x64dbg/x64dbg
x64dbg
/
x64dbg
1
0
Fork 0
Code Releases 2 Activity

PROJECT: updated help (plugin functions documented now) 

DBG: added the 'xor' command
DBG: added a CMDRESULT (for scripts only)
DBG: added dwThreadId to PLUG_CB_CREATETHREAD
DBG: fully escape debug strings
DBG: fixed the 'mov' command (mov newvar,value wouldnt work)
DBG: added 'call' to the script (works 100% like ODBGScript)
DBG: fixed a bug with comments after a command
DBG: added a 'pause' command to the script
DBG: fixed a bug with script commands not waiting for the debugger to be paused again
This commit is contained in:
mr.exodia 2014-03-24 21:39:43 +01:00
parent fda377a057
commit a1cb43657a
25 changed files with 497 additions and 137 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
help/Callbacks.htm
View File

@ -41,9 +41,11 @@ fdProcessInfo;<BR>};</P>
<P>struct
<STRONG>PLUG_CB_CREATETHREAD<BR></STRONG>{<BR>&nbsp;&nbsp;&nbsp;
<STRONG>CREATE_THREAD_DEBUG_INFO*</STRONG>
CreateThread;<BR>};</P>
CreateThread;<BR>&nbsp;&nbsp;&nbsp; <STRONG>DWORD</STRONG>
dwThreadId;<BR>};</P>
<P>struct <STRONG> PLUG_CB_EXITTHREAD<BR></STRONG>{<BR>&nbsp;&nbsp;&nbsp; <STRONG>EXIT_THREAD_DEBUG_INFO*</STRONG>
ExitThread;<BR>};</P>
ExitThread;<BR>&nbsp;&nbsp;&nbsp; <STRONG>DWORD</STRONG>
dwThreadId;<BR>};</P>
<P>struct <STRONG>
PLUG_CB_SYSTEMBREAKPOINT<BR></STRONG>{<BR>&nbsp;&nbsp;&nbsp;
<STRONG>void*</STRONG> reserved;<BR>};</P>
@ -72,4 +74,9 @@ DebugString;<BR>};</P>
<P>struct <STRONG> PLUG_CB_STEPPED<BR></STRONG>{<BR>&nbsp;&nbsp;&nbsp;
<STRONG>void*</STRONG>
reserved;<BR>};</P>
<P>&nbsp;</P></body>
<P>struct
<STRONG>PLUG_CB_ATTACH<BR></STRONG>{<BR>&nbsp;&nbsp;&nbsp;
<STRONG>DWORD</STRONG> dwProcessId;<BR>};</P>
<P>struct
<STRONG>PLUG_CB_DETACH<BR></STRONG>{<BR>&nbsp;&nbsp;&nbsp;
<STRONG>PROCESS_INFORMATION*</STRONG> fdProcessInfo;<BR>};</P></BODY></HTML>

22
help/Jxx_IFxx.htm
View File

@ -21,24 +21,28 @@ other)&nbsp;command(s):</P>
<UL>
<LI>
<DIV>uncondentional branch &nbsp; -
<U>jmp/goto</U></DIV></LI>
<DIV>
<U>jmp/goto</U></DIV>
<DIV></DIV>
<LI>
<DIV>branch if not equal&nbsp;&nbsp; &nbsp; -
<U>jne/ifne(q)/jnz/ifnz</U></DIV></LI>
<U>jne/ifne(q)/jnz/ifnz</U></DIV>
<LI>
<DIV>branch if equal&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
&nbsp; - <U>je/ife(q)/jz/ifz</U></DIV></LI>
&nbsp; - <U>je/ife(q)/jz/ifz</U></DIV>
<LI>
<DIV>branch if smaller&nbsp;&nbsp;&nbsp;&nbsp; &nbsp; -
<U>jb/ifb/jl/ifl</U></DIV></LI>
<U>jb/ifb/jl/ifl</U></DIV>
<LI>
<DIV>branch if bigger&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &nbsp;
- <U>ja/ifa/jg/ifg</U></DIV></LI></DIV>
- <U>ja/ifa/jg/ifg</U></DIV>
<DIV></DIV>
<LI>
<DIV>branch if bigger/equal&nbsp; -
<U>jbe/ifbe(q)/jle/ifle(q)</U></DIV></LI>
<U>jbe/ifbe(q)/jle/ifle(q)</U></DIV>
<LI>
<DIV>branch if smaller/equal -
<U>jae/ifae(q)/jge/ifge(q)</U></DIV></LI></UL></body>
</html>
<U>jae/ifae(q)/jge/ifge(q)</U></DIV></LI></UL>
<P class=rvps3><SPAN class=rvts11><U>arguments </U><BR></SPAN><SPAN
class=rvts9>&nbsp; arg1: The label to jump to.</SPAN></P>
<P class=rvps3><SPAN class=rvts11><U>result <BR></U></SPAN><SPAN class=rvts9>This command does not set any result variables.</SPAN>
</P></body>

8
help/Script_Commands.htm
View File

@ -15,7 +15,7 @@ html,body {
</head>
<body>
<P><STRONG>Script Commands<BR></STRONG>This section
contains various commands that are only used or available in a scripting
context.</P></body>
</html>
<P><STRONG>Script Commands<BR></STRONG>This section contains various commands that are
only used or available in
a scripting context. Commands that also exist in a non-scripting context have
priority.</P></body>

32
help/_plugin_debugpause.htm Normal file
View File

@ -0,0 +1,32 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>_plugin_debugpause</title>
<meta name="GENERATOR" content="WinCHM">
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<style>
html,body {
/* Default Font */
font-family: Courier New;
font-size: 11pt;
}
</style>
</head>
<body>
<P><STRONG>_plugin_debugpause<BR></STRONG>This function
returns debugger control to the user. You would use this function when you write
an unpacker that needs support from x64_dbg (for example in development).
Calling this function will set the debug state to 'paused' and it will not
return until the user runs the debuggee using the 'run' command.</P>
<P><STRONG>void
_plugin_debugpause();</STRONG></P>
<P><STRONG>Parameters</STRONG> </P>
<P>This function has no parameters.</P>
<P>
<STRONG>Return Values</STRONG>
<BR >
This function does not return a value.
</P></body>

33
help/_plugin_logprintf.htm Normal file
View File

@ -0,0 +1,33 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>_plugin_logprintf</title>
<meta name="GENERATOR" content="WinCHM">
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<style>
html,body {
/* Default Font */
font-family: Courier New;
font-size: 11pt;
}
</style>
</head>
<body>
<P><STRONG>_plugin_logprintf</STRONG><BR>This function
prints a message to the log window.</P>
<P><STRONG>void
_plugin_logprintf(<BR>
const char* </STRONG>format<STRONG>, </STRONG> //format
string<BR><STRONG>... </STRONG>//additional arguments<BR><STRONG>);</STRONG>
</P>
<P><STRONG>Parameters</STRONG>
</P>
<P><U>format</U>: Format string that has
the same specifications as printf.
</P>
<P><U>...</U> : Additional arguments (when
needed by the format string).
</P>
<P><STRONG>Return Values</STRONG><BR>This function does not return a value. </P></body></HTML>

26
help/_plugin_logputs.htm Normal file
View File

@ -0,0 +1,26 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>_plugin_logputs</title>
<meta name="GENERATOR" content="WinCHM">
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<style>
html,body {
/* Default Font */
font-family: Courier New;
font-size: 11pt;
}
</style>
</head>
<body>
<P><STRONG>_plugin_logputs</STRONG><BR>This function prints
a single line to the log window.</P>
<P><STRONG>void _plugin_logputs(<BR>const char*
</STRONG>text //text to print<BR><STRONG>);</STRONG>
</P><P> <STRONG>Parameters</STRONG>
</P> <P><U>text</U>: Piece of text to put to
the log window. This text can
contain line breaks.</P>
<P><STRONG>Return Values</STRONG><BR>This function does not return a value. </P></body>

8
help/_plugin_registercallback.htm
View File

@ -55,8 +55,10 @@ PLUG_CB_EXCEPTION*<BR>&nbsp;&nbsp;&nbsp; CB_BREAKPOINT, //callbackInfo:
PLUG_CB_BREAKPOINT*<BR>&nbsp;&nbsp;&nbsp; CB_PAUSEDEBUG, //callbackInfo:
PLUG_CB_PAUSEDEBUG*<BR>&nbsp;&nbsp;&nbsp;
CB_RESUMEDEBUG, //callbackInfo:
PLUG_CB_RESUMEDEBUG*<BR>&nbsp;&nbsp;&nbsp; CB_STEPPED //callbackInfo:
PLUG_CB_STEPPED*
PLUG_CB_RESUMEDEBUG*<BR>&nbsp;&nbsp;&nbsp; CB_STEPPED,
//callbackInfo: PLUG_CB_STEPPED* <BR>&nbsp;&nbsp;&nbsp; CB_ATTACH,
//callbackInfo: PLUG_CB_ATTACHED*<BR>&nbsp;&nbsp;&nbsp; CB_DETACH&nbsp; //callbackInfo:
PLUG_CB_DETACHED*
</P>
@ -76,4 +78,4 @@ return a value.
</P></body>
</P></body>

7
help/_plugin_unregistercallback.htm
View File

@ -51,11 +51,12 @@ CB_OUTPUTDEBUGSTRING,<BR>
CB_BREAKPOINT,<BR>
&nbsp;&nbsp;&nbsp; CB_PAUSEDEBUG,
<BR>
&nbsp;&nbsp;&nbsp; CB_RESUMEDEBUG,<BR> &nbsp;&nbsp;&nbsp;
CB_STEPPED
&nbsp;&nbsp;&nbsp; CB_RESUMEDEBUG,<BR>&nbsp;&nbsp;&nbsp; CB_STEPPED,<BR>&nbsp;&nbsp;&nbsp;
CB_ATTACH,<BR> &nbsp;&nbsp;&nbsp;
CB_DETACH
</P>
<P><STRONG>Return Values<BR></STRONG>This function returns
true when the callback was removed without problems.
</P></head>
</P></body></HTML>

28
help/call.htm Normal file
View File

@ -0,0 +1,28 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>call</title>
<meta name="GENERATOR" content="WinCHM">
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<style>
html,body {
/* Default Font */
font-family: Courier New;
font-size: 11pt;
}
</style>
</head>
<body>
<P><STRONG>call<BR></STRONG>A call works exactly the same as an uncondentional
branch, but it places it's address on the script stack.</P>
<P class=rvps3><SPAN class=rvts11><U>arguments </U><BR></SPAN><SPAN
class=rvts9>&nbsp;&nbsp;arg1: The label to jump
to.</SPAN></P>
<P class=rvps3><SPAN class=rvts11>
<U>
result
<BR></U></SPAN>
<SPAN class=rvts9>This command does not set any result variables.</SPAN>
</P></body>

23
help/invalid.htm Normal file
View File

@ -0,0 +1,23 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>invalid</title>
<meta name="GENERATOR" content="WinCHM">
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<style>
html,body {
/* Default Font */
font-family: Courier New;
font-size: 11pt;
}
</style>
</head>
<body>
<P><STRONG>invalid</STRONG><BR>Invalid command to throw an error message. This command will halt the
script execution.</P>
<P class=rvps3><SPAN class=rvts11><U>arguments </U><BR></SPAN><SPAN
class=rvts9>This command has no arguments. </SPAN></P>
<P class=rvps3><SPAN class=rvts11><U>result <BR></U></SPAN><SPAN class=rvts9>This command does not set any result variables.</SPAN>
</P></body>

4
help/msg.htm
View File

@ -18,5 +18,5 @@ html,body {
<P><STRONG>msg</STRONG><BR>Display a message
box.</P>
<P><U>arguments<BR></U>&nbsp;arg1: Message box text.</P>
<P><U>result<BR></U>This command does not set any
variables.</P></body>
<P><U>result<BR></U>This command does not set any result
variables.</P></body>

34
help/pause_script.htm Normal file
View File

@ -0,0 +1,34 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>pause</title>
<meta name="GENERATOR" content="WinCHM">
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<style>
html,body {
/* Default Font */
font-family: Courier New;
font-size: 11pt;
}
</style>
</head>
<body>
<P><STRONG>pause<BR></STRONG>Halt the script execution. The
user can resume the script after this command.</P>
<P class=rvps3>
<SPAN class=rvts11>
<U>
arguments
</U>
<BR>
</SPAN>
<SPAN class=rvts9 >
This command has no arguments.</SPAN></P>
<P class=rvps3 >
<SPAN class=rvts11>
<U>result<BR>
</U></SPAN><SPAN class=rvts9>This command does not set any result variables.</SPAN></P></body>

25
help/ret.htm Normal file
View File

@ -0,0 +1,25 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>ret</title>
<meta name="GENERATOR" content="WinCHM">
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<style>
html,body {
/* Default Font */
font-family: Courier New;
font-size: 11pt;
}
</style>
</head>
<body>
<P><STRONG>ret</STRONG><BR>When called without an entry on
the stack, this command will end the script and set the script IP to the first
line. When 'call' was executed before, ret will return from that
call.</P>
<P class=rvps3><SPAN class=rvts11><U>arguments </U><BR></SPAN><SPAN
class=rvts9>This command has no arguments. </SPAN></P>
<P class=rvps3><SPAN class=rvts11><U>result <BR></U></SPAN><SPAN class=rvts9>This command does not set any result variables.</SPAN>
</P></body>

4
help/scriptload.htm
View File

@ -18,5 +18,5 @@ html,body {
<P><STRONG>scriptload<BR></STRONG>Load a script
file.</P>
<P><U>arguments<BR></U>&nbsp;arg1: Script file to load.</P>
<P><U>result<BR></U>This command does not set any
variables.</P></body>
<P><U>result<BR></U>This command does not set any result
variables.</P></body>

220
help/x64_dbg.wcp
View File

@ -96,7 +96,7 @@ Font=
DefaultTopic=Introduction.htm
[TOPICS]
TitleList=97
TitleList=102
TitleList.Title.0=Introduction
TitleList.Level.0=0
TitleList.Url.0=Introduction.htm
@ -155,7 +155,7 @@ TitleList.Status.5=0
TitleList.Keywords.5=
TitleList.ContextNumber.5=1040
TitleList.ApplyTemp.5=0
TitleList.Expanded.5=1
TitleList.Expanded.5=0
TitleList.Kind.5=0
TitleList.Title.6=InitDebug/initdbg/init
TitleList.Level.6=2
@ -305,7 +305,7 @@ TitleList.Status.20=0
TitleList.Keywords.20=
TitleList.ContextNumber.20=1019
TitleList.ApplyTemp.20=0
TitleList.Expanded.20=1
TitleList.Expanded.20=0
TitleList.Kind.20=0
TitleList.Title.21=bplist
TitleList.Level.21=2
@ -525,7 +525,7 @@ TitleList.Status.42=0
TitleList.Keywords.42=
TitleList.ContextNumber.42=1042
TitleList.ApplyTemp.42=0
TitleList.Expanded.42=0
TitleList.Expanded.42=1
TitleList.Kind.42=0
TitleList.Title.43=cmt/cmtset/commentset
TitleList.Level.43=2
@ -675,7 +675,7 @@ TitleList.Status.57=0
TitleList.Keywords.57=
TitleList.ContextNumber.57=1046
TitleList.ApplyTemp.57=0
TitleList.Expanded.57=1
TitleList.Expanded.57=0
TitleList.Kind.57=0
TitleList.Title.58=StartScylla/scylla/imprec
TitleList.Level.58=2
@ -695,7 +695,7 @@ TitleList.Status.59=0
TitleList.Keywords.59=
TitleList.ContextNumber.59=1073
TitleList.ApplyTemp.59=0
TitleList.Expanded.59=1
TitleList.Expanded.59=0
TitleList.Kind.59=0
TitleList.Title.60=cmp
TitleList.Level.60=2
@ -867,204 +867,254 @@ TitleList.ContextNumber.76=1080
TitleList.ApplyTemp.76=0
TitleList.Expanded.76=0
TitleList.Kind.76=0
TitleList.Title.77=Script Commands
TitleList.Level.77=1
TitleList.Url.77=Script_Commands.htm
TitleList.Title.77=xor
TitleList.Level.77=2
TitleList.Url.77=xor.htm
TitleList.Icon.77=0
TitleList.Status.77=0
TitleList.Keywords.77=
TitleList.ContextNumber.77=1070
TitleList.ContextNumber.77=1096
TitleList.ApplyTemp.77=0
TitleList.Expanded.77=1
TitleList.Expanded.77=0
TitleList.Kind.77=0
TitleList.Title.78=Jxx/IFxx
TitleList.Level.78=2
TitleList.Url.78=Jxx_IFxx.htm
TitleList.Title.78=Script Commands
TitleList.Level.78=1
TitleList.Url.78=Script_Commands.htm
TitleList.Icon.78=0
TitleList.Status.78=0
TitleList.Keywords.78=
TitleList.ContextNumber.78=1072
TitleList.ContextNumber.78=1070
TitleList.ApplyTemp.78=0
TitleList.Expanded.78=0
TitleList.Expanded.78=1
TitleList.Kind.78=0
TitleList.Title.79=scriptload
TitleList.Title.79=Jxx/IFxx
TitleList.Level.79=2
TitleList.Url.79=scriptload.htm
TitleList.Url.79=Jxx_IFxx.htm
TitleList.Icon.79=0
TitleList.Status.79=0
TitleList.Keywords.79=
TitleList.ContextNumber.79=1074
TitleList.ContextNumber.79=1072
TitleList.ApplyTemp.79=0
TitleList.Expanded.79=0
TitleList.Kind.79=0
TitleList.Title.80=msg
TitleList.Title.80=call
TitleList.Level.80=2
TitleList.Url.80=msg.htm
TitleList.Url.80=call.htm
TitleList.Icon.80=0
TitleList.Status.80=0
TitleList.Keywords.80=
TitleList.ContextNumber.80=1076
TitleList.ContextNumber.80=1097
TitleList.ApplyTemp.80=0
TitleList.Expanded.80=0
TitleList.Kind.80=0
TitleList.Title.81=msgyn
TitleList.Title.81=ret
TitleList.Level.81=2
TitleList.Url.81=msgyn.htm
TitleList.Url.81=ret.htm
TitleList.Icon.81=0
TitleList.Status.81=0
TitleList.Keywords.81=
TitleList.ContextNumber.81=1075
TitleList.ContextNumber.81=1098
TitleList.ApplyTemp.81=0
TitleList.Expanded.81=0
TitleList.Kind.81=0
TitleList.Title.82=Plugins
TitleList.Level.82=0
TitleList.Url.82=Plugins.htm
TitleList.Title.82=invalid
TitleList.Level.82=2
TitleList.Url.82=invalid.htm
TitleList.Icon.82=0
TitleList.Status.82=0
TitleList.Keywords.82=
TitleList.ContextNumber.82=1050
TitleList.ContextNumber.82=1099
TitleList.ApplyTemp.82=0
TitleList.Expanded.82=0
TitleList.Kind.82=0
TitleList.Title.83=Exports
TitleList.Level.83=1
TitleList.Url.83=Exports.htm
TitleList.Title.83=pause
TitleList.Level.83=2
TitleList.Url.83=pause_script.htm
TitleList.Icon.83=0
TitleList.Status.83=0
TitleList.Keywords.83=
TitleList.ContextNumber.83=1051
TitleList.ContextNumber.83=1100
TitleList.ApplyTemp.83=0
TitleList.Expanded.83=0
TitleList.Kind.83=0
TitleList.Title.84=_plugin_registercallback
TitleList.Title.84=scriptload
TitleList.Level.84=2
TitleList.Url.84=_plugin_registercallback.htm
TitleList.Url.84=scriptload.htm
TitleList.Icon.84=0
TitleList.Status.84=0
TitleList.Keywords.84=
TitleList.ContextNumber.84=1052
TitleList.ContextNumber.84=1074
TitleList.ApplyTemp.84=0
TitleList.Expanded.84=0
TitleList.Kind.84=0
TitleList.Title.85=_plugin_unregistercallback
TitleList.Title.85=msg
TitleList.Level.85=2
TitleList.Url.85=_plugin_unregistercallback.htm
TitleList.Url.85=msg.htm
TitleList.Icon.85=0
TitleList.Status.85=0
TitleList.Keywords.85=
TitleList.ContextNumber.85=1053
TitleList.ContextNumber.85=1076
TitleList.ApplyTemp.85=0
TitleList.Expanded.85=0
TitleList.Kind.85=0
TitleList.Title.86=_plugin_registercommand
TitleList.Title.86=msgyn
TitleList.Level.86=2
TitleList.Url.86=_plugin_registercommand.htm
TitleList.Url.86=msgyn.htm
TitleList.Icon.86=0
TitleList.Status.86=0
TitleList.Keywords.86=
TitleList.ContextNumber.86=1054
TitleList.ContextNumber.86=1075
TitleList.ApplyTemp.86=0
TitleList.Expanded.86=0
TitleList.Kind.86=0
TitleList.Title.87=_plugin_unregistercommand
TitleList.Level.87=2
TitleList.Url.87=_plugin_unregistercommand.htm
TitleList.Title.87=Plugins
TitleList.Level.87=0
TitleList.Url.87=Plugins.htm
TitleList.Icon.87=0
TitleList.Status.87=0
TitleList.Keywords.87=
TitleList.ContextNumber.87=1055
TitleList.ContextNumber.87=1050
TitleList.ApplyTemp.87=0
TitleList.Expanded.87=0
TitleList.Expanded.87=1
TitleList.Kind.87=0
TitleList.Title.88=_plugin_logprintf
TitleList.Level.88=2
TitleList.Url.88=
TitleList.Title.88=Exports
TitleList.Level.88=1
TitleList.Url.88=Exports.htm
TitleList.Icon.88=0
TitleList.Status.88=1
TitleList.Status.88=0
TitleList.Keywords.88=
TitleList.ContextNumber.88=1056
TitleList.ContextNumber.88=1051
TitleList.ApplyTemp.88=0
TitleList.Expanded.88=0
TitleList.Expanded.88=1
TitleList.Kind.88=0
TitleList.Title.89=_plugin_logputs
TitleList.Title.89=_plugin_registercallback
TitleList.Level.89=2
TitleList.Url.89=
TitleList.Url.89=_plugin_registercallback.htm
TitleList.Icon.89=0
TitleList.Status.89=1
TitleList.Status.89=0
TitleList.Keywords.89=
TitleList.ContextNumber.89=1057
TitleList.ContextNumber.89=1052
TitleList.ApplyTemp.89=0
TitleList.Expanded.89=0
TitleList.Kind.89=0
TitleList.Title.90=_plugin_debugpause
TitleList.Title.90=_plugin_unregistercallback
TitleList.Level.90=2
TitleList.Url.90=
TitleList.Url.90=_plugin_unregistercallback.htm
TitleList.Icon.90=0
TitleList.Status.90=1
TitleList.Status.90=0
TitleList.Keywords.90=
TitleList.ContextNumber.90=1058
TitleList.ContextNumber.90=1053
TitleList.ApplyTemp.90=0
TitleList.Expanded.90=0
TitleList.Kind.90=0
TitleList.Title.91=Structures
TitleList.Level.91=1
TitleList.Url.91=Structures.htm
TitleList.Title.91=_plugin_registercommand
TitleList.Level.91=2
TitleList.Url.91=_plugin_registercommand.htm
TitleList.Icon.91=0
TitleList.Status.91=0
TitleList.Keywords.91=
TitleList.ContextNumber.91=1059
TitleList.ContextNumber.91=1054
TitleList.ApplyTemp.91=0
TitleList.Expanded.91=0
TitleList.Kind.91=0
TitleList.Title.92=Callbacks
TitleList.Title.92=_plugin_unregistercommand
TitleList.Level.92=2
TitleList.Url.92=Callbacks.htm
TitleList.Url.92=_plugin_unregistercommand.htm
TitleList.Icon.92=0
TitleList.Status.92=0
TitleList.Keywords.92=
TitleList.ContextNumber.92=1060
TitleList.ContextNumber.92=1055
TitleList.ApplyTemp.92=0
TitleList.Expanded.92=0
TitleList.Kind.92=0
TitleList.Title.93=PLUG_INITSTRUCT
TitleList.Title.93=_plugin_logprintf
TitleList.Level.93=2
TitleList.Url.93=PLUGINIT_STRUCT.htm
TitleList.Url.93=_plugin_logprintf.htm
TitleList.Icon.93=0
TitleList.Status.93=0
TitleList.Keywords.93=
TitleList.ContextNumber.93=1061
TitleList.ContextNumber.93=1056
TitleList.ApplyTemp.93=0
TitleList.Expanded.93=0
TitleList.Kind.93=0
TitleList.Title.94=Scripting
TitleList.Level.94=0
TitleList.Url.94=Scripting.htm
TitleList.Title.94=_plugin_logputs
TitleList.Level.94=2
TitleList.Url.94=_plugin_logputs.htm
TitleList.Icon.94=0
TitleList.Status.94=0
TitleList.Keywords.94=
TitleList.ContextNumber.94=1069
TitleList.ContextNumber.94=1057
TitleList.ApplyTemp.94=0
TitleList.Expanded.94=0
TitleList.Kind.94=0
TitleList.Title.95=Special Thanks
TitleList.Level.95=0
TitleList.Url.95=Special_Thanks.htm
TitleList.Title.95=_plugin_debugpause
TitleList.Level.95=2
TitleList.Url.95=_plugin_debugpause.htm
TitleList.Icon.95=0
TitleList.Status.95=0
TitleList.Keywords.95=
TitleList.ContextNumber.95=1024
TitleList.ContextNumber.95=1058
TitleList.ApplyTemp.95=0
TitleList.Expanded.95=0
TitleList.Kind.95=0
TitleList.Title.96=Fixed Top Style
TitleList.Level.96=0
TitleList.Url.96=template\fixedtop.htm
TitleList.Title.96=Structures
TitleList.Level.96=1
TitleList.Url.96=Structures.htm
TitleList.Icon.96=0
TitleList.Status.96=0
TitleList.Keywords.96=
TitleList.ContextNumber.96=
TitleList.ContextNumber.96=1059
TitleList.ApplyTemp.96=0
TitleList.Expanded.96=0
TitleList.Kind.96=2
TitleList.Expanded.96=1
TitleList.Kind.96=0
TitleList.Title.97=Callbacks
TitleList.Level.97=2
TitleList.Url.97=Callbacks.htm
TitleList.Icon.97=0
TitleList.Status.97=0
TitleList.Keywords.97=
TitleList.ContextNumber.97=1060
TitleList.ApplyTemp.97=0
TitleList.Expanded.97=0
TitleList.Kind.97=0
TitleList.Title.98=PLUG_INITSTRUCT
TitleList.Level.98=2
TitleList.Url.98=PLUGINIT_STRUCT.htm
TitleList.Icon.98=0
TitleList.Status.98=0
TitleList.Keywords.98=
TitleList.ContextNumber.98=1061
TitleList.ApplyTemp.98=0
TitleList.Expanded.98=0
TitleList.Kind.98=0
TitleList.Title.99=Scripting
TitleList.Level.99=0
TitleList.Url.99=Scripting.htm
TitleList.Icon.99=0
TitleList.Status.99=0
TitleList.Keywords.99=
TitleList.ContextNumber.99=1069
TitleList.ApplyTemp.99=0
TitleList.Expanded.99=0
TitleList.Kind.99=0
TitleList.Title.100=Special Thanks
TitleList.Level.100=0
TitleList.Url.100=Special_Thanks.htm
TitleList.Icon.100=0
TitleList.Status.100=0
TitleList.Keywords.100=
TitleList.ContextNumber.100=1024
TitleList.ApplyTemp.100=0
TitleList.Expanded.100=0
TitleList.Kind.100=0
TitleList.Title.101=Fixed Top Style
TitleList.Level.101=0
TitleList.Url.101=template\fixedtop.htm
TitleList.Icon.101=0
TitleList.Status.101=0
TitleList.Keywords.101=
TitleList.ContextNumber.101=
TitleList.ApplyTemp.101=0
TitleList.Expanded.101=0
TitleList.Kind.101=2

34
help/xor.htm Normal file
View File

@ -0,0 +1,34 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>xor</title>
<meta name="GENERATOR" content="WinCHM">
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<style>
html,body {
/* Default Font */
font-family: Courier New;
font-size: 11pt;
}
</style>
</head>
<body>
<P><STRONG>xor<BR></STRONG>Binary XOR&nbsp;two values.</P>
<P class=rvps3>
<SPAN class=rvts11>
<U>
arguments
</U>
<BR>&nbsp; arg1:
Destination.
</SPAN></P>
<P class=rvps3 >
<SPAN class=rvts11 > &nbsp; arg2: Source.</SPAN></P>
<P class=rvps3>
<SPAN class=rvts11><U>result<BR></U>This command does not
set any result&nbsp;variables.</SPAN></P></body>
</html>

3
x64_dbg_dbg/_plugins.cpp
View File

@ -4,6 +4,8 @@
#include "debugger.h"
#include "threading.h"
static char msg[66000];
///debugger plugin exports (wrappers)
PLUG_IMPEXP void _plugin_registercallback(int pluginHandle, CBTYPE cbType, CBPLUGIN cbPlugin)
{
@ -29,7 +31,6 @@ PLUG_IMPEXP void _plugin_logprintf(const char* format, ...)
{
va_list args;
va_start(args, format);
char msg[deflen]="";
vsprintf(msg, format, args);
GuiAddLogMessage(msg);
}

1
x64_dbg_dbg/_plugins.h
View File

@ -52,6 +52,7 @@ struct PLUG_CB_EXITPROCESS
struct PLUG_CB_CREATETHREAD
{
CREATE_THREAD_DEBUG_INFO* CreateThread;
DWORD dwThreadId;
};
struct PLUG_CB_EXITTHREAD

1
x64_dbg_dbg/command.h
View File

@ -12,6 +12,7 @@ enum CMDRESULT
STATUS_ERROR=false,
STATUS_CONTINUE=true,
STATUS_EXIT=2,
STATUS_PAUSE=3
};
typedef CMDRESULT (*CBCOMMAND)(int, char**);

31
x64_dbg_dbg/debugger.cpp
View File

@ -566,10 +566,12 @@ static void cbExitProcess(EXIT_PROCESS_DEBUG_INFO* ExitProcess)
static void cbCreateThread(CREATE_THREAD_DEBUG_INFO* CreateThread)
{
threadcreate(CreateThread); //update thread list
DWORD dwThreadId=((DEBUG_EVENT*)GetDebugData())->dwThreadId;
PLUG_CB_CREATETHREAD callbackInfo;
callbackInfo.CreateThread=CreateThread;
callbackInfo.dwThreadId=dwThreadId;
plugincbcall(CB_CREATETHREAD, &callbackInfo);
DWORD dwThreadId=((DEBUG_EVENT*)GetDebugData())->dwThreadId;
dprintf("Thread %X created\n", dwThreadId);
if(settingboolget("Events", "ThreadStart"))
@ -756,10 +758,33 @@ static void cbOutputDebugString(OUTPUT_DEBUG_STRING_INFO* DebugString)
memset(DebugTextEscaped, 0, DebugString->nDebugStringLength+escape_count+1);
for(int i=0,j=0; i<len; i++)
{
if(DebugText[i]=='\\')
switch(DebugText[i])
{
case '\t':
j+=sprintf(DebugTextEscaped+j, "\\t");
break;
case '\f':
j+=sprintf(DebugTextEscaped+j, "\\f");
break;
case '\v':
j+=sprintf(DebugTextEscaped+j, "\\v");
break;
case '\n':
j+=sprintf(DebugTextEscaped+j, "\\n");
break;
case '\r':
j+=sprintf(DebugTextEscaped+j, "\\r");
break;
case '\\':
j+=sprintf(DebugTextEscaped+j, "\\\\");
else
break;
case '\"':
j+=sprintf(DebugTextEscaped+j, "\\\"");
break;
default:
j+=sprintf(DebugTextEscaped+j, "%c", DebugText[i]);
break;
}
}
dprintf("DebugString: \"%s\"\n", DebugTextEscaped);
efree(DebugTextEscaped, "cbOutputDebugString:DebugTextEscaped");

2
x64_dbg_dbg/instruction.cpp
View File

@ -139,7 +139,7 @@ CMDRESULT cbInstrMov(int argc, char* argv[])
if(!isvar or !valtostring(argv[1], &set_value, true))
{
uint value;
if(!valfromstring(argv[1], &value))
if(valfromstring(argv[1], &value)) //if the var is a value already it's an invalid destination
{
dprintf("invalid dest \"%s\"\n", argv[1]);
return STATUS_ERROR;

1
x64_dbg_dbg/instruction.h
View File

@ -40,6 +40,7 @@ CMDRESULT cbInstrShl(int argc, char* argv[]);
CMDRESULT cbInstrShr(int argc, char* argv[]);
CMDRESULT cbInstrSub(int argc, char* argv[]);
CMDRESULT cbInstrTest(int argc, char* argv[]);
CMDRESULT cbInstrXor(int argc, char* argv[]);
CMDRESULT cbInstrRefinit(int argc, char* argv[]);
CMDRESULT cbInstrRefadd(int argc, char* argv[]);

70
x64_dbg_dbg/simplescript.cpp
View File

@ -5,9 +5,11 @@
#include "variable.h"
#include "threading.h"
#include "x64_dbg.h"
#include "debugger.h"
static std::vector<LINEMAPENTRY> linemap;
static std::vector<SCRIPTBP> scriptbplist;
static std::vector<int> scriptstack;
static int scriptIp=0;
static bool bAbort=false;
static bool bIsRunning=false;
@ -33,6 +35,8 @@ static SCRIPTBRANCHTYPE scriptgetbranchtype(const char* text)
return scriptjbjl;
else if(!strncmp(newtext, "ja ", 3) or !strncmp(newtext, "ifa ", 4) or !strncmp(newtext, "jg ", 3) or !strncmp(newtext, "ifg ", 4))
return scriptjajg;
else if(!strncmp(newtext, "call ", 5))
return scriptcall;
return scriptnobranch;
}
@ -169,7 +173,11 @@ static bool scriptcreatelinemap(const char* filename)
else
{
cur.type=linecommand;
strcpy(cur.u.command, cur.raw);
const char* comment=strstr(cur.raw, "//"); //find comment
if(comment)
strncpy(cur.u.command, cur.raw, comment-cur.raw);
else
strcpy(cur.u.command, cur.raw);
}
linemap.at(i)=cur;
}
@ -266,31 +274,41 @@ static bool scriptisruncommand(const char* cmdlist)
return false;
}
static CMDRESULT scriptinternalcmdexec(const char* command)
static CMDRESULT scriptinternalcmdexec(const char* cmd)
{
if(scmp(command, "ret")) //script finished
if(scmp(cmd, "ret")) //script finished
{
GuiScriptMessage("Script finished!");
return STATUS_EXIT;
if(!scriptstack.size()) //nothing on the stack
{
GuiScriptMessage("Script finished!");
return STATUS_EXIT;
}
scriptIp=scriptstack.back(); //set scriptIp to the call address (scriptinternalstep will step over it)
scriptstack.pop_back(); //remove last stack entry
return STATUS_CONTINUE;
}
else if(scmp(command, "invalid")) //invalid command for testing
else if(scmp(cmd, "invalid")) //invalid command for testing
return STATUS_ERROR;
COMMAND* cmd=cmdget(dbggetcommandlist(), command);
if(!cmd) //invalid command
else if(scmp(cmd, "pause")) //pause the script
return STATUS_PAUSE;
char command[deflen]="";
strcpy(command, cmd);
argformat(command);
COMMAND* found=cmdfindmain(dbggetcommandlist(), command);
if(!found) //invalid command
return STATUS_ERROR;
if(scriptisruncommand(cmd->name))
{
CMDRESULT res=cmddirectexec(dbggetcommandlist(), command);
while(!waitislocked(WAITID_RUN)) //while not locked (NOTE: possible deadlock)
Sleep(10);
return res;
}
else if(arraycontains(cmd->name, "var")) //var
if(arraycontains(found->name, "var")) //var
{
cmddirectexec(dbggetcommandlist(), command);
return STATUS_CONTINUE;
}
return cmddirectexec(dbggetcommandlist(), command);
CMDRESULT res=cmddirectexec(dbggetcommandlist(), command);
if(IsFileBeingDebugged())
{
while(!waitislocked(WAITID_RUN)) //while not locked (NOTE: possible deadlock)
Sleep(10);
}
return res;
}
static bool scriptinternalbranch(SCRIPTBRANCHTYPE type) //determine if we should jump
@ -302,6 +320,7 @@ static bool scriptinternalbranch(SCRIPTBRANCHTYPE type) //determine if we should
bool bJump=false;
switch(type)
{
case scriptcall:
case scriptjmp:
bJump=true;
break;
@ -355,10 +374,20 @@ static bool scriptinternalcmd()
scriptIp=scriptinternalstep(0);
GuiScriptSetIp(scriptIp);
break;
case STATUS_PAUSE:
bContinue=false; //stop running the script
scriptIp=scriptinternalstep(scriptIp);
GuiScriptSetIp(scriptIp);
break;
}
}
else if(cur.type==linebranch and scriptinternalbranch(cur.u.branch.type)) //branch
scriptIp=scriptlabelfind(cur.u.branch.branchlabel);
else if(cur.type==linebranch)
{
if(cur.u.branch.type==scriptcall) //calls have a special meaning
scriptstack.push_back(scriptIp);
if(scriptinternalbranch(cur.u.branch.type))
scriptIp=scriptlabelfind(cur.u.branch.branchlabel);
}
return bContinue;
}
@ -402,6 +431,7 @@ static DWORD WINAPI scriptLoadThread(void* filename)
GuiScriptClear();
scriptIp=0;
std::vector<SCRIPTBP>().swap(scriptbplist); //clear breakpoints
std::vector<int>().swap(scriptstack); //clear script stack
bAbort=false;
if(!scriptcreatelinemap((const char*)filename))
return 0;
@ -501,8 +531,8 @@ bool scriptcmdexec(const char* command)
case STATUS_EXIT:
scriptIp=scriptinternalstep(0);
GuiScriptSetIp(scriptIp);
return true;
break;
case STATUS_PAUSE:
case STATUS_CONTINUE:
break;
}

3
x64_dbg_dbg/simplescript.h
View File

@ -13,7 +13,8 @@ enum SCRIPTBRANCHTYPE
scriptjbjl,
scriptjajg,
scriptjbejle,
scriptjaejge
scriptjaejge,
scriptcall
};
//structures

1
x64_dbg_dbg/x64_dbg.cpp
View File

@ -128,6 +128,7 @@ static void registercommands()
cmdnew(cmd, "shr", cbInstrShr, false);
cmdnew(cmd, "sub", cbInstrSub, false);
cmdnew(cmd, "test", cbInstrTest, false);
cmdnew(cmd, "xor", cbInstrXor, false);
//script
cmdnew(cmd, "scriptload", cbScriptLoad, false);