mirror of https://github.com/x64dbg/TitanEngine
- fixed bugs with VirtualProtectEx (incorrect protection was restored)
This commit is contained in:
parent
f39b2a5d6b
commit
89558df3db
Binary file not shown.
Binary file not shown.
Binary file not shown.
|
|
@ -188,6 +188,8 @@ unsigned long Crc32Table[256];
|
|||
#define UE_MODULEx86 0x2000;
|
||||
#define UE_MODULEx64 0x2000;
|
||||
|
||||
|
||||
|
||||
// Global.Handle.functions:
|
||||
bool EngineCloseHandle(HANDLE myHandle)
|
||||
{
|
||||
|
|
@ -12697,18 +12699,18 @@ __declspec(dllexport) bool EnableBPX(ULONG_PTR bpxAddress)
|
|||
if(testWrite)
|
||||
{
|
||||
BreakPointBuffer[i].BreakPointActive = UE_BPXACTIVE;
|
||||
VirtualProtectEx(dbgProcessInformation.hProcess, (LPVOID)bpxAddress, BreakPointBuffer[i].BreakPointSize, MemInfo.AllocationProtect, &OldProtect);
|
||||
VirtualProtectEx(dbgProcessInformation.hProcess, (LPVOID)bpxAddress, BreakPointBuffer[i].BreakPointSize, OldProtect, &OldProtect);
|
||||
return(true);
|
||||
}
|
||||
else
|
||||
{
|
||||
VirtualProtectEx(dbgProcessInformation.hProcess, (LPVOID)bpxAddress, BreakPointBuffer[i].BreakPointSize, MemInfo.AllocationProtect, &OldProtect);
|
||||
VirtualProtectEx(dbgProcessInformation.hProcess, (LPVOID)bpxAddress, BreakPointBuffer[i].BreakPointSize, OldProtect, &OldProtect);
|
||||
return(false);
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
VirtualProtectEx(dbgProcessInformation.hProcess, (LPVOID)bpxAddress, BreakPointBuffer[i].BreakPointSize, MemInfo.AllocationProtect, &OldProtect);
|
||||
VirtualProtectEx(dbgProcessInformation.hProcess, (LPVOID)bpxAddress, BreakPointBuffer[i].BreakPointSize, OldProtect, &OldProtect);
|
||||
return(false);
|
||||
}
|
||||
}
|
||||
|
|
@ -12736,18 +12738,18 @@ __declspec(dllexport) bool DisableBPX(ULONG_PTR bpxAddress)
|
|||
if(WriteProcessMemory(dbgProcessInformation.hProcess, (LPVOID)bpxAddress, &BreakPointBuffer[i].OriginalByte[0], BreakPointBuffer[i].BreakPointSize, &NumberOfBytesReadWritten))
|
||||
{
|
||||
BreakPointBuffer[i].BreakPointActive = UE_BPXINACTIVE;
|
||||
VirtualProtectEx(dbgProcessInformation.hProcess, (LPVOID)bpxAddress, BreakPointBuffer[i].BreakPointSize, MemInfo.AllocationProtect, &OldProtect);
|
||||
VirtualProtectEx(dbgProcessInformation.hProcess, (LPVOID)bpxAddress, BreakPointBuffer[i].BreakPointSize, OldProtect, &OldProtect);
|
||||
return(true);
|
||||
}
|
||||
else
|
||||
{
|
||||
VirtualProtectEx(dbgProcessInformation.hProcess, (LPVOID)bpxAddress, BreakPointBuffer[i].BreakPointSize, MemInfo.AllocationProtect, &OldProtect);
|
||||
VirtualProtectEx(dbgProcessInformation.hProcess, (LPVOID)bpxAddress, BreakPointBuffer[i].BreakPointSize, OldProtect, &OldProtect);
|
||||
return(false);
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
VirtualProtectEx(dbgProcessInformation.hProcess, (LPVOID)bpxAddress, BreakPointBuffer[i].BreakPointSize, MemInfo.AllocationProtect, &OldProtect);
|
||||
VirtualProtectEx(dbgProcessInformation.hProcess, (LPVOID)bpxAddress, BreakPointBuffer[i].BreakPointSize, OldProtect, &OldProtect);
|
||||
return(false);
|
||||
}
|
||||
}
|
||||
|
|
@ -12857,24 +12859,24 @@ __declspec(dllexport) bool SetBPX(ULONG_PTR bpxAddress, DWORD bpxType, LPVOID bp
|
|||
BreakPointBuffer[i].BreakPointType = (BYTE)bpxType;
|
||||
BreakPointBuffer[i].NumberOfExecutions = -1;
|
||||
BreakPointBuffer[i].ExecuteCallBack = (ULONG_PTR)bpxCallBack;
|
||||
VirtualProtectEx(dbgProcessInformation.hProcess, (LPVOID)bpxAddress, BreakPointBuffer[i].BreakPointSize, MemInfo.AllocationProtect, &OldProtect);
|
||||
VirtualProtectEx(dbgProcessInformation.hProcess, (LPVOID)bpxAddress, BreakPointBuffer[i].BreakPointSize, OldProtect, &OldProtect);
|
||||
return(true);
|
||||
}
|
||||
else
|
||||
{
|
||||
VirtualProtectEx(dbgProcessInformation.hProcess, (LPVOID)bpxAddress, BreakPointBuffer[i].BreakPointSize, MemInfo.AllocationProtect, &OldProtect);
|
||||
VirtualProtectEx(dbgProcessInformation.hProcess, (LPVOID)bpxAddress, BreakPointBuffer[i].BreakPointSize, OldProtect, &OldProtect);
|
||||
return(false);
|
||||
}
|
||||
/*}
|
||||
else
|
||||
{
|
||||
VirtualProtectEx(dbgProcessInformation.hProcess, (LPVOID)bpxAddress, BreakPointBuffer[i].BreakPointSize, MemInfo.AllocationProtect, &OldProtect);
|
||||
VirtualProtectEx(dbgProcessInformation.hProcess, (LPVOID)bpxAddress, BreakPointBuffer[i].BreakPointSize, OldProtect, &OldProtect);
|
||||
return(false);
|
||||
}*/
|
||||
}
|
||||
else
|
||||
{
|
||||
VirtualProtectEx(dbgProcessInformation.hProcess, (LPVOID)bpxAddress, BreakPointBuffer[i].BreakPointSize, MemInfo.AllocationProtect, &OldProtect);
|
||||
VirtualProtectEx(dbgProcessInformation.hProcess, (LPVOID)bpxAddress, BreakPointBuffer[i].BreakPointSize, OldProtect, &OldProtect);
|
||||
return(false);
|
||||
}
|
||||
}
|
||||
|
|
@ -12992,24 +12994,24 @@ __declspec(dllexport) bool SetBPXEx(ULONG_PTR bpxAddress, DWORD bpxType, DWORD N
|
|||
BreakPointBuffer[i].ExecuteCallBack = (ULONG_PTR)bpxCallBack;
|
||||
BreakPointBuffer[i].RemoveCallBack = (ULONG_PTR)bpxRemoveCallBack;
|
||||
BreakPointBuffer[i].CompareCallBack = (ULONG_PTR)bpxCompareCallBack;
|
||||
VirtualProtectEx(dbgProcessInformation.hProcess, (LPVOID)bpxAddress, BreakPointBuffer[i].BreakPointSize, MemInfo.AllocationProtect, &OldProtect);
|
||||
VirtualProtectEx(dbgProcessInformation.hProcess, (LPVOID)bpxAddress, BreakPointBuffer[i].BreakPointSize, OldProtect, &OldProtect);
|
||||
return(true);
|
||||
}
|
||||
else
|
||||
{
|
||||
VirtualProtectEx(dbgProcessInformation.hProcess, (LPVOID)bpxAddress, BreakPointBuffer[i].BreakPointSize, MemInfo.AllocationProtect, &OldProtect);
|
||||
VirtualProtectEx(dbgProcessInformation.hProcess, (LPVOID)bpxAddress, BreakPointBuffer[i].BreakPointSize, OldProtect, &OldProtect);
|
||||
return(false);
|
||||
}
|
||||
/*}
|
||||
else
|
||||
{
|
||||
VirtualProtectEx(dbgProcessInformation.hProcess, (LPVOID)bpxAddress, BreakPointBuffer[i].BreakPointSize, MemInfo.AllocationProtect, &OldProtect);
|
||||
VirtualProtectEx(dbgProcessInformation.hProcess, (LPVOID)bpxAddress, BreakPointBuffer[i].BreakPointSize, OldProtect, &OldProtect);
|
||||
return(false);
|
||||
}*/
|
||||
}
|
||||
else
|
||||
{
|
||||
VirtualProtectEx(dbgProcessInformation.hProcess, (LPVOID)bpxAddress, BreakPointBuffer[i].BreakPointSize, MemInfo.AllocationProtect, &OldProtect);
|
||||
VirtualProtectEx(dbgProcessInformation.hProcess, (LPVOID)bpxAddress, BreakPointBuffer[i].BreakPointSize, OldProtect, &OldProtect);
|
||||
return(false);
|
||||
}
|
||||
}
|
||||
|
|
@ -13051,7 +13053,7 @@ __declspec(dllexport) bool DeleteBPX(ULONG_PTR bpxAddress)
|
|||
{
|
||||
if(WriteProcessMemory(dbgProcessInformation.hProcess, (LPVOID)bpxAddress, &BreakPointBuffer[i].OriginalByte[0], BreakPointBuffer[i].BreakPointSize, &NumberOfBytesReadWritten))
|
||||
{
|
||||
VirtualProtectEx(dbgProcessInformation.hProcess, (LPVOID)bpxAddress, BreakPointBuffer[i].BreakPointSize, MemInfo.AllocationProtect, &OldProtect);
|
||||
VirtualProtectEx(dbgProcessInformation.hProcess, (LPVOID)bpxAddress, BreakPointBuffer[i].BreakPointSize, OldProtect, &OldProtect);
|
||||
if(BreakPointBuffer[i].RemoveCallBack != NULL)
|
||||
{
|
||||
__try
|
||||
|
|
@ -13074,7 +13076,7 @@ __declspec(dllexport) bool DeleteBPX(ULONG_PTR bpxAddress)
|
|||
}
|
||||
else
|
||||
{
|
||||
VirtualProtectEx(dbgProcessInformation.hProcess, (LPVOID)bpxAddress, BreakPointBuffer[i].BreakPointSize, MemInfo.AllocationProtect, &OldProtect);
|
||||
VirtualProtectEx(dbgProcessInformation.hProcess, (LPVOID)bpxAddress, BreakPointBuffer[i].BreakPointSize, OldProtect, &OldProtect);
|
||||
return(false);
|
||||
}
|
||||
}
|
||||
|
|
@ -13086,7 +13088,7 @@ __declspec(dllexport) bool DeleteBPX(ULONG_PTR bpxAddress)
|
|||
}
|
||||
else
|
||||
{
|
||||
VirtualProtectEx(dbgProcessInformation.hProcess, (LPVOID)bpxAddress, BreakPointBuffer[i].BreakPointSize, MemInfo.AllocationProtect, &OldProtect);
|
||||
VirtualProtectEx(dbgProcessInformation.hProcess, (LPVOID)bpxAddress, BreakPointBuffer[i].BreakPointSize, OldProtect, &OldProtect);
|
||||
return(false);
|
||||
}
|
||||
}
|
||||
|
|
@ -14458,7 +14460,7 @@ __declspec(dllexport) bool FillEx(HANDLE hProcess, LPVOID MemoryStart, DWORD Mem
|
|||
WriteProcessMemory(hProcess, MemoryStart, FillByte, 1, &ueNumberOfBytesRead);
|
||||
MemoryStart = (LPVOID)((ULONG_PTR)MemoryStart + 1);
|
||||
}
|
||||
VirtualProtectEx(hProcess, MemoryStart, MemorySize, MemInfo.AllocationProtect, &OldProtect);
|
||||
VirtualProtectEx(hProcess, MemoryStart, MemorySize, OldProtect, &OldProtect);
|
||||
return(true);
|
||||
}
|
||||
return(false);
|
||||
|
|
@ -14523,7 +14525,7 @@ __declspec(dllexport) bool PatchEx(HANDLE hProcess, LPVOID MemoryStart, DWORD Me
|
|||
{
|
||||
WriteProcessMemory(hProcess, MemoryStart, ReplacePattern, ReplaceSize, &ueNumberOfBytesRead);
|
||||
}
|
||||
VirtualProtectEx(hProcess, MemoryStart, MemorySize, MemInfo.AllocationProtect, &OldProtect);
|
||||
VirtualProtectEx(hProcess, MemoryStart, MemorySize, OldProtect, &OldProtect);
|
||||
return(true);
|
||||
}
|
||||
return(false);
|
||||
|
|
@ -17035,7 +17037,8 @@ __declspec(dllexport) void DebugLoop()
|
|||
#endif
|
||||
SetThreadContext(hActiveThread, &myDBGContext);
|
||||
EngineCloseHandle(hActiveThread);
|
||||
VirtualProtectEx(dbgProcessInformation.hProcess, (LPVOID)BreakPointBuffer[MaximumBreakPoints].BreakPointAddress, BreakPointBuffer[MaximumBreakPoints].BreakPointSize, MemInfo.AllocationProtect, &OldProtect);
|
||||
//TODO fixed
|
||||
VirtualProtectEx(dbgProcessInformation.hProcess, (LPVOID)BreakPointBuffer[MaximumBreakPoints].BreakPointAddress, BreakPointBuffer[MaximumBreakPoints].BreakPointSize, OldProtect, &OldProtect);
|
||||
myCustomBreakPoint = (fCustomBreakPoint)((LPVOID)BreakPointBuffer[MaximumBreakPoints].ExecuteCallBack);
|
||||
if(BreakPointBuffer[MaximumBreakPoints].NumberOfExecutions != -1 && BreakPointBuffer[MaximumBreakPoints].NumberOfExecutions != 0)
|
||||
{
|
||||
|
|
@ -17182,13 +17185,15 @@ __declspec(dllexport) void DebugLoop()
|
|||
}
|
||||
else
|
||||
{
|
||||
VirtualProtectEx(dbgProcessInformation.hProcess, (LPVOID)BreakPointBuffer[MaximumBreakPoints].BreakPointAddress, BreakPointBuffer[MaximumBreakPoints].BreakPointSize, MemInfo.AllocationProtect, &OldProtect);
|
||||
//TODO fixed
|
||||
VirtualProtectEx(dbgProcessInformation.hProcess, (LPVOID)BreakPointBuffer[MaximumBreakPoints].BreakPointAddress, BreakPointBuffer[MaximumBreakPoints].BreakPointSize, OldProtect, &OldProtect);
|
||||
DBGCode = DBG_CONTINUE;
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
VirtualProtectEx(dbgProcessInformation.hProcess, (LPVOID)BreakPointBuffer[MaximumBreakPoints].BreakPointAddress, BreakPointBuffer[MaximumBreakPoints].BreakPointSize, MemInfo.AllocationProtect, &OldProtect);
|
||||
//TODO fixed
|
||||
VirtualProtectEx(dbgProcessInformation.hProcess, (LPVOID)BreakPointBuffer[MaximumBreakPoints].BreakPointAddress, BreakPointBuffer[MaximumBreakPoints].BreakPointSize, OldProtect, &OldProtect);
|
||||
DBGCode = DBG_EXCEPTION_NOT_HANDLED;
|
||||
}
|
||||
}
|
||||
|
|
@ -17410,7 +17415,6 @@ __declspec(dllexport) void DebugLoop()
|
|||
}
|
||||
else
|
||||
{
|
||||
//TODO: everytingelkse
|
||||
DBGCode = DBG_EXCEPTION_NOT_HANDLED;
|
||||
}
|
||||
}
|
||||
|
|
@ -17562,6 +17566,9 @@ __declspec(dllexport) void DebugLoop()
|
|||
DBGCustomHandler->chPageGuard = NULL;
|
||||
}
|
||||
}*/
|
||||
char temp[20]="";
|
||||
sprintf(temp, "%X", (unsigned int)DBGEvent.u.Exception.ExceptionRecord.ExceptionAddress);
|
||||
MessageBoxA(0,temp,0,0);
|
||||
MemoryBpxFound = false;
|
||||
MaximumBreakPoints = 0;
|
||||
for(MaximumBreakPoints = 0; MaximumBreakPoints < BreakPointSetCount; MaximumBreakPoints++)
|
||||
|
|
@ -17765,7 +17772,8 @@ __declspec(dllexport) void DebugLoop()
|
|||
}
|
||||
SetThreadContext(hActiveThread, &myDBGContext);
|
||||
EngineCloseHandle(hActiveThread);
|
||||
VirtualProtectEx(dbgProcessInformation.hProcess, (LPVOID)BreakPointBuffer[MaximumBreakPoints].BreakPointAddress, BreakPointBuffer[MaximumBreakPoints].BreakPointSize, MemInfo.AllocationProtect, &OldProtect);
|
||||
//TODO fixed
|
||||
VirtualProtectEx(dbgProcessInformation.hProcess, (LPVOID)BreakPointBuffer[MaximumBreakPoints].BreakPointAddress, BreakPointBuffer[MaximumBreakPoints].BreakPointSize, OldProtect, &OldProtect);
|
||||
myCustomBreakPoint = (fCustomBreakPoint)((LPVOID)BreakPointBuffer[MaximumBreakPoints].ExecuteCallBack);
|
||||
if(BreakPointBuffer[MaximumBreakPoints].NumberOfExecutions != -1 && BreakPointBuffer[MaximumBreakPoints].NumberOfExecutions != 0)
|
||||
{
|
||||
|
|
@ -17912,13 +17920,15 @@ __declspec(dllexport) void DebugLoop()
|
|||
}
|
||||
else
|
||||
{
|
||||
VirtualProtectEx(dbgProcessInformation.hProcess, (LPVOID)BreakPointBuffer[MaximumBreakPoints].BreakPointAddress, BreakPointBuffer[MaximumBreakPoints].BreakPointSize, MemInfo.AllocationProtect, &OldProtect);
|
||||
//TODO fixed
|
||||
VirtualProtectEx(dbgProcessInformation.hProcess, (LPVOID)BreakPointBuffer[MaximumBreakPoints].BreakPointAddress, BreakPointBuffer[MaximumBreakPoints].BreakPointSize, OldProtect, &OldProtect);
|
||||
DBGCode = DBG_CONTINUE;
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
VirtualProtectEx(dbgProcessInformation.hProcess, (LPVOID)BreakPointBuffer[MaximumBreakPoints].BreakPointAddress, BreakPointBuffer[MaximumBreakPoints].BreakPointSize, MemInfo.AllocationProtect, &OldProtect);
|
||||
//TODO fixed
|
||||
VirtualProtectEx(dbgProcessInformation.hProcess, (LPVOID)BreakPointBuffer[MaximumBreakPoints].BreakPointAddress, BreakPointBuffer[MaximumBreakPoints].BreakPointSize, OldProtect, &OldProtect);
|
||||
DBGCode = DBG_EXCEPTION_NOT_HANDLED;
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -8,11 +8,9 @@ bool RemoveGarbageItem(wchar_t* szGarbageItem, bool RemoveFolder);
|
|||
bool FillGarbageItem(wchar_t* szGarbageItem, wchar_t* szFileName, void* outGargabeItem, int MaxGargabeStringSize);
|
||||
void EmptyGarbage();
|
||||
|
||||
#if !defined (_WIN64)
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif /*__cplusplus*/
|
||||
#endif
|
||||
|
||||
// TitanEngine.Dumper.functions:
|
||||
__declspec(dllexport) bool DumpProcess(HANDLE hProcess, LPVOID ImageBase, char* szDumpFileName, ULONG_PTR EntryPoint);
|
||||
|
|
@ -74,6 +72,7 @@ __declspec(dllexport) bool SetPE32Data(char* szFileName, DWORD WhichSection, DWO
|
|||
__declspec(dllexport) bool SetPE32DataW(wchar_t* szFileName, DWORD WhichSection, DWORD WhichData, ULONG_PTR NewDataValue);
|
||||
__declspec(dllexport) bool SetPE32DataForMappedFileEx(ULONG_PTR FileMapVA, LPVOID DataStorage);
|
||||
__declspec(dllexport) bool SetPE32DataEx(char* szFileName, LPVOID DataStorage);
|
||||
__declspec(dllexport) bool SetPE32DataExW(wchar_t* szFileName, LPVOID DataStorage);
|
||||
__declspec(dllexport) long GetPE32SectionNumberFromVA(ULONG_PTR FileMapVA, ULONG_PTR AddressToConvert);
|
||||
__declspec(dllexport) long long ConvertVAtoFileOffset(ULONG_PTR FileMapVA, ULONG_PTR AddressToConvert, bool ReturnType);
|
||||
__declspec(dllexport) long long ConvertVAtoFileOffsetEx(ULONG_PTR FileMapVA, DWORD FileSize, ULONG_PTR ImageBase, ULONG_PTR AddressToConvert, bool AddressIsRVA, bool ReturnType);
|
||||
|
|
@ -155,7 +154,7 @@ __declspec(dllexport) bool ThreaderIsExceptionInMainThread();
|
|||
// TitanEngine.Debugger.functions:
|
||||
__declspec(dllexport) void* StaticDisassembleEx(ULONG_PTR DisassmStart, LPVOID DisassmAddress);
|
||||
__declspec(dllexport) void* StaticDisassemble(LPVOID DisassmAddress);
|
||||
__declspec(dllexport) void* DisassembleEx(HANDLE hProcess, LPVOID DisassmAddress);
|
||||
__declspec(dllexport) void* DisassembleEx(HANDLE hProcess, LPVOID DisassmAddress, bool ReturnInstructionType);
|
||||
__declspec(dllexport) void* Disassemble(LPVOID DisassmAddress);
|
||||
__declspec(dllexport) long StaticLengthDisassemble(LPVOID DisassmAddress);
|
||||
__declspec(dllexport) long LengthDisassembleEx(HANDLE hProcess, LPVOID DisassmAddress);
|
||||
|
|
@ -271,6 +270,7 @@ __declspec(dllexport) long long ImporterGetAPIOrdinalNumberFromDebugee(HANDLE hP
|
|||
__declspec(dllexport) long ImporterGetDLLIndexEx(ULONG_PTR APIAddress, ULONG_PTR DLLBasesList);
|
||||
__declspec(dllexport) long ImporterGetDLLIndex(HANDLE hProcess, ULONG_PTR APIAddress, ULONG_PTR DLLBasesList);
|
||||
__declspec(dllexport) long long ImporterGetRemoteDLLBase(HANDLE hProcess, HMODULE LocalModuleBase);
|
||||
__declspec(dllexport) long long ImporterGetRemoteDLLBaseEx(HANDLE hProcess, char* szModuleName);
|
||||
__declspec(dllexport) bool ImporterRelocateWriteLocation(ULONG_PTR AddValue);
|
||||
__declspec(dllexport) bool ImporterIsForwardedAPI(HANDLE hProcess, ULONG_PTR APIAddress);
|
||||
__declspec(dllexport) void* ImporterGetForwardedAPIName(HANDLE hProcess, ULONG_PTR APIAddress);
|
||||
|
|
@ -441,8 +441,6 @@ __declspec(dllexport) bool ExtensionManagerUnloadAllPlugins();
|
|||
__declspec(dllexport) bool ExtensionManagerUnloadPlugin(char* szPluginName);
|
||||
__declspec(dllexport) void* ExtensionManagerGetPluginInfo(char* szPluginName);
|
||||
|
||||
#if !defined (_WIN64)
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif /*__cplusplus*/
|
||||
#endif
|
||||
|
|
|
|||
|
|
@ -3,6 +3,3 @@
|
|||
// stdafx.obj will contain the pre-compiled type information
|
||||
|
||||
#include "stdafx.h"
|
||||
|
||||
// TODO: reference any additional headers you need in STDAFX.H
|
||||
// and not in this file
|
||||
|
|
|
|||
Binary file not shown.
Binary file not shown.
Binary file not shown.
Loading…
Reference in New Issue