Run to user code (#762)

* Run to user code

* Fix "access violation" error

* Run to user code

* Run to user code

* Run to user code

* Run to user code

* Run to user code

* Run to user code

* Run to user code

* Run to user code

* Run to user code

* Fixed compiler warnings

* Run to user code

* Run to user code

* Run to user code

Please add an icon for it.

* Run to user code

* change the error message

* Run to user code

* Run to user code

* Update translation

* Update translation

* Enlarge the buffer size to 1KB

* Fix locking condition

* Fix race condition

* re-apply recent commits

src/dbg/_dbgfunctions.cpp

@@ -290,6 +290,8 @@ void dbgfunctionsinit()
     _dbgfunctions.ModBaseFromAddr = ModBaseFromAddr;
     _dbgfunctions.ModBaseFromName = ModBaseFromName;
     _dbgfunctions.ModSizeFromAddr = ModSizeFromAddr;
+    _dbgfunctions.ModGetParty = ModGetParty;
+    _dbgfunctions.ModSetParty = ModSetParty;
     _dbgfunctions.Assemble = assemble;
     _dbgfunctions.PatchGet = _patchget;
     _dbgfunctions.PatchInRange = _patchinrange;

src/dbg/_dbgfunctions.h

@@ -141,6 +141,8 @@ typedef bool(*ENUMHANDLES)(ListOf(HANDLEINFO) handles);
 typedef bool(*GETHANDLENAME)(duint handle, char* name, size_t nameSize, char* typeName, size_t typeNameSize);
 typedef bool(*ENUMTCPCONNECTIONS)(ListOf(TCPCONNECTIONINFO) connections);
 typedef duint(*GETDBGEVENTS)();
+typedef int(*MODGETPARTY)(duint base);
+typedef void(*MODSETPARTY)(duint base, int party);
 
 typedef struct DBGFUNCTIONS_
 {
@@ -192,6 +194,8 @@ typedef struct DBGFUNCTIONS_
     GETHANDLENAME GetHandleName;
     ENUMTCPCONNECTIONS EnumTcpConnections;
     GETDBGEVENTS GetDbgEvents;
+    MODGETPARTY ModGetParty;
+    MODSETPARTY ModSetParty;
 } DBGFUNCTIONS;
 
 #ifdef BUILD_DBG

src/dbg/debugger.cpp

@@ -71,6 +71,7 @@ static duint timeWastedDebugging = 0;
 char szFileName[MAX_PATH] = "";
 char szSymbolCachePath[MAX_PATH] = "";
 char sqlitedb[deflen] = "";
+std::vector<std::pair<duint, duint>> RunToUserCodeBreakpoints;
 PROCESS_INFORMATION* fdProcessInfo = &g_pi;
 HANDLE hActiveThread;
 HANDLE hProcessToken;
@@ -612,6 +613,33 @@ void cbMemoryBreakpoint(void* ExceptionAddress)
     cbGenericBreakpoint(BPMEMORY, ExceptionAddress);
 }
 
+void cbRunToUserCodeBreakpoint(void* ExceptionAddress)
+{
+    EXCLUSIVE_ACQUIRE(LockRunToUserCode);
+    hActiveThread = ThreadGetHandle(((DEBUG_EVENT*)GetDebugData())->dwThreadId);
+    auto CIP = GetContextDataEx(hActiveThread, UE_CIP);
+    auto symbolicname = SymGetSymbolicName(CIP);
+    dprintf("User code reached at %s (" fhex ")!", symbolicname.c_str(), CIP);
+    for(auto i : RunToUserCodeBreakpoints)
+    {
+        BREAKPOINT bp;
+        if(!BpGet(i.first, BPMEMORY, nullptr, &bp))
+            RemoveMemoryBPX(i.first, i.second);
+    }
+    RunToUserCodeBreakpoints.clear();
+    lock(WAITID_RUN);
+    EXCLUSIVE_RELEASE();
+    PLUG_CB_PAUSEDEBUG pauseInfo;
+    pauseInfo.reserved = nullptr;
+    plugincbcall(CB_PAUSEDEBUG, &pauseInfo);
+    _dbg_dbgtraceexecute(CIP);
+    GuiSetDebugState(paused);
+    DebugUpdateGui(GetContextDataEx(hActiveThread, UE_CIP), true);
+    SetForegroundWindow(GuiGetWindowHandle());
+    bSkipExceptions = false;
+    wait(WAITID_RUN);
+}
+
 void cbLibrarianBreakpoint(void* lpData)
 {
     bBreakOnNextDll = true;

src/dbg/debugger.h

@@ -114,6 +114,7 @@ void cbTIBTStep();
 void cbTOBTStep();
 void cbTIITStep();
 void cbTOITStep();
+void cbRunToUserCodeBreakpoint(void* ExceptionAddress);
 DWORD WINAPI threadAttachLoop(void* lpParameter);
 void cbDetach();
 bool cbSetModuleBreakpoints(const BREAKPOINT* bp);

src/dbg/debugger_commands.cpp

@@ -28,6 +28,7 @@ duint LoadLibThreadID;
 duint DLLNameMem;
 duint ASMAddr;
 TITAN_ENGINE_CONTEXT_t backupctx = { 0 };
+extern std::vector<std::pair<duint, duint>> RunToUserCodeBreakpoints;
 
 CMDRESULT cbDebugInit(int argc, char* argv[])
 {
@@ -699,6 +700,29 @@ CMDRESULT cbDebugGetBPXMemoryHitCount(int argc, char* argv[])
     return cbDebugGetBPXHitCountCommon(BPMEMORY, argc, argv);
 }
 
+CMDRESULT cbDebugSetBPGoto(int argc, char* argv[])
+{
+    if (argc != 3)
+    {
+        dputs("argument count mismatch!\n");
+        return STATUS_ERROR;
+    }
+    char cmd[deflen];
+    _snprintf(cmd, sizeof(cmd), "SetBreakpointCondition %s, 0", argv[1]);
+    if(!DbgCmdExecDirect(cmd))
+        return STATUS_ERROR;
+    _snprintf(cmd, sizeof(cmd), "SetBreakpointCommand %s, \"CIP=%s\"", argv[1], argv[2]);
+    if(!DbgCmdExecDirect(cmd))
+        return STATUS_ERROR;
+    _snprintf(cmd, sizeof(cmd), "SetBreakpointCommandCondition %s, 1", argv[1]);
+    if(!DbgCmdExecDirect(cmd))
+        return STATUS_ERROR;
+    _snprintf(cmd, sizeof(cmd), "SetBreakpointFastResume %s, 0", argv[1]);
+    if(!DbgCmdExecDirect(cmd))
+        return STATUS_ERROR;
+    return STATUS_CONTINUE;
+}
+
 CMDRESULT cbDebugSetHardwareBreakpoint(int argc, char* argv[])
 {
     if(argc < 2)
@@ -994,7 +1018,7 @@ CMDRESULT cbDebugSetMemoryBpx(int argc, char* argv[])
     if(BpGet(base, BPMEMORY, 0, &bp))
     {
         if(!bp.enabled)
-            return DbgCmdExecDirect(StringUtils::sprintf("bpme " fhex, bp.addr).c_str()) ? STATUS_CONTINUE : STATUS_ERROR;
+            return BpEnable(base, BPMEMORY, true) ? STATUS_CONTINUE : STATUS_ERROR;
         dputs("Memory breakpoint already set!");
         return STATUS_CONTINUE;
     }
@@ -1255,6 +1279,42 @@ CMDRESULT cbDebugeRtr(int argc, char* argv[])
     return cbDebugRtr(argc, argv);
 }
 
+CMDRESULT cbDebugRunToParty(int argc, char* argv[])
+{
+    EXCLUSIVE_ACQUIRE(LockRunToUserCode);
+    std::vector<MODINFO> AllModules;
+    ModGetList(AllModules);
+    if(!RunToUserCodeBreakpoints.empty())
+    {
+        dputs("Run to party is busy.\n");
+        return STATUS_ERROR;
+    }
+    int party = atoi(argv[1]); // party is a signed integer
+    for(auto i : AllModules)
+    {
+        if(i.party == party)
+        {
+            for(auto j : i.sections)
+            {
+                BREAKPOINT bp;
+                if (!BpGet(j.addr, BPMEMORY, nullptr, &bp))
+                {
+                    RunToUserCodeBreakpoints.push_back(std::make_pair(j.addr, j.size));
+                    SetMemoryBPXEx(j.addr, j.size, UE_MEMORY_EXECUTE, false, (void*)cbRunToUserCodeBreakpoint);
+                }
+            }
+        }
+    }
+    cbDebugRun(argc, argv);
+    return STATUS_CONTINUE;
+}
+
+CMDRESULT cbDebugRtu(int argc, char* argv[])
+{
+    char* newargv[] = { "RunToParty", "0" };
+    return cbDebugRunToParty(argc, newargv);
+}
+
 static CMDRESULT cbDebugConditionalTrace(void* callBack, bool stepOver, int argc, char* argv[])
 {
     if(argc < 2)

src/dbg/debugger_commands.h

@@ -23,6 +23,7 @@ CMDRESULT cbDebugSetBPXCommandCondition(int argc, char* argv[]);
 CMDRESULT cbDebugGetBPXHitCount(int argc, char* argv[]);
 CMDRESULT cbDebugSetBPXFastResume(int argc, char* argv[]);
 CMDRESULT cbDebugResetBPXHitCount(int argc, char* argv[]);
+CMDRESULT cbDebugSetBPGoto(int argc, char* argv[]);
 CMDRESULT cbDebugSetHardwareBreakpoint(int argc, char* argv[]);
 CMDRESULT cbDebugDeleteHardwareBreakpoint(int argc, char* argv[]);
 CMDRESULT cbDebugEnableHardwareBreakpoint(int argc, char* argv[]);
@@ -62,6 +63,8 @@ CMDRESULT cbDebugHide(int argc, char* argv[]);
 CMDRESULT cbDebugDisasm(int argc, char* argv[]);
 CMDRESULT cbDebugRtr(int argc, char* argv[]);
 CMDRESULT cbDebugeRtr(int argc, char* argv[]);
+CMDRESULT cbDebugRunToParty(int argc, char* argv[]);
+CMDRESULT cbDebugRtu(int argc, char* argv[]);
 CMDRESULT cbDebugAlloc(int argc, char* argv[]);
 CMDRESULT cbDebugFree(int argc, char* argv[]);
 CMDRESULT cbDebugMemset(int argc, char* argv[]);

src/dbg/module.cpp

@@ -105,6 +105,20 @@ bool ModLoad(duint Base, duint Size, const char* FullPath)
     info.fileMap = nullptr;
     info.fileMapVA = 0;
 
+    // Determine whether the module is located in system
+    wchar_t sysdir[MAX_PATH];
+    GetEnvironmentVariableW(L"windir", sysdir, sizeof(sysdir));
+    String Utf8Sysdir = StringUtils::Utf16ToUtf8(sysdir);
+    Utf8Sysdir.append("\\");
+    if (_memicmp(Utf8Sysdir.c_str(), FullPath, Utf8Sysdir.size()) == 0)
+    {
+        info.party = 1;
+    }
+    else
+    {
+        info.party = 0;
+    }
+
     // Load module data
     bool virtualModule = strstr(FullPath, "virtual:\\") == FullPath;
 
@@ -400,4 +414,30 @@ bool ModAddImportToModule(duint Base, const MODIMPORTINFO & importInfo)
     pImports->push_back(importInfo);
 
     return true;
-}
+}
+
+int ModGetParty(duint Address)
+{
+    SHARED_ACQUIRE(LockModules);
+
+    auto module = ModInfoFromAddr(Address);
+
+    // If the module is not found, it is an user module
+    if (!module)
+        return 0;
+
+    return module->party;
+}
+
+void ModSetParty(duint Address, int Party)
+{
+    EXCLUSIVE_ACQUIRE(LockModules);
+
+    auto module = ModInfoFromAddr(Address);
+
+    // If the module is not found, it is an user module
+    if (!module)
+        return;
+
+    module->party = Party;
+}

src/dbg/module.h

@@ -35,6 +35,8 @@ struct MODINFO
     DWORD loadedSize;
     HANDLE fileMap;
     ULONG_PTR fileMapVA;
+
+    int party;  // Party. Currently used value: 0: User, 1: System
 };
 
 bool ModLoad(duint Base, duint Size, const char* FullPath);
@@ -53,6 +55,8 @@ duint ModEntryFromAddr(duint Address);
 int ModPathFromAddr(duint Address, char* Path, int Size);
 int ModPathFromName(const char* Module, char* Path, int Size);
 void ModGetList(std::vector<MODINFO> & list);
+int ModGetParty(duint Address);
+void ModSetParty(duint Address, int Party);
 bool ModAddImportToModule(duint Base, const MODIMPORTINFO & importInfo);
 
-#endif // _MODULE_H
+#endif // _MODULE_H

src/dbg/threading.h

@@ -61,6 +61,7 @@ enum SectionLock
     LockArguments,
     LockEncodeMaps,
     LockCallstackCache,
+    LockRunToUserCode,
 
     // Number of elements in this enumeration. Must always be the last
     // index.

src/dbg/x64_dbg.cpp

@@ -108,6 +108,8 @@ static void registercommands()
     dbgcmdnew("getcmdline\1getcommandline", cbDebugGetCmdline, true); //Get CmdLine
     dbgcmdnew("setcmdline\1setcommandline", cbDebugSetCmdline, true); //Set CmdLine
     dbgcmdnew("skip", cbDebugSkip, true); //skip one instruction
+    dbgcmdnew("RunToParty", cbDebugRunToParty, true); //Run to code in a party
+    dbgcmdnew("RunToUserCode\1rtu", cbDebugRtu, true); //Run to user code
 
     //breakpoints
     dbgcmdnew("bplist", cbDebugBplist, true); //breakpoint list
@@ -155,6 +157,8 @@ static void registercommands()
     dbgcmdnew("SetMemoryBreakpointFastResume", cbDebugSetBPXMemoryFastResume, true); //set breakpoint fast resume
     dbgcmdnew("SetMemoryGetBreakpointHitCount", cbDebugGetBPXMemoryHitCount, true); //get breakpoint hit count
     dbgcmdnew("ResetMemoryBreakpointHitCount", cbDebugResetBPXMemoryHitCount, true); //reset breakpoint hit count
+    
+    dbgcmdnew("bpgoto", cbDebugSetBPGoto, true);
 
     //variables
     dbgcmdnew("varnew\1var", cbInstrVar, false); //make a variable arg1:name,[arg2:value]

src/gui/Src/Gui/CPUSideBar.cpp

@@ -652,7 +652,7 @@ void CPUSideBar::AllocateJumpOffsets(std::vector<JumpLine> & jumpLines)
     unsigned int* numLines = new unsigned int[viewableRows];
     memset(numLines, 0, sizeof(unsigned int) * viewableRows);
     // preprocessing
-    for(int i = 0; i < jumpLines.size(); i++)
+    for(size_t i = 0; i < jumpLines.size(); i++)
     {
         JumpLine & jmp = jumpLines.at(i);
         jmp.jumpOffset = abs(jmp.destLine - jmp.line);
@@ -663,7 +663,7 @@ void CPUSideBar::AllocateJumpOffsets(std::vector<JumpLine> & jumpLines)
         return op2.jumpOffset > op1.jumpOffset;
     });
     // Allocate jump offsets
-    for(int i = 0; i < jumpLines.size(); i++)
+    for(size_t i = 0; i < jumpLines.size(); i++)
     {
         JumpLine & jmp = jumpLines.at(i);
         unsigned int maxJmpOffset = 0;

src/gui/Src/Gui/MainWindow.cpp

@@ -228,6 +228,7 @@ MainWindow::MainWindow(QWidget* parent)
     connect(ui->actioneStepInto, SIGNAL(triggered()), this, SLOT(execeStepInto()));
     connect(ui->actioneRun, SIGNAL(triggered()), this, SLOT(execeRun()));
     connect(ui->actioneRtr, SIGNAL(triggered()), this, SLOT(execeRtr()));
+    connect(ui->actionRtu, SIGNAL(triggered()), this, SLOT(execRtu()));
     connect(ui->actionTicnd, SIGNAL(triggered()), this, SLOT(execTicnd()));
     connect(ui->actionTocnd, SIGNAL(triggered()), this, SLOT(execTocnd()));
     connect(ui->actionTRBit, SIGNAL(triggered()), this, SLOT(execTRBit()));
@@ -454,6 +455,7 @@ void MainWindow::refreshShortcuts()
     setGlobalShortcut(ui->actioneStepOver, ConfigShortcut("DebugeStepOver"));
     setGlobalShortcut(ui->actionRtr, ConfigShortcut("DebugRtr"));
     setGlobalShortcut(ui->actioneRtr, ConfigShortcut("DebugeRtr"));
+    setGlobalShortcut(ui->actionRtu, ConfigShortcut("DebugRtu"));
     setGlobalShortcut(ui->actionCommand, ConfigShortcut("DebugCommand"));
     setGlobalShortcut(ui->actionSkipNextInstruction, ConfigShortcut("DebugSkipNextInstruction"));
 
@@ -597,6 +599,11 @@ void MainWindow::execRtr()
     DbgCmdExec("rtr");
 }
 
+void MainWindow::execRtu()
+{
+    DbgCmdExec("rtu");
+}
+
 void MainWindow::execTRBit()
 {
     mCpuWidget->getDisasmWidget()->ActionTraceRecordBitSlot();

src/gui/Src/Gui/MainWindow.h

@@ -62,6 +62,7 @@ public slots:
     void execClose();
     void execRun();
     void execRtr();
+    void execRtu();
     void execTocnd();
     void execTicnd();
     void openFile();

src/gui/Src/Gui/MainWindow.ui

@@ -102,6 +102,7 @@
     <addaction name="actionTicnd"/>
     <addaction name="actionStepOver"/>
     <addaction name="actioneStepOver"/>
+    <addaction name="actionRtu"/>
     <addaction name="actionTocnd"/>
     <addaction name="actionRtr"/>
     <addaction name="actioneRtr"/>
@@ -176,6 +177,7 @@
    <addaction name="actionStepOver"/>
    <addaction name="separator"/>
    <addaction name="actionRtr"/>
+   <addaction name="actionRtu"/>
    <addaction name="separator"/>
    <addaction name="actionCpu"/>
    <addaction name="actionLog"/>
@@ -841,6 +843,15 @@
     <string>None</string>
    </property>
   </action>
+  <action name="actionRtu">
+   <property name="icon">
+    <iconset resource="../../resource.qrc">
+     <normaloff>:/icons/images/recentfiles.png</normaloff>:/icons/images/recentfiles.png</iconset>
+   </property>
+   <property name="text">
+    <string>Run to &amp;user code</string>
+   </property>
+  </action>
  </widget>
  <layoutdefault spacing="6" margin="11"/>
  <resources>

src/gui/Src/Gui/SymbolView.cpp

@@ -5,6 +5,7 @@
 #include "Bridge.h"
 #include "YaraRuleSelectionDialog.h"
 #include "EntropyDialog.h"
+#include "LineEditDialog.h"
 
 SymbolView::SymbolView(QWidget* parent) : QWidget(parent), ui(new Ui::SymbolView)
 {
@@ -25,9 +26,11 @@ SymbolView::SymbolView(QWidget* parent) : QWidget(parent), ui(new Ui::SymbolView
     mModuleList->mSearchStartCol = 1;
     int charwidth = mModuleList->mList->getCharWidth();
     mModuleList->mList->addColumnAt(charwidth * 2 * sizeof(dsint) + 8, tr("Base"), false);
-    mModuleList->mList->addColumnAt(500, tr("Module"), true);
+    mModuleList->mList->addColumnAt(300, tr("Module"), true);
+    mModuleList->mList->addColumnAt(charwidth * 8, tr("Party"), false);
     mModuleList->mSearchList->addColumnAt(charwidth * 2 * sizeof(dsint) + 8, tr("Base"), false);
-    mModuleList->mSearchList->addColumnAt(500, "Module", true);
+    mModuleList->mSearchList->addColumnAt(300, "Module", true);
+    mModuleList->mSearchList->addColumnAt(charwidth * 8, tr("Party"), false);
 
     // Setup symbol list
     mSearchListView->mList->addColumnAt(charwidth * 2 * sizeof(dsint) + 8, tr("Address"), true);
@@ -140,6 +143,15 @@ void SymbolView::setupContextMenu()
     mEntropyAction = new QAction(QIcon(":/icons/images/entropy.png"), tr("Entropy..."), this);
     connect(mEntropyAction, SIGNAL(triggered()), this, SLOT(moduleEntropy()));
 
+    mModSetUserAction = new QAction(tr("Mark as &user module"), this);
+    connect(mModSetUserAction, SIGNAL(triggered()), this, SLOT(moduleSetUser()));
+
+    mModSetSystemAction = new QAction(tr("Mark as &system module"), this);
+    connect(mModSetSystemAction, SIGNAL(triggered()), this, SLOT(moduleSetSystem()));
+
+    mModSetPartyAction = new QAction(tr("Mark as &party..."), this);
+    connect(mModSetPartyAction, SIGNAL(triggered()), this, SLOT(moduleSetParty()));
+
     //Shortcuts
     refreshShortcutsSlot();
     connect(Config(), SIGNAL(shortcutsUpdated()), this, SLOT(refreshShortcutsSlot()));
@@ -218,9 +230,23 @@ void SymbolView::updateSymbolList(int module_count, SYMBOLMODULEINFO* modules)
     mModuleBaseList.clear();
     for(int i = 0; i < module_count; i++)
     {
-        mModuleBaseList.insert(modules[i].name, modules[i].base);
-        mModuleList->mList->setCellContent(i, 0, QString("%1").arg(modules[i].base, sizeof(dsint) * 2, 16, QChar('0')).toUpper());
-        mModuleList->mList->setCellContent(i, 1, modules[i].name);
+        QString modName(modules[i].name);
+        mModuleBaseList.insert(modName, modules[i].base);
+        int party = DbgFunctions()->ModGetParty(modules[i].base);
+        mModuleList->mList->setCellContent(i, 0, ToPtrString(modules[i].base));
+        mModuleList->mList->setCellContent(i, 1, modName);
+        switch(party)
+        {
+        case 0:
+            mModuleList->mList->setCellContent(i, 2, tr("User"));
+            break;
+        case 1:
+            mModuleList->mList->setCellContent(i, 2, tr("System"));
+            break;
+        default:
+            mModuleList->mList->setCellContent(i, 2, tr("Party: %1").arg(party));
+            break;
+        }
     }
     mModuleList->mList->reloadData();
     //NOTE: DO NOT CALL mModuleList->refreshSearchList() IT WILL DEGRADE PERFORMANCE!
@@ -265,13 +291,20 @@ void SymbolView::moduleContextMenu(QMenu* wMenu)
     wMenu->addAction(mFollowModuleEntryAction);
     wMenu->addAction(mDownloadSymbolsAction);
     wMenu->addAction(mDownloadAllSymbolsAction);
-    dsint modbase = DbgValFromString(mModuleList->mCurList->getCellContent(mModuleList->mCurList->getInitialSelection(), 0).toUtf8().constData());
+    duint modbase = DbgValFromString(mModuleList->mCurList->getCellContent(mModuleList->mCurList->getInitialSelection(), 0).toUtf8().constData());
     char szModPath[MAX_PATH] = "";
     if(DbgFunctions()->ModPathFromAddr(modbase, szModPath, _countof(szModPath)))
         wMenu->addAction(mCopyPathAction);
     wMenu->addAction(mYaraAction);
     wMenu->addAction(mYaraFileAction);
     wMenu->addAction(mEntropyAction);
+    wMenu->addSeparator();
+    int party = DbgFunctions()->ModGetParty(modbase);
+    if(party != 0)
+        wMenu->addAction(mModSetUserAction);
+    if(party != 1)
+        wMenu->addAction(mModSetSystemAction);
+    wMenu->addAction(mModSetPartyAction);
     QMenu wCopyMenu(tr("&Copy"), this);
     mModuleList->mCurList->setupCopyMenu(&wCopyMenu);
     if(wCopyMenu.actions().length())
@@ -295,7 +328,7 @@ void SymbolView::moduleEntryFollow()
 
 void SymbolView::moduleCopyPath()
 {
-    dsint modbase = DbgValFromString(mModuleList->mCurList->getCellContent(mModuleList->mCurList->getInitialSelection(), 0).toUtf8().constData());
+    duint modbase = DbgValFromString(mModuleList->mCurList->getCellContent(mModuleList->mCurList->getInitialSelection(), 0).toUtf8().constData());
     char szModPath[MAX_PATH] = "";
     if(DbgFunctions()->ModPathFromAddr(modbase, szModPath, _countof(szModPath)))
         Bridge::CopyToClipboard(szModPath);
@@ -395,7 +428,7 @@ void SymbolView::toggleBookmark()
 
 void SymbolView::moduleEntropy()
 {
-    dsint modbase = DbgValFromString(mModuleList->mCurList->getCellContent(mModuleList->mCurList->getInitialSelection(), 0).toUtf8().constData());
+    duint modbase = DbgValFromString(mModuleList->mCurList->getCellContent(mModuleList->mCurList->getInitialSelection(), 0).toUtf8().constData());
     char szModPath[MAX_PATH] = "";
     if(DbgFunctions()->ModPathFromAddr(modbase, szModPath, _countof(szModPath)))
     {
@@ -407,6 +440,64 @@ void SymbolView::moduleEntropy()
     }
 }
 
+void SymbolView::moduleSetSystem()
+{
+    int i = mModuleList->mCurList->getInitialSelection();
+    duint modbase = DbgValFromString(mModuleList->mCurList->getCellContent(i, 0).toUtf8().constData());
+    DbgFunctions()->ModSetParty(modbase, 1);
+    mModuleList->mCurList->setCellContent(i, 2, tr("System"));
+    mModuleList->mCurList->reloadData();
+}
+
+void SymbolView::moduleSetUser()
+{
+    int i = mModuleList->mCurList->getInitialSelection();
+    duint modbase = DbgValFromString(mModuleList->mCurList->getCellContent(i, 0).toUtf8().constData());
+    DbgFunctions()->ModSetParty(modbase, 0);
+    mModuleList->mCurList->setCellContent(i, 2, tr("User"));
+    mModuleList->mCurList->reloadData();
+}
+
+void SymbolView::moduleSetParty()
+{
+    LineEditDialog mLineEdit(this);
+    int party;
+    duint modbase = DbgValFromString(mModuleList->mCurList->getCellContent(mModuleList->mCurList->getInitialSelection(), 0).toUtf8().constData());
+    party = DbgFunctions()->ModGetParty(modbase);
+    mLineEdit.setWindowIcon(QIcon(":/icons/images/bookmark.png"));
+    mLineEdit.setWindowTitle(tr("Mark the party of the module as"));
+    mLineEdit.setText(QString::number(party));
+    if(mLineEdit.exec() == QDialog::Accepted)
+    {
+        bool ok;
+        party = mLineEdit.editText.toInt(&ok);
+        int i = mModuleList->mCurList->getInitialSelection();
+        if(ok)
+        {
+            DbgFunctions()->ModSetParty(modbase, party);
+            switch(party)
+            {
+            case 0:
+                mModuleList->mCurList->setCellContent(i, 2, tr("User"));
+                break;
+            case 1:
+                mModuleList->mCurList->setCellContent(i, 2, tr("System"));
+                break;
+            default:
+                mModuleList->mCurList->setCellContent(i, 2, tr("Party: %1").arg(party));
+                break;
+            }
+            mModuleList->mCurList->reloadData();
+        }
+        else
+        {
+            QMessageBox msg(QMessageBox::Critical, tr("Error"), tr("The party number can only be an integer"));
+            msg.setWindowIcon(QIcon(":/icons/images/compile-error.png"));
+            msg.exec();
+        }
+    }
+}
+
 void SymbolView::emptySearchResultSlot()
 {
     // No result after search

src/gui/Src/Gui/SymbolView.h

@@ -37,6 +37,9 @@ private slots:
     void moduleCopyPath();
     void moduleYara();
     void moduleYaraFile();
+    void moduleSetUser();
+    void moduleSetSystem();
+    void moduleSetParty();
     void toggleBreakpoint();
     void toggleBookmark();
     void refreshShortcutsSlot();
@@ -67,6 +70,9 @@ private:
     QAction* mYaraAction;
     QAction* mYaraFileAction;
     QAction* mEntropyAction;
+    QAction* mModSetUserAction;
+    QAction* mModSetSystemAction;
+    QAction* mModSetPartyAction;
 
     static void cbSymbolEnum(SYMBOLINFO* symbol, void* user);
 };

src/gui/Src/Utils/Configuration.cpp

@@ -286,6 +286,7 @@ Configuration::Configuration() : QObject(), noMoreMsgbox(false)
     defaultShortcuts.insert("DebugeStepOver", Shortcut(tr("Debug -> Step over (skip execptions)"), "Shift+F8", true));
     defaultShortcuts.insert("DebugRtr", Shortcut(tr("Debug -> Execute till return"), "Ctrl+F9", true));
     defaultShortcuts.insert("DebugeRtr", Shortcut(tr("Debug -> Execute till return (skip exceptions)"), "Ctrl+Shift+F9", true));
+    defaultShortcuts.insert("DebugRtu", Shortcut(tr("Debug -> Run to user code"), "Alt+F9", true));
     defaultShortcuts.insert("DebugSkipNextInstruction", Shortcut(tr("Debug -> Skip next instruction"), "Ctrl+F8", true));
     defaultShortcuts.insert("DebugCommand", Shortcut(tr("Debug -> Command"), "Ctrl+Return", true));