreadId = DBGEvent.dwThreadId;
|
||||
hListProcessPtr->BaseOfImage = (void*)DBGEvent.u.CreateProcessInfo.lpBaseOfImage;
|
||||
hListProcessPtr->ThreadStartAddress = (void*)DBGEvent.u.CreateProcessInfo.lpStartAddress;
|
||||
hListProcessPtr->ThreadLocalBase = (void*)DBGEvent.u.CreateProcessInfo.lpThreadLocalBase;
|
||||
hListProcessFirst = false;
|
||||
}
|
||||
}
|
||||
//update process list
|
||||
PROCESS_ITEM_DATA NewProcessItem;
|
||||
memset(&NewProcessItem, 0, sizeof(PROCESS_ITEM_DATA));
|
||||
NewProcessItem.hFile = DBGEvent.u.CreateProcessInfo.hFile;
|
||||
NewProcessItem.hProcess = DBGEvent.u.CreateProcessInfo.hProcess;
|
||||
NewProcessItem.hThread = DBGEvent.u.CreateProcessInfo.hThread;
|
||||
NewProcessItem.dwProcessId = DBGEvent.dwProcessId;
|
||||
NewProcessItem.dwThreadId = DBGEvent.dwThreadId;
|
||||
NewProcessItem.BaseOfImage = (void*)DBGEvent.u.CreateProcessInfo.lpBaseOfImage;
|
||||
NewProcessItem.ThreadStartAddress = (void*)DBGEvent.u.CreateProcessInfo.lpStartAddress;
|
||||
NewProcessItem.ThreadLocalBase = (void*)DBGEvent.u.CreateProcessInfo.lpThreadLocalBase;
|
||||
hListProcess.push_back(NewProcessItem);
|
||||
|
||||
//process created callback
|
||||
if(DBGCustomHandler->chCreateProcess != NULL)
|
||||
|
|
@ -297,40 +264,26 @@ __declspec(dllexport) void TITCALL DebugLoop()
|
|||
case LOAD_DLL_DEBUG_EVENT:
|
||||
{
|
||||
//maintain library list
|
||||
if(hListLibrary == NULL)
|
||||
{
|
||||
hListLibrary = VirtualAlloc(NULL, MAX_DEBUG_DATA * sizeof LIBRARY_ITEM_DATAW, MEM_COMMIT, PAGE_READWRITE);
|
||||
}
|
||||
else
|
||||
{
|
||||
if(hListLibraryFirst == true)
|
||||
{
|
||||
RtlZeroMemory(hListLibrary, MAX_DEBUG_DATA * sizeof LIBRARY_ITEM_DATAW);
|
||||
}
|
||||
}
|
||||
if(hListLibraryFirst)
|
||||
ClearLibraryList();
|
||||
hListLibraryFirst = false;
|
||||
hListLibraryPtr = (PLIBRARY_ITEM_DATAW)hListLibrary;
|
||||
while(hListLibraryPtr->hFile != NULL)
|
||||
{
|
||||
hListLibraryPtr = (PLIBRARY_ITEM_DATAW)((ULONG_PTR)hListLibraryPtr + sizeof LIBRARY_ITEM_DATAW);
|
||||
}
|
||||
hListLibraryPtr->hFile = DBGEvent.u.LoadDll.hFile;
|
||||
hListLibraryPtr->BaseOfDll = DBGEvent.u.LoadDll.lpBaseOfDll;
|
||||
LIBRARY_ITEM_DATAW NewLibraryData;
|
||||
memset(&NewLibraryData, 0, sizeof(LIBRARY_ITEM_DATAW));
|
||||
NewLibraryData.hFile = DBGEvent.u.LoadDll.hFile;
|
||||
NewLibraryData.BaseOfDll = DBGEvent.u.LoadDll.lpBaseOfDll;
|
||||
hFileMapping = CreateFileMappingA(DBGEvent.u.LoadDll.hFile, NULL, PAGE_READONLY, NULL, GetFileSize(DBGEvent.u.LoadDll.hFile, NULL), NULL);
|
||||
if(hFileMapping != NULL)
|
||||
{
|
||||
hFileMappingView = MapViewOfFile(hFileMapping, FILE_MAP_READ, NULL, NULL, NULL);
|
||||
if(hFileMappingView != NULL)
|
||||
{
|
||||
hListLibraryPtr->hFileMapping = hFileMapping;
|
||||
hListLibraryPtr->hFileMappingView = hFileMappingView;
|
||||
NewLibraryData.hFileMapping = hFileMapping;
|
||||
NewLibraryData.hFileMappingView = hFileMappingView;
|
||||
if(GetMappedFileNameW(GetCurrentProcess(), hFileMappingView, DLLDebugFileName, sizeof(DLLDebugFileName)/sizeof(DLLDebugFileName[0])) > NULL)
|
||||
{
|
||||
int i = lstrlenW(DLLDebugFileName);
|
||||
while(DLLDebugFileName[i] != 0x5C && i >= NULL)
|
||||
{
|
||||
while(DLLDebugFileName[i]!='\\' && i)
|
||||
i--;
|
||||
}
|
||||
if(DebugDebuggingDLL)
|
||||
{
|
||||
if(lstrcmpiW(&DLLDebugFileName[i+1], DebugDebuggingDLLFileName) == NULL)
|
||||
|
|
@ -353,42 +306,36 @@ __declspec(dllexport) void TITCALL DebugLoop()
|
|||
engineFakeDLLHandle = (ULONG_PTR)DBGEvent.u.LoadDll.lpBaseOfDll;
|
||||
}
|
||||
}
|
||||
lstrcpyW(hListLibraryPtr->szLibraryName, &DLLDebugFileName[i+1]);
|
||||
lstrcpyW(NewLibraryData.szLibraryName, &DLLDebugFileName[i+1]);
|
||||
szTranslatedNativeName = (wchar_t*)TranslateNativeNameW(DLLDebugFileName);
|
||||
lstrcpyW(hListLibraryPtr->szLibraryPath, szTranslatedNativeName);
|
||||
lstrcpyW(NewLibraryData.szLibraryPath, szTranslatedNativeName);
|
||||
VirtualFree((void*)szTranslatedNativeName, NULL, MEM_RELEASE);
|
||||
RtlZeroMemory(szAnsiLibraryName, sizeof szAnsiLibraryName);
|
||||
WideCharToMultiByte(CP_ACP, NULL, hListLibraryPtr->szLibraryName, -1, szAnsiLibraryName, sizeof szAnsiLibraryName, NULL, NULL);
|
||||
ptrLibrarianData = (PLIBRARY_BREAK_DATA)LibrarianData;
|
||||
k = NULL;
|
||||
if(ptrLibrarianData != NULL)
|
||||
RtlZeroMemory(szAnsiLibraryName, sizeof(szAnsiLibraryName));
|
||||
WideCharToMultiByte(CP_ACP, NULL, NewLibraryData.szLibraryName, -1, szAnsiLibraryName, sizeof szAnsiLibraryName, NULL, NULL);
|
||||
|
||||
//library breakpoint
|
||||
int libbpcount=LibrarianData.size();
|
||||
for(int i=libbpcount-1; i>-1; i--)
|
||||
{
|
||||
while(k < MAX_LIBRARY_BPX)
|
||||
ptrLibrarianData=&LibrarianData.at(i);
|
||||
if(!lstrcmpiA(ptrLibrarianData->szLibraryName, szAnsiLibraryName))
|
||||
{
|
||||
if(ptrLibrarianData->szLibraryName[0] != 0x00)
|
||||
if(ptrLibrarianData->bpxType == UE_ON_LIB_LOAD || ptrLibrarianData->bpxType == UE_ON_LIB_ALL)
|
||||
{
|
||||
if(lstrcmpiA(ptrLibrarianData->szLibraryName, szAnsiLibraryName) == NULL)
|
||||
myCustomHandler = (fCustomHandler)(ptrLibrarianData->bpxCallBack);
|
||||
__try
|
||||
{
|
||||
if(ptrLibrarianData->bpxType == UE_ON_LIB_LOAD || ptrLibrarianData->bpxType == UE_ON_LIB_ALL)
|
||||
{
|
||||
myCustomHandler = (fCustomHandler)(ptrLibrarianData->bpxCallBack);
|
||||
__try
|
||||
{
|
||||
myCustomHandler(&DBGEvent.u.LoadDll);
|
||||
}
|
||||
__except(EXCEPTION_EXECUTE_HANDLER)
|
||||
{
|
||||
LibrarianRemoveBreakPoint(ptrLibrarianData->szLibraryName, ptrLibrarianData->bpxType);
|
||||
}
|
||||
if(ptrLibrarianData->bpxSingleShoot)
|
||||
{
|
||||
LibrarianRemoveBreakPoint(ptrLibrarianData->szLibraryName, ptrLibrarianData->bpxType);
|
||||
}
|
||||
}
|
||||
myCustomHandler(&DBGEvent.u.LoadDll);
|
||||
}
|
||||
__except(EXCEPTION_EXECUTE_HANDLER)
|
||||
{
|
||||
LibrarianRemoveBreakPoint(ptrLibrarianData->szLibraryName, ptrLibrarianData->bpxType);
|
||||
}
|
||||
if(ptrLibrarianData->bpxSingleShoot)
|
||||
{
|
||||
LibrarianRemoveBreakPoint(ptrLibrarianData->szLibraryName, ptrLibrarianData->bpxType);
|
||||
}
|
||||
}
|
||||
ptrLibrarianData = (PLIBRARY_BREAK_DATA)((ULONG_PTR)ptrLibrarianData + sizeof LIBRARY_BREAK_DATA);
|
||||
k++;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
@ -426,65 +373,53 @@ __declspec(dllexport) void TITCALL DebugLoop()
|
|||
}
|
||||
}
|
||||
|
||||
//maintain library list
|
||||
k = NULL;
|
||||
ptrLibrarianData = (PLIBRARY_BREAK_DATA)LibrarianData;
|
||||
//library breakpoint
|
||||
hLoadedLibData = (PLIBRARY_ITEM_DATAW)LibrarianGetLibraryInfoEx(DBGEvent.u.UnloadDll.lpBaseOfDll);
|
||||
if(hLoadedLibData != NULL)
|
||||
if(hLoadedLibData)
|
||||
{
|
||||
RtlZeroMemory(szAnsiLibraryName, sizeof szAnsiLibraryName);
|
||||
RtlZeroMemory(szAnsiLibraryName, sizeof(szAnsiLibraryName));
|
||||
WideCharToMultiByte(CP_ACP, NULL, hLoadedLibData->szLibraryName, -1, szAnsiLibraryName, sizeof szAnsiLibraryName, NULL, NULL);
|
||||
if(ptrLibrarianData != NULL)
|
||||
int libbpcount=LibrarianData.size();
|
||||
for(int i=libbpcount-1; i>-1; i--)
|
||||
{
|
||||
while(k < MAX_LIBRARY_BPX)
|
||||
ptrLibrarianData=&LibrarianData.at(i);
|
||||
if(!lstrcmpiA(ptrLibrarianData->szLibraryName, szAnsiLibraryName))
|
||||
{
|
||||
if(ptrLibrarianData->szLibraryName[0] != 0x00)
|
||||
if(ptrLibrarianData->bpxType == UE_ON_LIB_UNLOAD || ptrLibrarianData->bpxType == UE_ON_LIB_ALL)
|
||||
{
|
||||
if(lstrcmpiA(ptrLibrarianData->szLibraryName, szAnsiLibraryName) == NULL)
|
||||
myCustomHandler = (fCustomHandler)(ptrLibrarianData->bpxCallBack);
|
||||
__try
|
||||
{
|
||||
if(ptrLibrarianData->bpxType == UE_ON_LIB_UNLOAD || ptrLibrarianData->bpxType == UE_ON_LIB_ALL)
|
||||
{
|
||||
myCustomHandler = (fCustomHandler)(ptrLibrarianData->bpxCallBack);
|
||||
__try
|
||||
{
|
||||
myCustomHandler(&DBGEvent.u.UnloadDll);
|
||||
}
|
||||
__except(EXCEPTION_EXECUTE_HANDLER)
|
||||
{
|
||||
LibrarianRemoveBreakPoint(ptrLibrarianData->szLibraryName, ptrLibrarianData->bpxType);
|
||||
}
|
||||
if(ptrLibrarianData->bpxSingleShoot)
|
||||
{
|
||||
LibrarianRemoveBreakPoint(ptrLibrarianData->szLibraryName, ptrLibrarianData->bpxType);
|
||||
}
|
||||
}
|
||||
myCustomHandler(&DBGEvent.u.UnloadDll);
|
||||
}
|
||||
__except(EXCEPTION_EXECUTE_HANDLER)
|
||||
{
|
||||
LibrarianRemoveBreakPoint(ptrLibrarianData->szLibraryName, ptrLibrarianData->bpxType);
|
||||
}
|
||||
if(ptrLibrarianData->bpxSingleShoot)
|
||||
{
|
||||
LibrarianRemoveBreakPoint(ptrLibrarianData->szLibraryName, ptrLibrarianData->bpxType);
|
||||
}
|
||||
}
|
||||
ptrLibrarianData = (PLIBRARY_BREAK_DATA)((ULONG_PTR)ptrLibrarianData + sizeof LIBRARY_BREAK_DATA);
|
||||
k++;
|
||||
}
|
||||
}
|
||||
}
|
||||
hListLibraryPtr = (PLIBRARY_ITEM_DATAW)hListLibrary;
|
||||
if(hListLibraryPtr != NULL)
|
||||
|
||||
//maintain library list
|
||||
int libcount=hListLibrary.size();
|
||||
for(int i=0; i<libcount; i++)
|
||||
{
|
||||
while(hListLibraryPtr->hFile != NULL)
|
||||
if(hListLibrary.at(i).BaseOfDll == DBGEvent.u.UnloadDll.lpBaseOfDll &&
|
||||
hListLibrary.at(i).hFile != INVALID_HANDLE_VALUE)
|
||||
{
|
||||
if(hListLibraryPtr->BaseOfDll == DBGEvent.u.UnloadDll.lpBaseOfDll)
|
||||
if(hListLibrary.at(i).hFileMappingView != NULL)
|
||||
{
|
||||
if(hListLibraryPtr->hFile != (HANDLE)-1)
|
||||
{
|
||||
if(hListLibraryPtr->hFileMappingView != NULL)
|
||||
{
|
||||
UnmapViewOfFile(hListLibraryPtr->hFileMappingView);
|
||||
EngineCloseHandle(hListLibraryPtr->hFileMapping);
|
||||
}
|
||||
EngineCloseHandle(hListLibraryPtr->hFile);
|
||||
RtlZeroMemory(hListLibraryPtr, sizeof LIBRARY_ITEM_DATAW);
|
||||
hListLibraryPtr->hFile = (HANDLE)-1;
|
||||
}
|
||||
UnmapViewOfFile(hListLibrary.at(i).hFileMappingView);
|
||||
EngineCloseHandle(hListLibrary.at(i).hFileMapping);
|
||||
}
|
||||
hListLibraryPtr = (PLIBRARY_ITEM_DATAW)((ULONG_PTR)hListLibraryPtr + sizeof LIBRARY_ITEM_DATAW);
|
||||
EngineCloseHandle(hListLibrary.at(i).hFile);
|
||||
hListLibrary.erase(hListLibrary.begin()+i);
|
||||
break;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -127,7 +127,6 @@ __declspec(dllexport) long long TITCALL ImporterGetRemoteAPIAddressEx(char* szDL
|
|||
int i = 0;
|
||||
int j = 0;
|
||||
char szAnsiLibraryName[MAX_PATH];
|
||||
PLIBRARY_ITEM_DATAW hListLibraryPtr = NULL;
|
||||
ULONG_PTR APIFoundAddress = 0;
|
||||
PIMAGE_DOS_HEADER DOSHeader;
|
||||
PIMAGE_NT_HEADERS32 PEHeader32;
|
||||
|
|
@ -136,79 +135,77 @@ __declspec(dllexport) long long TITCALL ImporterGetRemoteAPIAddressEx(char* szDL
|
|||
PEXPORTED_DATA ExportedFunctions;
|
||||
PEXPORTED_DATA ExportedFunctionNames;
|
||||
PEXPORTED_DATA_WORD ExportedFunctionOrdinals;
|
||||
PLIBRARY_ITEM_DATAW hListLibraryPtr;
|
||||
bool FileIs64 = false;
|
||||
|
||||
hListLibraryPtr = (PLIBRARY_ITEM_DATAW)hListLibrary;
|
||||
if(hListLibraryPtr != NULL)
|
||||
int libcount=hListLibrary.size();
|
||||
for(int i=0; i<libcount; i++)
|
||||
{
|
||||
while(hListLibraryPtr->hFile != NULL)
|
||||
hListLibraryPtr=&hListLibrary.at(i);
|
||||
WideCharToMultiByte(CP_ACP, NULL, hListLibraryPtr->szLibraryName, -1, szAnsiLibraryName, sizeof szAnsiLibraryName, NULL, NULL);
|
||||
if(lstrcmpiA(szAnsiLibraryName, szDLLName) == NULL)
|
||||
{
|
||||
WideCharToMultiByte(CP_ACP, NULL, hListLibraryPtr->szLibraryName, -1, szAnsiLibraryName, sizeof szAnsiLibraryName, NULL, NULL);
|
||||
if(lstrcmpiA(szAnsiLibraryName, szDLLName) == NULL)
|
||||
__try
|
||||
{
|
||||
__try
|
||||
DOSHeader = (PIMAGE_DOS_HEADER)hListLibraryPtr->hFileMappingView;
|
||||
PEHeader32 = (PIMAGE_NT_HEADERS32)((ULONG_PTR)DOSHeader + DOSHeader->e_lfanew);
|
||||
PEHeader64 = (PIMAGE_NT_HEADERS64)((ULONG_PTR)DOSHeader + DOSHeader->e_lfanew);
|
||||
if(PEHeader32->OptionalHeader.Magic == 0x10B)
|
||||
{
|
||||
FileIs64 = false;
|
||||
}
|
||||
else if(PEHeader32->OptionalHeader.Magic == 0x20B)
|
||||
{
|
||||
FileIs64 = true;
|
||||
}
|
||||
else
|
||||
{
|
||||
return(NULL);
|
||||
}
|
||||
if(!FileIs64)
|
||||
{
|
||||
PEExports = (PIMAGE_EXPORT_DIRECTORY)((ULONG_PTR)ConvertVAtoFileOffsetEx((ULONG_PTR)hListLibraryPtr->hFileMappingView, GetFileSize(hListLibraryPtr->hFile, NULL), (ULONG_PTR)PEHeader32->OptionalHeader.ImageBase, PEHeader32->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_EXPORT].VirtualAddress, true, true));
|
||||
ExportedFunctions = (PEXPORTED_DATA)((ULONG_PTR)ConvertVAtoFileOffsetEx((ULONG_PTR)hListLibraryPtr->hFileMappingView, GetFileSize(hListLibraryPtr->hFile, NULL), (ULONG_PTR)PEHeader32->OptionalHeader.ImageBase, PEExports->AddressOfFunctions, true, true));
|
||||
ExportedFunctionNames = (PEXPORTED_DATA)((ULONG_PTR)ConvertVAtoFileOffsetEx((ULONG_PTR)hListLibraryPtr->hFileMappingView, GetFileSize(hListLibraryPtr->hFile, NULL), (ULONG_PTR)PEHeader32->OptionalHeader.ImageBase, PEExports->AddressOfNames, true, true));
|
||||
ExportedFunctionOrdinals = (PEXPORTED_DATA_WORD)((ULONG_PTR)ConvertVAtoFileOffsetEx((ULONG_PTR)hListLibraryPtr->hFileMappingView, GetFileSize(hListLibraryPtr->hFile, NULL), (ULONG_PTR)PEHeader32->OptionalHeader.ImageBase, PEExports->AddressOfNameOrdinals, true, true));
|
||||
}
|
||||
else
|
||||
{
|
||||
PEExports = (PIMAGE_EXPORT_DIRECTORY)((ULONG_PTR)ConvertVAtoFileOffsetEx((ULONG_PTR)hListLibraryPtr->hFileMappingView, GetFileSize(hListLibraryPtr->hFile, NULL), (ULONG_PTR)PEHeader64->OptionalHeader.ImageBase, PEHeader64->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_EXPORT].VirtualAddress, true, true));
|
||||
ExportedFunctions = (PEXPORTED_DATA)((ULONG_PTR)ConvertVAtoFileOffsetEx((ULONG_PTR)hListLibraryPtr->hFileMappingView, GetFileSize(hListLibraryPtr->hFile, NULL), (ULONG_PTR)PEHeader64->OptionalHeader.ImageBase, PEExports->AddressOfFunctions, true, true));
|
||||
ExportedFunctionNames = (PEXPORTED_DATA)((ULONG_PTR)ConvertVAtoFileOffsetEx((ULONG_PTR)hListLibraryPtr->hFileMappingView, GetFileSize(hListLibraryPtr->hFile, NULL), (ULONG_PTR)PEHeader64->OptionalHeader.ImageBase, PEExports->AddressOfNames, true, true));
|
||||
ExportedFunctionOrdinals = (PEXPORTED_DATA_WORD)((ULONG_PTR)ConvertVAtoFileOffsetEx((ULONG_PTR)hListLibraryPtr->hFileMappingView, GetFileSize(hListLibraryPtr->hFile, NULL), (ULONG_PTR)PEHeader64->OptionalHeader.ImageBase, PEExports->AddressOfNameOrdinals, true, true));
|
||||
}
|
||||
for(j = 0; j <= (int)PEExports->NumberOfNames; j++)
|
||||
{
|
||||
DOSHeader = (PIMAGE_DOS_HEADER)hListLibraryPtr->hFileMappingView;
|
||||
PEHeader32 = (PIMAGE_NT_HEADERS32)((ULONG_PTR)DOSHeader + DOSHeader->e_lfanew);
|
||||
PEHeader64 = (PIMAGE_NT_HEADERS64)((ULONG_PTR)DOSHeader + DOSHeader->e_lfanew);
|
||||
if(PEHeader32->OptionalHeader.Magic == 0x10B)
|
||||
{
|
||||
FileIs64 = false;
|
||||
}
|
||||
else if(PEHeader32->OptionalHeader.Magic == 0x20B)
|
||||
{
|
||||
FileIs64 = true;
|
||||
}
|
||||
else
|
||||
{
|
||||
return(NULL);
|
||||
}
|
||||
if(!FileIs64)
|
||||
{
|
||||
PEExports = (PIMAGE_EXPORT_DIRECTORY)((ULONG_PTR)ConvertVAtoFileOffsetEx((ULONG_PTR)hListLibraryPtr->hFileMappingView, GetFileSize(hListLibraryPtr->hFile, NULL), (ULONG_PTR)PEHeader32->OptionalHeader.ImageBase, PEHeader32->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_EXPORT].VirtualAddress, true, true));
|
||||
ExportedFunctions = (PEXPORTED_DATA)((ULONG_PTR)ConvertVAtoFileOffsetEx((ULONG_PTR)hListLibraryPtr->hFileMappingView, GetFileSize(hListLibraryPtr->hFile, NULL), (ULONG_PTR)PEHeader32->OptionalHeader.ImageBase, PEExports->AddressOfFunctions, true, true));
|
||||
ExportedFunctionNames = (PEXPORTED_DATA)((ULONG_PTR)ConvertVAtoFileOffsetEx((ULONG_PTR)hListLibraryPtr->hFileMappingView, GetFileSize(hListLibraryPtr->hFile, NULL), (ULONG_PTR)PEHeader32->OptionalHeader.ImageBase, PEExports->AddressOfNames, true, true));
|
||||
ExportedFunctionOrdinals = (PEXPORTED_DATA_WORD)((ULONG_PTR)ConvertVAtoFileOffsetEx((ULONG_PTR)hListLibraryPtr->hFileMappingView, GetFileSize(hListLibraryPtr->hFile, NULL), (ULONG_PTR)PEHeader32->OptionalHeader.ImageBase, PEExports->AddressOfNameOrdinals, true, true));
|
||||
if(lstrcmpiA((LPCSTR)szAPIName, (LPCSTR)((ULONG_PTR)ConvertVAtoFileOffsetEx((ULONG_PTR)hListLibraryPtr->hFileMappingView, GetFileSize(hListLibraryPtr->hFile, NULL), (ULONG_PTR)PEHeader32->OptionalHeader.ImageBase, ExportedFunctionNames->ExportedItem, true, true))) == NULL)
|
||||
{
|
||||
ExportedFunctionOrdinals = (PEXPORTED_DATA_WORD)((ULONG_PTR)ExportedFunctionOrdinals + j * 2);
|
||||
ExportedFunctions = (PEXPORTED_DATA)((ULONG_PTR)ExportedFunctions + (ExportedFunctionOrdinals->OrdinalNumber) * 4);
|
||||
APIFoundAddress = ExportedFunctions->ExportedItem + (ULONG_PTR)hListLibraryPtr->BaseOfDll;
|
||||
return((ULONG_PTR)APIFoundAddress);
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
PEExports = (PIMAGE_EXPORT_DIRECTORY)((ULONG_PTR)ConvertVAtoFileOffsetEx((ULONG_PTR)hListLibraryPtr->hFileMappingView, GetFileSize(hListLibraryPtr->hFile, NULL), (ULONG_PTR)PEHeader64->OptionalHeader.ImageBase, PEHeader64->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_EXPORT].VirtualAddress, true, true));
|
||||
ExportedFunctions = (PEXPORTED_DATA)((ULONG_PTR)ConvertVAtoFileOffsetEx((ULONG_PTR)hListLibraryPtr->hFileMappingView, GetFileSize(hListLibraryPtr->hFile, NULL), (ULONG_PTR)PEHeader64->OptionalHeader.ImageBase, PEExports->AddressOfFunctions, true, true));
|
||||
ExportedFunctionNames = (PEXPORTED_DATA)((ULONG_PTR)ConvertVAtoFileOffsetEx((ULONG_PTR)hListLibraryPtr->hFileMappingView, GetFileSize(hListLibraryPtr->hFile, NULL), (ULONG_PTR)PEHeader64->OptionalHeader.ImageBase, PEExports->AddressOfNames, true, true));
|
||||
ExportedFunctionOrdinals = (PEXPORTED_DATA_WORD)((ULONG_PTR)ConvertVAtoFileOffsetEx((ULONG_PTR)hListLibraryPtr->hFileMappingView, GetFileSize(hListLibraryPtr->hFile, NULL), (ULONG_PTR)PEHeader64->OptionalHeader.ImageBase, PEExports->AddressOfNameOrdinals, true, true));
|
||||
}
|
||||
for(j = 0; j <= (int)PEExports->NumberOfNames; j++)
|
||||
{
|
||||
if(!FileIs64)
|
||||
if(lstrcmpiA((LPCSTR)szAPIName, (LPCSTR)((ULONG_PTR)ConvertVAtoFileOffsetEx((ULONG_PTR)hListLibraryPtr->hFileMappingView, GetFileSize(hListLibraryPtr->hFile, NULL), (ULONG_PTR)PEHeader64->OptionalHeader.ImageBase, ExportedFunctionNames->ExportedItem, true, true))) == NULL)
|
||||
{
|
||||
if(lstrcmpiA((LPCSTR)szAPIName, (LPCSTR)((ULONG_PTR)ConvertVAtoFileOffsetEx((ULONG_PTR)hListLibraryPtr->hFileMappingView, GetFileSize(hListLibraryPtr->hFile, NULL), (ULONG_PTR)PEHeader32->OptionalHeader.ImageBase, ExportedFunctionNames->ExportedItem, true, true))) == NULL)
|
||||
{
|
||||
ExportedFunctionOrdinals = (PEXPORTED_DATA_WORD)((ULONG_PTR)ExportedFunctionOrdinals + j * 2);
|
||||
ExportedFunctions = (PEXPORTED_DATA)((ULONG_PTR)ExportedFunctions + (ExportedFunctionOrdinals->OrdinalNumber) * 4);
|
||||
APIFoundAddress = ExportedFunctions->ExportedItem + (ULONG_PTR)hListLibraryPtr->BaseOfDll;
|
||||
return((ULONG_PTR)APIFoundAddress);
|
||||
}
|
||||
ExportedFunctionOrdinals = (PEXPORTED_DATA_WORD)((ULONG_PTR)ExportedFunctionOrdinals + j * 2);
|
||||
ExportedFunctions = (PEXPORTED_DATA)((ULONG_PTR)ExportedFunctions + (ExportedFunctionOrdinals->OrdinalNumber) * 4);
|
||||
APIFoundAddress = ExportedFunctions->ExportedItem + (ULONG_PTR)hListLibraryPtr->BaseOfDll;
|
||||
return((ULONG_PTR)APIFoundAddress);
|
||||
}
|
||||
else
|
||||
{
|
||||
if(lstrcmpiA((LPCSTR)szAPIName, (LPCSTR)((ULONG_PTR)ConvertVAtoFileOffsetEx((ULONG_PTR)hListLibraryPtr->hFileMappingView, GetFileSize(hListLibraryPtr->hFile, NULL), (ULONG_PTR)PEHeader64->OptionalHeader.ImageBase, ExportedFunctionNames->ExportedItem, true, true))) == NULL)
|
||||
{
|
||||
ExportedFunctionOrdinals = (PEXPORTED_DATA_WORD)((ULONG_PTR)ExportedFunctionOrdinals + j * 2);
|
||||
ExportedFunctions = (PEXPORTED_DATA)((ULONG_PTR)ExportedFunctions + (ExportedFunctionOrdinals->OrdinalNumber) * 4);
|
||||
APIFoundAddress = ExportedFunctions->ExportedItem + (ULONG_PTR)hListLibraryPtr->BaseOfDll;
|
||||
return((ULONG_PTR)APIFoundAddress);
|
||||
}
|
||||
}
|
||||
ExportedFunctionNames = (PEXPORTED_DATA)((ULONG_PTR)ExportedFunctionNames + 4);
|
||||
}
|
||||
return(NULL);
|
||||
}
|
||||
__except(EXCEPTION_EXECUTE_HANDLER)
|
||||
{
|
||||
return(NULL);
|
||||
ExportedFunctionNames = (PEXPORTED_DATA)((ULONG_PTR)ExportedFunctionNames + 4);
|
||||
}
|
||||
return(NULL);
|
||||
}
|
||||
__except(EXCEPTION_EXECUTE_HANDLER)
|
||||
{
|
||||
return(NULL);
|
||||
}
|
||||
hListLibraryPtr = (PLIBRARY_ITEM_DATAW)((ULONG_PTR)hListLibraryPtr + sizeof LIBRARY_ITEM_DATAW);
|
||||
}
|
||||
}
|
||||
return(NULL);
|
||||
|
|
|
|||
|
|
@ -2,116 +2,41 @@
|
|||
#include "definitions.h"
|
||||
#include "Global.Librarian.h"
|
||||
|
||||
static LIBRARY_ITEM_DATA LibraryInfoData = {};
|
||||
|
||||
// TitanEngine.Librarian.functions:
|
||||
__declspec(dllexport) bool TITCALL LibrarianSetBreakPoint(char* szLibraryName, DWORD bpxType, bool SingleShoot, LPVOID bpxCallBack)
|
||||
{
|
||||
|
||||
int i = MAX_LIBRARY_BPX;
|
||||
PLIBRARY_BREAK_DATA ptrLibrarianData = (PLIBRARY_BREAK_DATA)LibrarianData;
|
||||
|
||||
if(szLibraryName != NULL && ptrLibrarianData != NULL)
|
||||
{
|
||||
while(i > NULL && ptrLibrarianData->szLibraryName[0] != 0x00)
|
||||
{
|
||||
ptrLibrarianData = (PLIBRARY_BREAK_DATA)((ULONG_PTR)ptrLibrarianData + sizeof LIBRARY_BREAK_DATA);
|
||||
i--;
|
||||
}
|
||||
lstrcpyA(&ptrLibrarianData->szLibraryName[0], szLibraryName);
|
||||
ptrLibrarianData->bpxCallBack = bpxCallBack;
|
||||
ptrLibrarianData->bpxSingleShoot = SingleShoot;
|
||||
ptrLibrarianData->bpxType = bpxType;
|
||||
return true;
|
||||
}
|
||||
return false;
|
||||
LIBRARY_BREAK_DATA NewLibrarianData;
|
||||
memset(&NewLibrarianData, 0, sizeof(LIBRARY_BREAK_DATA));
|
||||
lstrcpyA(NewLibrarianData.szLibraryName, szLibraryName);
|
||||
NewLibrarianData.bpxCallBack = bpxCallBack;
|
||||
NewLibrarianData.bpxSingleShoot = SingleShoot;
|
||||
NewLibrarianData.bpxType = bpxType;
|
||||
LibrarianData.push_back(NewLibrarianData);
|
||||
return true;
|
||||
}
|
||||
|
||||
__declspec(dllexport) bool TITCALL LibrarianRemoveBreakPoint(char* szLibraryName, DWORD bpxType)
|
||||
{
|
||||
|
||||
int i = MAX_LIBRARY_BPX;
|
||||
PLIBRARY_BREAK_DATA ptrLibrarianData = (PLIBRARY_BREAK_DATA)LibrarianData;
|
||||
|
||||
if(szLibraryName != NULL && ptrLibrarianData != NULL)
|
||||
{
|
||||
while(i > NULL)
|
||||
int libbpcount=LibrarianData.size();
|
||||
for(int i=libbpcount=1; i>-1; i--)
|
||||
if(!lstrcmpiA(szLibraryName, LibrarianData.at(i).szLibraryName) && (LibrarianData.at(i).bpxType == bpxType || bpxType == UE_ON_LIB_ALL))
|
||||
{
|
||||
if(ptrLibrarianData->szLibraryName[0] != 0x00)
|
||||
{
|
||||
if(lstrcmpiA(szLibraryName, ptrLibrarianData->szLibraryName) == NULL && (ptrLibrarianData->bpxType == bpxType || bpxType == UE_ON_LIB_ALL))
|
||||
{
|
||||
RtlZeroMemory(ptrLibrarianData, sizeof LIBRARY_BREAK_DATA);
|
||||
}
|
||||
}
|
||||
ptrLibrarianData = (PLIBRARY_BREAK_DATA)((ULONG_PTR)ptrLibrarianData + sizeof LIBRARY_BREAK_DATA);
|
||||
i--;
|
||||
LibrarianData.erase(LibrarianData.begin()+i);
|
||||
}
|
||||
return true;
|
||||
}
|
||||
return false;
|
||||
return true;
|
||||
}
|
||||
|
||||
__declspec(dllexport) void* TITCALL LibrarianGetLibraryInfo(char* szLibraryName)
|
||||
{
|
||||
|
||||
if(!szLibraryName)
|
||||
return NULL;
|
||||
wchar_t uniLibraryName[MAX_PATH] = {};
|
||||
PLIBRARY_ITEM_DATAW LibInfo;
|
||||
|
||||
if(szLibraryName != NULL)
|
||||
{
|
||||
MultiByteToWideChar(CP_ACP, NULL, szLibraryName, lstrlenA(szLibraryName)+1, uniLibraryName, sizeof(uniLibraryName)/(sizeof(uniLibraryName[0])));
|
||||
LibInfo = (PLIBRARY_ITEM_DATAW)LibrarianGetLibraryInfoW(uniLibraryName);
|
||||
if(LibInfo != NULL)
|
||||
{
|
||||
RtlZeroMemory(&LibraryInfoData, sizeof LIBRARY_ITEM_DATA);
|
||||
LibraryInfoData.hFile = LibInfo->hFile;
|
||||
LibraryInfoData.BaseOfDll = LibInfo->BaseOfDll;
|
||||
LibraryInfoData.hFileMapping = LibInfo->hFileMapping;
|
||||
LibraryInfoData.hFileMappingView = LibInfo->hFileMappingView;
|
||||
WideCharToMultiByte(CP_ACP, NULL, LibInfo->szLibraryName, -1, &LibraryInfoData.szLibraryName[0], sizeof LibraryInfoData.szLibraryName, NULL, NULL);
|
||||
WideCharToMultiByte(CP_ACP, NULL, LibInfo->szLibraryPath, -1, &LibraryInfoData.szLibraryPath[0], sizeof LibraryInfoData.szLibraryPath, NULL, NULL);
|
||||
return((void*)&LibraryInfoData);
|
||||
}
|
||||
else
|
||||
{
|
||||
return(NULL);
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
return(NULL);
|
||||
}
|
||||
}
|
||||
|
||||
__declspec(dllexport) void* TITCALL LibrarianGetLibraryInfoW(wchar_t* szLibraryName)
|
||||
{
|
||||
|
||||
PLIBRARY_ITEM_DATAW hListLibraryPtr = NULL;
|
||||
|
||||
if(hListLibrary != NULL)
|
||||
{
|
||||
hListLibraryPtr = (PLIBRARY_ITEM_DATAW)hListLibrary;
|
||||
while(hListLibraryPtr->hFile != NULL)
|
||||
{
|
||||
if(hListLibraryPtr->hFile != (HANDLE)-1)
|
||||
{
|
||||
if(lstrcmpiW(hListLibraryPtr->szLibraryName, szLibraryName) == NULL)
|
||||
{
|
||||
return((void*)hListLibraryPtr);
|
||||
}
|
||||
}
|
||||
hListLibraryPtr = (PLIBRARY_ITEM_DATAW)((ULONG_PTR)hListLibraryPtr + sizeof LIBRARY_ITEM_DATAW);
|
||||
}
|
||||
}
|
||||
return(NULL);
|
||||
}
|
||||
|
||||
__declspec(dllexport) void* TITCALL LibrarianGetLibraryInfoEx(void* BaseOfDll)
|
||||
{
|
||||
|
||||
PLIBRARY_ITEM_DATAW LibInfo;
|
||||
|
||||
LibInfo = (PLIBRARY_ITEM_DATAW)LibrarianGetLibraryInfoExW(BaseOfDll);
|
||||
if(LibInfo != NULL)
|
||||
MultiByteToWideChar(CP_ACP, NULL, szLibraryName, lstrlenA(szLibraryName)+1, uniLibraryName, sizeof(uniLibraryName)/(sizeof(uniLibraryName[0])));
|
||||
LibInfo = (PLIBRARY_ITEM_DATAW)LibrarianGetLibraryInfoW(uniLibraryName);
|
||||
if(LibInfo)
|
||||
{
|
||||
RtlZeroMemory(&LibraryInfoData, sizeof LIBRARY_ITEM_DATA);
|
||||
LibraryInfoData.hFile = LibInfo->hFile;
|
||||
|
|
@ -122,95 +47,101 @@ __declspec(dllexport) void* TITCALL LibrarianGetLibraryInfoEx(void* BaseOfDll)
|
|||
WideCharToMultiByte(CP_ACP, NULL, LibInfo->szLibraryPath, -1, &LibraryInfoData.szLibraryPath[0], sizeof LibraryInfoData.szLibraryPath, NULL, NULL);
|
||||
return((void*)&LibraryInfoData);
|
||||
}
|
||||
else
|
||||
{
|
||||
return(NULL);
|
||||
}
|
||||
return(NULL);
|
||||
}
|
||||
|
||||
__declspec(dllexport) void* TITCALL LibrarianGetLibraryInfoExW(void* BaseOfDll)
|
||||
__declspec(dllexport) void* TITCALL LibrarianGetLibraryInfoW(wchar_t* szLibraryName)
|
||||
{
|
||||
|
||||
PLIBRARY_ITEM_DATAW hListLibraryPtr = NULL;
|
||||
|
||||
if(hListLibrary != NULL)
|
||||
{
|
||||
hListLibraryPtr = (PLIBRARY_ITEM_DATAW)hListLibrary;
|
||||
while(hListLibraryPtr->hFile != NULL)
|
||||
static LIBRARY_ITEM_DATAW LibraryInfo;
|
||||
memset(&LibraryInfo, 0, sizeof(LIBRARY_ITEM_DATAW));
|
||||
int libcount=hListLibrary.size();
|
||||
for(int i=0; i<libcount; i++)
|
||||
if(hListLibrary.at(i).hFile != INVALID_HANDLE_VALUE && !lstrcmpiW(hListLibrary.at(i).szLibraryName, szLibraryName))
|
||||
{
|
||||
if(hListLibraryPtr->hFile != (HANDLE)-1)
|
||||
{
|
||||
if(hListLibraryPtr->BaseOfDll == BaseOfDll)
|
||||
{
|
||||
return((void*)hListLibraryPtr);
|
||||
}
|
||||
}
|
||||
hListLibraryPtr = (PLIBRARY_ITEM_DATAW)((ULONG_PTR)hListLibraryPtr + sizeof LIBRARY_ITEM_DATAW);
|
||||
memcpy(&LibraryInfo, &hListLibrary.at(i), sizeof(LIBRARY_ITEM_DATAW));
|
||||
return &LibraryInfo;
|
||||
}
|
||||
return NULL;
|
||||
}
|
||||
|
||||
__declspec(dllexport) void* TITCALL LibrarianGetLibraryInfoEx(void* BaseOfDll)
|
||||
{
|
||||
PLIBRARY_ITEM_DATAW LibInfo;
|
||||
LibInfo = (PLIBRARY_ITEM_DATAW)LibrarianGetLibraryInfoExW(BaseOfDll);
|
||||
if(LibInfo)
|
||||
{
|
||||
RtlZeroMemory(&LibraryInfoData, sizeof LIBRARY_ITEM_DATA);
|
||||
LibraryInfoData.hFile = LibInfo->hFile;
|
||||
LibraryInfoData.BaseOfDll = LibInfo->BaseOfDll;
|
||||
LibraryInfoData.hFileMapping = LibInfo->hFileMapping;
|
||||
LibraryInfoData.hFileMappingView = LibInfo->hFileMappingView;
|
||||
WideCharToMultiByte(CP_ACP, NULL, LibInfo->szLibraryName, -1, &LibraryInfoData.szLibraryName[0], sizeof LibraryInfoData.szLibraryName, NULL, NULL);
|
||||
WideCharToMultiByte(CP_ACP, NULL, LibInfo->szLibraryPath, -1, &LibraryInfoData.szLibraryPath[0], sizeof LibraryInfoData.szLibraryPath, NULL, NULL);
|
||||
return((void*)&LibraryInfoData);
|
||||
}
|
||||
return(NULL);
|
||||
}
|
||||
|
||||
__declspec(dllexport) void* TITCALL LibrarianGetLibraryInfoExW(void* BaseOfDll)
|
||||
{
|
||||
static LIBRARY_ITEM_DATAW LibraryData;
|
||||
memset(&LibraryData, 0, sizeof(LIBRARY_ITEM_DATAW));
|
||||
int libcount=hListLibrary.size();
|
||||
for(int i=0; i<libcount; i++)
|
||||
if(hListLibrary.at(i).hFile != INVALID_HANDLE_VALUE && hListLibrary.at(i).BaseOfDll == BaseOfDll)
|
||||
{
|
||||
memcpy(&LibraryData, &hListLibrary.at(i), sizeof(LIBRARY_ITEM_DATAW));
|
||||
return &LibraryData;
|
||||
}
|
||||
return NULL;
|
||||
}
|
||||
|
||||
__declspec(dllexport) void TITCALL LibrarianEnumLibraryInfo(void* EnumCallBack)
|
||||
{
|
||||
|
||||
PLIBRARY_ITEM_DATAW hListLibraryPtr = NULL;
|
||||
if(!EnumCallBack)
|
||||
return;
|
||||
typedef void(TITCALL *fEnumCallBack)(LPVOID fLibraryDetail);
|
||||
fEnumCallBack myEnumCallBack = (fEnumCallBack)EnumCallBack;
|
||||
|
||||
if(hListLibrary != NULL)
|
||||
{
|
||||
hListLibraryPtr = (PLIBRARY_ITEM_DATAW)hListLibrary;
|
||||
while(EnumCallBack != NULL && hListLibraryPtr->hFile != NULL)
|
||||
int libcount=hListLibrary.size();
|
||||
for(int i=0; i<libcount; i++)
|
||||
if(hListLibrary.at(i).hFile != INVALID_HANDLE_VALUE)
|
||||
{
|
||||
if(hListLibraryPtr->hFile != (HANDLE)-1)
|
||||
__try
|
||||
{
|
||||
__try
|
||||
{
|
||||
myEnumCallBack((void*)hListLibraryPtr);
|
||||
}
|
||||
__except(EXCEPTION_EXECUTE_HANDLER)
|
||||
{
|
||||
EnumCallBack = NULL;
|
||||
}
|
||||
LIBRARY_ITEM_DATA myLibraryInfoData;
|
||||
memset(&myLibraryInfoData, 0, sizeof(LIBRARY_ITEM_DATA));
|
||||
myLibraryInfoData.hFile = hListLibrary.at(i).hFile;
|
||||
myLibraryInfoData.BaseOfDll = hListLibrary.at(i).BaseOfDll;
|
||||
myLibraryInfoData.hFileMapping = hListLibrary.at(i).hFileMapping;
|
||||
myLibraryInfoData.hFileMappingView = hListLibrary.at(i).hFileMappingView;
|
||||
WideCharToMultiByte(CP_ACP, NULL, hListLibrary.at(i).szLibraryName, -1, &myLibraryInfoData.szLibraryName[0], sizeof(myLibraryInfoData.szLibraryName), NULL, NULL);
|
||||
WideCharToMultiByte(CP_ACP, NULL, hListLibrary.at(i).szLibraryPath, -1, &myLibraryInfoData.szLibraryPath[0], sizeof(myLibraryInfoData.szLibraryPath), NULL, NULL);
|
||||
myEnumCallBack(&myLibraryInfoData);
|
||||
}
|
||||
__except(EXCEPTION_EXECUTE_HANDLER)
|
||||
{
|
||||
break;
|
||||
}
|
||||
hListLibraryPtr = (PLIBRARY_ITEM_DATAW)((ULONG_PTR)hListLibraryPtr + sizeof LIBRARY_ITEM_DATAW);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
__declspec(dllexport) void TITCALL LibrarianEnumLibraryInfoW(void* EnumCallBack)
|
||||
{
|
||||
|
||||
LIBRARY_ITEM_DATA myLibraryInfoData;
|
||||
PLIBRARY_ITEM_DATAW hListLibraryPtr = NULL;
|
||||
if(!EnumCallBack)
|
||||
return;
|
||||
typedef void(TITCALL *fEnumCallBack)(LPVOID fLibraryDetail);
|
||||
fEnumCallBack myEnumCallBack = (fEnumCallBack)EnumCallBack;
|
||||
|
||||
if(hListLibrary != NULL)
|
||||
{
|
||||
hListLibraryPtr = (PLIBRARY_ITEM_DATAW)hListLibrary;
|
||||
while(EnumCallBack != NULL && hListLibraryPtr->hFile != NULL)
|
||||
int libcount=hListLibrary.size();
|
||||
for(int i=0; i<libcount; i++)
|
||||
if(hListLibrary.at(i).hFile != INVALID_HANDLE_VALUE)
|
||||
{
|
||||
if(hListLibraryPtr->hFile != (HANDLE)-1)
|
||||
__try
|
||||
{
|
||||
__try
|
||||
{
|
||||
RtlZeroMemory(&myLibraryInfoData, sizeof LIBRARY_ITEM_DATA);
|
||||
myLibraryInfoData.hFile = hListLibraryPtr->hFile;
|
||||
myLibraryInfoData.BaseOfDll = hListLibraryPtr->BaseOfDll;
|
||||
myLibraryInfoData.hFileMapping = hListLibraryPtr->hFileMapping;
|
||||
myLibraryInfoData.hFileMappingView = hListLibraryPtr->hFileMappingView;
|
||||
WideCharToMultiByte(CP_ACP, NULL, hListLibraryPtr->szLibraryName, -1, &myLibraryInfoData.szLibraryName[0], sizeof myLibraryInfoData.szLibraryName, NULL, NULL);
|
||||
WideCharToMultiByte(CP_ACP, NULL, hListLibraryPtr->szLibraryPath, -1, &myLibraryInfoData.szLibraryPath[0], sizeof myLibraryInfoData.szLibraryPath, NULL, NULL);
|
||||
myEnumCallBack((void*)&myLibraryInfoData);
|
||||
}
|
||||
__except(EXCEPTION_EXECUTE_HANDLER)
|
||||
{
|
||||
EnumCallBack = NULL;
|
||||
}
|
||||
myEnumCallBack(&hListLibrary.at(i));
|
||||
}
|
||||
__except(EXCEPTION_EXECUTE_HANDLER)
|
||||
{
|
||||
break;
|
||||
}
|
||||
hListLibraryPtr = (PLIBRARY_ITEM_DATAW)((ULONG_PTR)hListLibraryPtr + sizeof LIBRARY_ITEM_DATAW);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -201,7 +201,7 @@ __declspec(dllexport) bool TITCALL ThreaderIsThreadStillRunning(HANDLE hThread)
|
|||
CONTEXT myDBGContext;
|
||||
memset(&myDBGContext, 0, sizeof(CONTEXT));
|
||||
myDBGContext.ContextFlags = CONTEXT_ALL;
|
||||
return GetThreadContext(hThread, &myDBGContext);
|
||||
return (GetThreadContext(hThread, &myDBGContext)==TRUE);
|
||||
}
|
||||
|
||||
__declspec(dllexport) bool TITCALL ThreaderIsThreadActive(HANDLE hThread)
|
||||
|
|
@ -220,7 +220,7 @@ __declspec(dllexport) bool TITCALL ThreaderIsAnyThreadActive()
|
|||
for(int i=0; i<threadcount; i++)
|
||||
if(ThreaderIsThreadActive(hListThread.at(i).hThread))
|
||||
return true;
|
||||
return false;
|
||||
return false;
|
||||
}
|
||||
|
||||
__declspec(dllexport) bool TITCALL ThreaderExecuteOnlyInjectedThreads()
|
||||
|
|
@ -239,7 +239,7 @@ __declspec(dllexport) long long TITCALL ThreaderGetOpenHandleForThread(DWORD Thr
|
|||
for(int i=0; i<threadcount; i++)
|
||||
if(hListThread.at(i).dwThreadId == ThreadId)
|
||||
return (ULONG_PTR)hListThread.at(i).hThread;
|
||||
return 0;
|
||||
return 0;
|
||||
}
|
||||
|
||||
__declspec(dllexport) bool TITCALL ThreaderIsExceptionInMainThread()
|
||||
|
|
|
|||
|
|
@ -229,8 +229,6 @@ typedef struct MEMORY_COMPARE_HANDLER
|
|||
} Array;
|
||||
} MEMORY_COMPARE_HANDLER, *PMEMORY_COMPARE_HANDLER;
|
||||
|
||||
#define MAX_DEBUG_DATA 65536
|
||||
|
||||
typedef struct
|
||||
{
|
||||
HANDLE hThread;
|
||||
|
|
@ -271,7 +269,6 @@ typedef struct
|
|||
wchar_t szLibraryName[MAX_PATH];
|
||||
} LIBRARY_ITEM_DATAW, *PLIBRARY_ITEM_DATAW;
|
||||
|
||||
#define MAX_LIBRARY_BPX 64
|
||||
#define UE_ON_LIB_LOAD 1
|
||||
#define UE_ON_LIB_UNLOAD 2
|
||||
#define UE_ON_LIB_ALL 3
|
||||
|
|
|
|||
Loading…
Reference in New Issue