x64dbg
/
TitanEngine
mirror of https://github.com/x64dbg/TitanEngine
1
0
Fork 0
Code Releases Activity

fixed enumeration in LibrarianRemoveBreakPoint 

some style fixes
This commit is contained in:
Johann Kempter 2014-03-14 10:56:27 +01:00
parent 1ca83942f6
commit 3e0950d72e
4 changed files with 75 additions and 34 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
TitanEngine/TitanEngine.Hooks.cpp
View File

@ -15,7 +15,6 @@ static void* buffPatchedEntry;
// Internal.Engine.Hook.functions:
static bool ProcessHookScanAddNewHook(PHOOK_ENTRY HookDetails, void* ptrOriginalInstructions, PLIBRARY_ITEM_DATAW ModuleInformation, DWORD SizeOfImage)
{
HOOK_ENTRY MyhookEntry = {};
RtlMoveMemory(&MyhookEntry, HookDetails, sizeof HOOK_ENTRY);
@ -79,17 +78,17 @@ __declspec(dllexport) bool TITCALL HooksSafeTransitionEx(LPVOID HookAddressArray
}
return false;
}
__declspec(dllexport) bool TITCALL HooksSafeTransition(LPVOID HookAddress, bool TransitionStart)
{
void* aHookAddress[1];
aHookAddress[0] = HookAddress;
return(HooksSafeTransitionEx(&aHookAddress[0], sizeof aHookAddress, TransitionStart));
}
__declspec(dllexport) bool TITCALL HooksIsAddressRedirected(LPVOID HookAddress)
{
for(unsigned int i = 0; i < hookEntry.size(); i++)
{
if(hookEntry[i].HookAddress == HookAddress && hookEntry[i].IATHook == false && hookEntry[i].HookIsEnabled == true)
@ -99,9 +98,9 @@ __declspec(dllexport) bool TITCALL HooksIsAddressRedirected(LPVOID HookAddress)
}
return false;
}
__declspec(dllexport) void* TITCALL HooksGetTrampolineAddress(LPVOID HookAddress)
{
for(unsigned int i = 0; i < hookEntry.size(); i++)
{
if(hookEntry[i].HookAddress == HookAddress)
@ -111,9 +110,9 @@ __declspec(dllexport) void* TITCALL HooksGetTrampolineAddress(LPVOID HookAddress
}
return(NULL);
}
__declspec(dllexport) void* TITCALL HooksGetHookEntryDetails(LPVOID HookAddress)
{
for(unsigned int i = 0; i < hookEntry.size(); i++)
{
if(hookEntry[i].HookAddress == HookAddress)
@ -123,9 +122,9 @@ __declspec(dllexport) void* TITCALL HooksGetHookEntryDetails(LPVOID HookAddress)
}
return(NULL);
}
__declspec(dllexport) bool TITCALL HooksInsertNewRedirection(LPVOID HookAddress, LPVOID RedirectTo, int HookType)
{
#if !defined(_WIN64)
int j;
unsigned int i;
@ -411,6 +410,7 @@ __declspec(dllexport) bool TITCALL HooksInsertNewRedirection(LPVOID HookAddress,
}
return false;
}
__declspec(dllexport) bool TITCALL HooksInsertNewIATRedirectionEx(ULONG_PTR FileMapVA, ULONG_PTR LoadedModuleBase, char* szHookFunction, LPVOID RedirectTo)
{
@ -561,9 +561,9 @@ __declspec(dllexport) bool TITCALL HooksInsertNewIATRedirectionEx(ULONG_PTR File
}
return false;
}
__declspec(dllexport) bool TITCALL HooksInsertNewIATRedirection(char* szModuleName, char* szHookFunction, LPVOID RedirectTo)
{
HANDLE FileHandle;
DWORD FileSize;
HANDLE FileMap;
@ -590,9 +590,9 @@ __declspec(dllexport) bool TITCALL HooksInsertNewIATRedirection(char* szModuleNa
}
return false;
}
__declspec(dllexport) bool TITCALL HooksRemoveRedirection(LPVOID HookAddress, bool RemoveAll)
{
DWORD OldProtect = PAGE_READONLY;
if(!RemoveAll)
@ -626,9 +626,9 @@ __declspec(dllexport) bool TITCALL HooksRemoveRedirection(LPVOID HookAddress, bo
return true;
}
}
__declspec(dllexport) bool TITCALL HooksRemoveRedirectionsForModule(HMODULE ModuleBase)
{
int j = NULL;
unsigned int i = (unsigned int)hookEntry.size();
DWORD OldProtect = PAGE_READONLY;
@ -661,9 +661,9 @@ __declspec(dllexport) bool TITCALL HooksRemoveRedirectionsForModule(HMODULE Modu
}
return true;
}
__declspec(dllexport) bool TITCALL HooksRemoveIATRedirection(char* szModuleName, char* szHookFunction, bool RemoveAll)
{
unsigned int i = (unsigned int)hookEntry.size() - 1;
DWORD OldProtect = PAGE_READONLY;
HMODULE ModuleBase = GetModuleHandleA(szModuleName);
@ -687,9 +687,9 @@ __declspec(dllexport) bool TITCALL HooksRemoveIATRedirection(char* szModuleName,
}
return false;
}
__declspec(dllexport) bool TITCALL HooksDisableRedirection(LPVOID HookAddress, bool DisableAll)
{
DWORD OldProtect = PAGE_READONLY;
if(!DisableAll)
@ -723,9 +723,9 @@ __declspec(dllexport) bool TITCALL HooksDisableRedirection(LPVOID HookAddress, b
return true;
}
}
__declspec(dllexport) bool TITCALL HooksDisableRedirectionsForModule(HMODULE ModuleBase)
{
int j = NULL;
unsigned int i = (unsigned int)hookEntry.size();
DWORD OldProtect = PAGE_READONLY;
@ -758,9 +758,9 @@ __declspec(dllexport) bool TITCALL HooksDisableRedirectionsForModule(HMODULE Mod
}
return true;
}
__declspec(dllexport) bool TITCALL HooksDisableIATRedirection(char* szModuleName, char* szHookFunction, bool DisableAll)
{
unsigned int i = (unsigned int)hookEntry.size() - 1;
DWORD OldProtect = PAGE_READONLY;
HMODULE ModuleBase = GetModuleHandleA(szModuleName);
@ -787,9 +787,9 @@ __declspec(dllexport) bool TITCALL HooksDisableIATRedirection(char* szModuleName
}
return false;
}
__declspec(dllexport) bool TITCALL HooksEnableRedirection(LPVOID HookAddress, bool EnableAll)
{
DWORD OldProtect = PAGE_READONLY;
if(!EnableAll)
@ -823,9 +823,9 @@ __declspec(dllexport) bool TITCALL HooksEnableRedirection(LPVOID HookAddress, bo
return true;
}
}
__declspec(dllexport) bool TITCALL HooksEnableRedirectionsForModule(HMODULE ModuleBase)
{
int j = NULL;
unsigned int i = (unsigned int)hookEntry.size();
DWORD OldProtect = PAGE_READONLY;
@ -858,9 +858,9 @@ __declspec(dllexport) bool TITCALL HooksEnableRedirectionsForModule(HMODULE Modu
}
return true;
}
__declspec(dllexport) bool TITCALL HooksEnableIATRedirection(char* szModuleName, char* szHookFunction, bool EnableAll)
{
unsigned int i = (unsigned int)hookEntry.size() - 1;
DWORD OldProtect = PAGE_READONLY;
HMODULE ModuleBase = GetModuleHandleA(szModuleName);
@ -887,9 +887,9 @@ __declspec(dllexport) bool TITCALL HooksEnableIATRedirection(char* szModuleName,
}
return false;
}
__declspec(dllexport) void TITCALL HooksScanModuleMemory(HMODULE ModuleBase, LPVOID CallBack)
{
unsigned int i;
bool FileIs64 = false;
bool FileError = false;
@ -1106,9 +1106,9 @@ __declspec(dllexport) void TITCALL HooksScanModuleMemory(HMODULE ModuleBase, LPV
}
}
}
__declspec(dllexport) void TITCALL HooksScanEntireProcessMemory(LPVOID CallBack)
{
unsigned int i;
DWORD cbNeeded = 0;
HMODULE EnumeratedModules[1024] = {0};
@ -1122,6 +1122,7 @@ __declspec(dllexport) void TITCALL HooksScanEntireProcessMemory(LPVOID CallBack)
}
}
}
__declspec(dllexport) void TITCALL HooksScanEntireProcessMemoryEx()
{
HooksScanEntireProcessMemory(&ProcessHookScanAddNewHook);

53
TitanEngine/TitanEngine.Librarian.cpp
View File

@ -14,17 +14,20 @@ __declspec(dllexport) bool TITCALL LibrarianSetBreakPoint(char* szLibraryName, D
NewLibrarianData.bpxSingleShoot = SingleShoot;
NewLibrarianData.bpxType = bpxType;
LibrarianData.push_back(NewLibrarianData);
return true;
}
__declspec(dllexport) bool TITCALL LibrarianRemoveBreakPoint(char* szLibraryName, DWORD bpxType)
{
int libbpcount=LibrarianData.size();
for(int i=libbpcount=1; i>-1; i--)
for(int i = LibrarianData.size() - 1; i >- 1; i--)
{
if(!lstrcmpiA(szLibraryName, LibrarianData.at(i).szLibraryName) && (LibrarianData.at(i).bpxType == bpxType || bpxType == UE_ON_LIB_ALL))
{
LibrarianData.erase(LibrarianData.begin()+i);
LibrarianData.erase(LibrarianData.begin() + i);
}
}
return true;
}
@ -32,6 +35,7 @@ __declspec(dllexport) void* TITCALL LibrarianGetLibraryInfo(char* szLibraryName)
{
if(!szLibraryName)
return NULL;
wchar_t uniLibraryName[MAX_PATH] = {};
PLIBRARY_ITEM_DATAW LibInfo;
MultiByteToWideChar(CP_ACP, NULL, szLibraryName, lstrlenA(szLibraryName)+1, uniLibraryName, sizeof(uniLibraryName)/(sizeof(uniLibraryName[0])));
@ -45,22 +49,28 @@ __declspec(dllexport) void* TITCALL LibrarianGetLibraryInfo(char* szLibraryName)
LibraryInfoData.hFileMappingView = LibInfo->hFileMappingView;
WideCharToMultiByte(CP_ACP, NULL, LibInfo->szLibraryName, -1, &LibraryInfoData.szLibraryName[0], sizeof LibraryInfoData.szLibraryName, NULL, NULL);
WideCharToMultiByte(CP_ACP, NULL, LibInfo->szLibraryPath, -1, &LibraryInfoData.szLibraryPath[0], sizeof LibraryInfoData.szLibraryPath, NULL, NULL);
return((void*)&LibraryInfoData);
}
return(NULL);
return NULL;
}
__declspec(dllexport) void* TITCALL LibrarianGetLibraryInfoW(wchar_t* szLibraryName)
{
static LIBRARY_ITEM_DATAW LibraryInfo;
memset(&LibraryInfo, 0, sizeof(LIBRARY_ITEM_DATAW));
int libcount=hListLibrary.size();
for(int i=0; i<libcount; i++)
int libcount = hListLibrary.size();
for(int i = 0; i < libcount; i++)
{
if(hListLibrary.at(i).hFile != INVALID_HANDLE_VALUE && !lstrcmpiW(hListLibrary.at(i).szLibraryName, szLibraryName))
{
memcpy(&LibraryInfo, &hListLibrary.at(i), sizeof(LIBRARY_ITEM_DATAW));
return &LibraryInfo;
}
}
return NULL;
}
@ -77,22 +87,29 @@ __declspec(dllexport) void* TITCALL LibrarianGetLibraryInfoEx(void* BaseOfDll)
LibraryInfoData.hFileMappingView = LibInfo->hFileMappingView;
WideCharToMultiByte(CP_ACP, NULL, LibInfo->szLibraryName, -1, &LibraryInfoData.szLibraryName[0], sizeof LibraryInfoData.szLibraryName, NULL, NULL);
WideCharToMultiByte(CP_ACP, NULL, LibInfo->szLibraryPath, -1, &LibraryInfoData.szLibraryPath[0], sizeof LibraryInfoData.szLibraryPath, NULL, NULL);
return((void*)&LibraryInfoData);
return (void*)&LibraryInfoData;
}
return(NULL);
return NULL;
}
__declspec(dllexport) void* TITCALL LibrarianGetLibraryInfoExW(void* BaseOfDll)
{
static LIBRARY_ITEM_DATAW LibraryData;
memset(&LibraryData, 0, sizeof(LIBRARY_ITEM_DATAW));
int libcount=hListLibrary.size();
for(int i=0; i<libcount; i++)
int libcount = hListLibrary.size();
for(int i = 0; i < libcount; i++)
{
if(hListLibrary.at(i).hFile != INVALID_HANDLE_VALUE && hListLibrary.at(i).BaseOfDll == BaseOfDll)
{
memcpy(&LibraryData, &hListLibrary.at(i), sizeof(LIBRARY_ITEM_DATAW));
return &LibraryData;
}
}
return NULL;
}
@ -100,10 +117,13 @@ __declspec(dllexport) void TITCALL LibrarianEnumLibraryInfo(void* EnumCallBack)
{
if(!EnumCallBack)
return;
typedef void(TITCALL *fEnumCallBack)(LPVOID fLibraryDetail);
fEnumCallBack myEnumCallBack = (fEnumCallBack)EnumCallBack;
int libcount=hListLibrary.size();
for(int i=0; i<libcount; i++)
int libcount = hListLibrary.size();
for(int i = 0; i < libcount; i++)
{
if(hListLibrary.at(i).hFile != INVALID_HANDLE_VALUE)
{
__try
@ -123,16 +143,20 @@ __declspec(dllexport) void TITCALL LibrarianEnumLibraryInfo(void* EnumCallBack)
break;
}
}
}
}
__declspec(dllexport) void TITCALL LibrarianEnumLibraryInfoW(void* EnumCallBack)
{
if(!EnumCallBack)
return;
typedef void(TITCALL *fEnumCallBack)(LPVOID fLibraryDetail);
fEnumCallBack myEnumCallBack = (fEnumCallBack)EnumCallBack;
int libcount=hListLibrary.size();
for(int i=0; i<libcount; i++)
int libcount = hListLibrary.size();
for(int i = 0; i < libcount; i++)
{
if(hListLibrary.at(i).hFile != INVALID_HANDLE_VALUE)
{
__try
@ -144,4 +168,5 @@ __declspec(dllexport) void TITCALL LibrarianEnumLibraryInfoW(void* EnumCallBack)
break;
}
}
}
}

16
TitanEngine/TitanEngine.Relocator.cpp
View File

@ -25,6 +25,7 @@ __declspec(dllexport) void TITCALL RelocaterCleanup()
RelocationNewImageBase = NULL;
}
}
__declspec(dllexport) void TITCALL RelocaterInit(DWORD MemorySize, ULONG_PTR OldImageBase, ULONG_PTR NewImageBase)
{
@ -39,6 +40,7 @@ __declspec(dllexport) void TITCALL RelocaterInit(DWORD MemorySize, ULONG_PTR Old
RelocationOldImageBase = OldImageBase;
RelocationNewImageBase = NewImageBase;
}
__declspec(dllexport) void TITCALL RelocaterAddNewRelocation(HANDLE hProcess, ULONG_PTR RelocateAddress, DWORD RelocateState)
{
@ -91,10 +93,12 @@ __declspec(dllexport) void TITCALL RelocaterAddNewRelocation(HANDLE hProcess, UL
RtlMoveMemory(RelocationWritePosition, &CopyDummy, 2);
RelocationWritePosition = (LPVOID)((ULONG_PTR)RelocationWritePosition + 2);
}
__declspec(dllexport) long TITCALL RelocaterEstimatedSize()
{
return((DWORD)((ULONG_PTR)RelocationWritePosition - (ULONG_PTR)RelocationData + 8));
}
__declspec(dllexport) bool TITCALL RelocaterExportRelocation(ULONG_PTR StorePlace, DWORD StorePlaceRVA, ULONG_PTR FileMapVA)
{
@ -173,6 +177,7 @@ __declspec(dllexport) bool TITCALL RelocaterExportRelocation(ULONG_PTR StorePlac
RelocationData = NULL;
return false;
}
__declspec(dllexport) bool TITCALL RelocaterExportRelocationEx(char* szFileName, char* szSectionName)
{
@ -188,6 +193,7 @@ __declspec(dllexport) bool TITCALL RelocaterExportRelocationEx(char* szFileName,
return false;
}
}
__declspec(dllexport) bool TITCALL RelocaterExportRelocationExW(wchar_t* szFileName, char* szSectionName)
{
@ -226,6 +232,7 @@ __declspec(dllexport) bool TITCALL RelocaterExportRelocationExW(wchar_t* szFileN
return false;
}
}
__declspec(dllexport) bool TITCALL RelocaterGrabRelocationTable(HANDLE hProcess, ULONG_PTR MemoryStart, DWORD MemorySize)
{
@ -247,6 +254,7 @@ __declspec(dllexport) bool TITCALL RelocaterGrabRelocationTable(HANDLE hProcess,
}
return false;
}
__declspec(dllexport) bool TITCALL RelocaterGrabRelocationTableEx(HANDLE hProcess, ULONG_PTR MemoryStart, ULONG_PTR MemorySize, DWORD NtSizeOfImage)
{
@ -296,10 +304,12 @@ __declspec(dllexport) bool TITCALL RelocaterMakeSnapshot(HANDLE hProcess, char*
{
return(DumpMemory(hProcess, MemoryStart, MemorySize, szSaveFileName));
}
__declspec(dllexport) bool TITCALL RelocaterMakeSnapshotW(HANDLE hProcess, wchar_t* szSaveFileName, LPVOID MemoryStart, ULONG_PTR MemorySize)
{
return(DumpMemoryW(hProcess, MemoryStart, MemorySize, szSaveFileName));
}
__declspec(dllexport) bool TITCALL RelocaterCompareTwoSnapshots(HANDLE hProcess, ULONG_PTR LoadedImageBase, ULONG_PTR NtSizeOfImage, char* szDumpFile1, char* szDumpFile2, ULONG_PTR MemStart)
{
@ -317,6 +327,7 @@ __declspec(dllexport) bool TITCALL RelocaterCompareTwoSnapshots(HANDLE hProcess,
return false;
}
}
__declspec(dllexport) bool TITCALL RelocaterCompareTwoSnapshotsW(HANDLE hProcess, ULONG_PTR LoadedImageBase, ULONG_PTR NtSizeOfImage, wchar_t* szDumpFile1, wchar_t* szDumpFile2, ULONG_PTR MemStart)
{
@ -430,6 +441,7 @@ __declspec(dllexport) bool TITCALL RelocaterCompareTwoSnapshotsW(HANDLE hProcess
}
return false;
}
__declspec(dllexport) bool TITCALL RelocaterChangeFileBase(char* szFileName, ULONG_PTR NewImageBase)
{
@ -445,6 +457,7 @@ __declspec(dllexport) bool TITCALL RelocaterChangeFileBase(char* szFileName, ULO
return false;
}
}
__declspec(dllexport) bool TITCALL RelocaterChangeFileBaseW(wchar_t* szFileName, ULONG_PTR NewImageBase)
{
@ -604,6 +617,7 @@ __declspec(dllexport) bool TITCALL RelocaterChangeFileBaseW(wchar_t* szFileName,
RemoveGarbageItem(szBackupItem, true);
return false;
}
__declspec(dllexport) bool TITCALL RelocaterRelocateMemoryBlock(ULONG_PTR FileMapVA, ULONG_PTR MemoryLocation, void* RelocateMemory, DWORD RelocateMemorySize, ULONG_PTR CurrentLoadedBase, ULONG_PTR RelocateBase)
{
@ -710,6 +724,7 @@ __declspec(dllexport) bool TITCALL RelocaterRelocateMemoryBlock(ULONG_PTR FileMa
}
return false;
}
__declspec(dllexport) bool TITCALL RelocaterWipeRelocationTable(char* szFileName)
{
@ -725,6 +740,7 @@ __declspec(dllexport) bool TITCALL RelocaterWipeRelocationTable(char* szFileName
return false;
}
}
__declspec(dllexport) bool TITCALL RelocaterWipeRelocationTableW(wchar_t* szFileName)
{

3
TitanEngine/TitanEngine.TranslateName.cpp
View File

@ -4,7 +4,6 @@
// TitanEngine.TranslateName.functions:
__declspec(dllexport) void* TITCALL TranslateNativeName(char* szNativeName)
{
void* TranslatedName = VirtualAlloc(NULL, 0x1000, MEM_COMMIT, PAGE_READWRITE); //pointer is returned
char szDeviceName[3] = "A:";
char szDeviceCOMName[5] = "COM0";
@ -47,9 +46,9 @@ __declspec(dllexport) void* TITCALL TranslateNativeName(char* szNativeName)
VirtualFree(TranslatedName, NULL, MEM_RELEASE);
return(NULL);
}
__declspec(dllexport) void* TITCALL TranslateNativeNameW(wchar_t* szNativeName)
{
void* TranslatedName = VirtualAlloc(NULL, 0x1000, MEM_COMMIT, PAGE_READWRITE); //pointer is returned
wchar_t szDeviceName[3] = L"A:";
wchar_t szDeviceCOMName[5] = L"COM0";