x64dbg
/
TitanEngine
mirror of https://github.com/x64dbg/TitanEngine
1
0
Fork 0
Code Releases Activity

- added RipEvent callback 

- removed debug message
This commit is contained in:
mr.exodia 2014-02-08 20:44:07 +01:00
parent 355fd1bada
commit 2ae7e9e541
9 changed files with 33 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
SDK/C/TitanEngine.h
View File

@ -123,6 +123,7 @@
#define UE_CH_ALLEVENTS 22 #define UE_CH_ALLEVENTS 22
#define UE_CH_SYSTEMBREAKPOINT 23 #define UE_CH_SYSTEMBREAKPOINT 23
#define UE_CH_UNHANDLEDEXCEPTION 24 #define UE_CH_UNHANDLEDEXCEPTION 24
#define UE_CH_RIPEVENT 25
#define UE_OPTION_HANDLER_RETURN_HANDLECOUNT 1 #define UE_OPTION_HANDLER_RETURN_HANDLECOUNT 1
#define UE_OPTION_HANDLER_RETURN_ACCESS 2 #define UE_OPTION_HANDLER_RETURN_ACCESS 2

1
SDK/CPP/TitanEngine.h
View File

@ -123,6 +123,7 @@ const BYTE UE_CH_AFTEREXCEPTIONPROCESSING = 21;
const BYTE UE_CH_ALLEVENTS = 22; const BYTE UE_CH_ALLEVENTS = 22;
const BYTE UE_CH_SYSTEMBREAKPOINT = 23; const BYTE UE_CH_SYSTEMBREAKPOINT = 23;
const BYTE UE_CH_UNHANDLEDEXCEPTION = 24; const BYTE UE_CH_UNHANDLEDEXCEPTION = 24;
const BYTE UE_CH_RIPEVENT = 25;
const BYTE UE_OPTION_HANDLER_RETURN_HANDLECOUNT = 1; const BYTE UE_OPTION_HANDLER_RETURN_HANDLECOUNT = 1;
const BYTE UE_OPTION_HANDLER_RETURN_ACCESS = 2; const BYTE UE_OPTION_HANDLER_RETURN_ACCESS = 2;

3
SDK/CPP/TitanEngine.hpp
View File

@ -169,7 +169,8 @@ enum eCustomException : DWORD
UE_CH_AFTEREXCEPTIONPROCESSING = UE::UE_CH_AFTEREXCEPTIONPROCESSING, UE_CH_AFTEREXCEPTIONPROCESSING = UE::UE_CH_AFTEREXCEPTIONPROCESSING,
UE_CH_ALLEVENTS = UE::UE_CH_ALLEVENTS, UE_CH_ALLEVENTS = UE::UE_CH_ALLEVENTS,
UE_CH_SYSTEMBREAKPOINT = UE::UE_CH_SYSTEMBREAKPOINT, UE_CH_SYSTEMBREAKPOINT = UE::UE_CH_SYSTEMBREAKPOINT,
UE_CH_UNHANDLEDEXCEPTION = UE::UE_CH_UNHANDLEDEXCEPTION UE_CH_UNHANDLEDEXCEPTION = UE::UE_CH_UNHANDLEDEXCEPTION,
UE_CH_RIPEVENT = UE::UE_CH_RIPEVENT
}; };
enum eHandlerReturnType : DWORD enum eHandlerReturnType : DWORD

9
SDK/Delphi/TitanEngine.pas
View File

@ -258,10 +258,11 @@ const
UE_CH_LOADDLL = 18; UE_CH_LOADDLL = 18;
UE_CH_UNLOADDLL = 19; UE_CH_UNLOADDLL = 19;
UE_CH_OUTPUTDEBUGSTRING = 20; UE_CH_OUTPUTDEBUGSTRING = 20;
UE_CH_AFTEREXCEPTIONPROCESSING = 21; UE_CH_AFTEREXCEPTIONPROCESSING = 21;
UE_CH_ALLEVENTS = 22; UE_CH_ALLEVENTS = 22;
UE_CH_SYSTEMBREAKPOINT = 23; UE_CH_SYSTEMBREAKPOINT = 23;
UE_CH_UNHANDLEDEXCEPTION = 24; UE_CH_UNHANDLEDEXCEPTION = 24;
UE_CH_RIPEVENT = 25
UE_FUNCTION_STDCALL = 1; UE_FUNCTION_STDCALL = 1;
UE_FUNCTION_CCALL = 2; UE_FUNCTION_CCALL = 2;

1
SDK/LUA/TitanEngine.lua
View File

@ -118,6 +118,7 @@ UE_CH_AFTEREXCEPTIONPROCESSING = 21
UE_CH_ALLEVENTS = 22 UE_CH_ALLEVENTS = 22
UE_CH_SYSTEMBREAKPOINT = 23 UE_CH_SYSTEMBREAKPOINT = 23
UE_CH_UNHANDLEDEXCEPTION = 24 UE_CH_UNHANDLEDEXCEPTION = 24
UE_CH_RIPEVENT = 25
UE_OPTION_HANDLER_RETURN_HANDLECOUNT = 1 UE_OPTION_HANDLER_RETURN_HANDLECOUNT = 1
UE_OPTION_HANDLER_RETURN_ACCESS = 2 UE_OPTION_HANDLER_RETURN_ACCESS = 2

1
SDK/MASM/TitanEngine.INC
View File

@ -96,6 +96,7 @@ UE_CH_AFTEREXCEPTIONPROCESSING EQU 21
UE_CH_ALLEVENTS EQU 22 UE_CH_ALLEVENTS EQU 22
UE_CH_SYSTEMBREAKPOINT EQU 23 UE_CH_SYSTEMBREAKPOINT EQU 23
UE_CH_UNHANDLEDEXCEPTION EQU 24 UE_CH_UNHANDLEDEXCEPTION EQU 24
UE_CH_RIPEVENT EQU 25
UE_OPTION_HANDLER_RETURN_HANDLECOUNT EQU 1 UE_OPTION_HANDLER_RETURN_HANDLECOUNT EQU 1
UE_OPTION_HANDLER_RETURN_ACCESS EQU 2 UE_OPTION_HANDLER_RETURN_ACCESS EQU 2

1
SDK/Python/TitanEngine.py
View File

@ -109,6 +109,7 @@ UE_CH_AFTEREXCEPTIONPROCESSING = 21
UE_CH_ALLEVENTS = 22 UE_CH_ALLEVENTS = 22
UE_CH_SYSTEMBREAKPOINT = 23 UE_CH_SYSTEMBREAKPOINT = 23
UE_CH_UNHANDLEDEXCEPTION = 24 UE_CH_UNHANDLEDEXCEPTION = 24
UE_CH_RIPEVENT = 25
UE_OPTION_HANDLER_RETURN_HANDLECOUNT = 1 UE_OPTION_HANDLER_RETURN_HANDLECOUNT = 1
UE_OPTION_HANDLER_RETURN_ACCESS = 2 UE_OPTION_HANDLER_RETURN_ACCESS = 2

23
TitanEngine/TitanEngine.cpp
View File

@ -15551,6 +15551,10 @@ __declspec(dllexport) void TITCALL SetCustomHandler(DWORD ExceptionId, LPVOID Ca
{ {
DBGCustomHandler->chUnhandledException = (ULONG_PTR)CallBack; DBGCustomHandler->chUnhandledException = (ULONG_PTR)CallBack;
} }
else if(ExceptionId == UE_CH_RIPEVENT)
{
DBGCustomHandler->chRipEvent = (ULONG_PTR)CallBack;
}
else if(ExceptionId == UE_CH_ALLEVENTS) else if(ExceptionId == UE_CH_ALLEVENTS)
{ {
DBGCustomHandler->chEverythingElse = (ULONG_PTR)CallBack; DBGCustomHandler->chEverythingElse = (ULONG_PTR)CallBack;
@ -15562,6 +15566,7 @@ __declspec(dllexport) void TITCALL SetCustomHandler(DWORD ExceptionId, LPVOID Ca
DBGCustomHandler->chUnloadDll = (ULONG_PTR)CallBack; DBGCustomHandler->chUnloadDll = (ULONG_PTR)CallBack;
DBGCustomHandler->chOutputDebugString = (ULONG_PTR)CallBack; DBGCustomHandler->chOutputDebugString = (ULONG_PTR)CallBack;
DBGCustomHandler->chSystemBreakpoint = (ULONG_PTR)CallBack; DBGCustomHandler->chSystemBreakpoint = (ULONG_PTR)CallBack;
DBGCustomHandler->chRipEvent = (ULONG_PTR)CallBack;
} }
} }
__declspec(dllexport) void TITCALL ForceClose() __declspec(dllexport) void TITCALL ForceClose()
@ -16761,8 +16766,7 @@ __declspec(dllexport) void TITCALL DebugLoop()
case EXCEPTION_DEBUG_EVENT: case EXCEPTION_DEBUG_EVENT:
{ {
DBGCode = DBG_EXCEPTION_NOT_HANDLED; //let the debuggee handle exceptions per default DBGCode = DBG_EXCEPTION_NOT_HANDLED; //let the debuggee handle exceptions per default
printf("Exception: 0x%X\n", DBGEvent.u.Exception.ExceptionRecord.ExceptionCode);
//NOTE: useless callback?
if(DBGCustomHandler->chEverythingElse != NULL) if(DBGCustomHandler->chEverythingElse != NULL)
{ {
myCustomHandler = (fCustomHandler)((LPVOID)DBGCustomHandler->chEverythingElse); myCustomHandler = (fCustomHandler)((LPVOID)DBGCustomHandler->chEverythingElse);
@ -16790,7 +16794,6 @@ __declspec(dllexport) void TITCALL DebugLoop()
} }
//handle different exception codes //handle different exception codes
switch(DBGEvent.u.Exception.ExceptionRecord.ExceptionCode) switch(DBGEvent.u.Exception.ExceptionRecord.ExceptionCode)
{ {
case STATUS_BREAKPOINT: case STATUS_BREAKPOINT:
@ -17944,7 +17947,19 @@ __declspec(dllexport) void TITCALL DebugLoop()
case RIP_EVENT: case RIP_EVENT:
{ {
DBGCode = DBG_EXCEPTION_NOT_HANDLED; //fix an anti-debug trick DBGCode = DBG_EXCEPTION_NOT_HANDLED; //fix an anti-debug trick
//TODO: RIP event //system breakpoint callback
if(DBGCustomHandler->chRipEvent != NULL)
{
myCustomHandler = (fCustomHandler)((LPVOID)DBGCustomHandler->chRipEvent);
__try
{
myCustomHandler(&DBGEvent);
}
__except(EXCEPTION_EXECUTE_HANDLER)
{
DBGCustomHandler->chSystemBreakpoint = NULL;
}
}
} }
break; break;
} }

2
TitanEngine/stdafx.h
View File

@ -198,6 +198,7 @@ typedef struct
ULONG_PTR chAfterException; ULONG_PTR chAfterException;
ULONG_PTR chSystemBreakpoint; ULONG_PTR chSystemBreakpoint;
ULONG_PTR chUnhandledException; ULONG_PTR chUnhandledException;
ULONG_PTR chRipEvent;
} CustomHandler, *PCustomHandler; } CustomHandler, *PCustomHandler;
typedef struct typedef struct
@ -428,6 +429,7 @@ typedef struct HOOK_ENTRY
#define UE_CH_ALLEVENTS 22 #define UE_CH_ALLEVENTS 22
#define UE_CH_SYSTEMBREAKPOINT 23 #define UE_CH_SYSTEMBREAKPOINT 23
#define UE_CH_UNHANDLEDEXCEPTION 24 #define UE_CH_UNHANDLEDEXCEPTION 24
#define UE_CH_RIPEVENT 25
#define UE_OPTION_HANDLER_RETURN_HANDLECOUNT 1 #define UE_OPTION_HANDLER_RETURN_HANDLECOUNT 1
#define UE_OPTION_HANDLER_RETURN_ACCESS 2 #define UE_OPTION_HANDLER_RETURN_ACCESS 2