x64dbg/x64dbg
x64dbg
/
x64dbg
1
0
Fork 0
Code Releases 5 Activity

pull request fixed v1

This commit is contained in:
dreg_fr33project 2014-09-08 04:45:46 +02:00
parent d06734a38b
commit c0db39cb70
20 changed files with 253 additions and 396 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
help/alloc.htm
View File

@ -20,6 +20,7 @@ VirtualAllocEx). The memory is allocated
with PAGE_EXECUTE_READWRITE protection.</P>
<P><U>arguments</U><BR>[arg1]: Size of the memory to
allocate. When not specified, a default size of 0x1000 is used.</P>
<P>[arg2]&nbsp;(optional): if&nbsp;exist an&nbsp;arg2 (with any value)&nbsp;the memory map&nbsp;GUI is not updated explicity from this&nbsp;command.&nbsp;</P>
<P><U>result</U><BR>This command sets $result to the allocated memory address. It also sets the $lastalloc
variable to the allocated memory address when VirtualAllocEx
succeeded.</P></body>

3
help/free.htm
View File

@ -20,6 +20,9 @@ html,body {
<P>
<U>arguments</U><BR> [arg1]: Address of the memory to free. When not
specified, the value at $lastalloc is used.</P>
<P>
[arg2]&nbsp;(optional): if&nbsp;exist an&nbsp;arg2 (with any value)&nbsp;the memory
map&nbsp;GUI is not updated explicity from this&nbsp;command.&nbsp;</P>
<P>
<U>
result

5
help/setpagerights_setrightspage.htm
View File

@ -25,6 +25,11 @@ not the top address of a page). </SPAN></P>
"ExecuteRead", "ExecuteReadWrite", "ExecuteWriteCopy", "NoAccess", "ReadOnly", "ReadWrite", "WriteCopy". You can add a G at first
for add PAGE GUARD. example: "GReadOnly". Read
the MSDN for more info.</SPAN></P>
<P class=rvps3><SPAN class=rvts9>
arg3&nbsp;(optional): if&nbsp;exist
an&nbsp;arg3 (with any value)&nbsp;the memory map&nbsp;GUI is
not updated explicity from this&nbsp;command.&nbsp;</SPAN></P>
<P class=rvps3><SPAN class=rvts9></SPAN><SPAN class=rvts11><U>result <BR></U></SPAN><SPAN class=rvts9>This command does not set any result
variables.</SPAN></P></body>
</html>

BIN
help/x64_dbg.wcp
View File

Binary file not shown.

5
x64_dbg_bridge/bridgemain.h
View File

@ -713,6 +713,11 @@ BRIDGE_IMPEXP void GuiUpdatePatches();
BRIDGE_IMPEXP void GuiUpdateCallStack();
BRIDGE_IMPEXP void GuiUpdateMemoryView();
//other MISC defines
#define RIGHTS_STRING (sizeof("ERWCG") + 1)
#define PAGE_SIZE 0x1000
#ifdef __cplusplus
}
#endif

2
x64_dbg_dbg/_dbgfunctions.cpp
View File

@ -139,7 +139,7 @@ static bool _pagerightstostring(DWORD protect, char* rights)
static bool _setpagerights(uint* addr, char* rights)
{
return dbgsetpagerights(addr, rights);
return dbgsetpagerights(addr, rights, false);
}
static bool _getjit(char* jit, bool jit64)

193
x64_dbg_dbg/debugger.cpp
View File

@ -1671,7 +1671,7 @@ bool dbgpagerightsfromstring(DWORD* protect, char* rights_string)
return true;
}
bool dbgsetpagerights(uint* addr, char* rights_string)
bool dbgsetpagerights(uint* addr, char* rights_string, bool update_memmap)
{
DWORD protect;
DWORD old_protect;
@ -1684,8 +1684,11 @@ bool dbgsetpagerights(uint* addr, char* rights_string)
if(VirtualProtectEx(fdProcessInfo->hProcess, (void*)*addr, PAGE_SIZE, protect, & old_protect) == 0)
return false;
memupdatemap(fdProcessInfo->hProcess);
GuiUpdateMemoryView();
if(update_memmap)
{
memupdatemap(fdProcessInfo->hProcess);
GuiUpdateMemoryView();
}
return true;
}
@ -1833,66 +1836,6 @@ bool dbglistprocesses(std::vector<PROCESSENTRY32>* list)
return true;
}
HRESULT AnsiToUnicode(LPCSTR pszA, LPOLESTR* ppszW)
{
ULONG cCharacters;
DWORD dwError;
// If input is null then just return the same.
if(NULL == pszA)
{
*ppszW = NULL;
return NOERROR;
}
// Determine number of wide characters to be allocated for the
// Unicode string.
cCharacters = strlen(pszA) + 1;
*ppszW = (LPOLESTR) calloc(1, cCharacters * 2);
if(NULL == *ppszW)
return E_OUTOFMEMORY;
// Covert to Unicode.
if(0 == MultiByteToWideChar(CP_ACP, 0, pszA, cCharacters,
*ppszW, cCharacters))
{
dwError = GetLastError();
free(*ppszW);
*ppszW = NULL;
return HRESULT_FROM_WIN32(dwError);
}
return NOERROR;
}
HRESULT UnicodeToAnsi(LPCOLESTR pszW, LPSTR* ppszA)
{
ULONG cbAnsi, cCharacters;
DWORD dwError;
// If input is null then just return the same.
if(pszW == NULL)
{
*ppszA = NULL;
return NOERROR;
}
cCharacters = wcslen(pszW) + 1;
cbAnsi = cCharacters * 2;
*ppszA = (LPSTR) calloc(1, cbAnsi);
if(NULL == *ppszA)
return E_OUTOFMEMORY;
if(0 == WideCharToMultiByte(CP_ACP, 0, pszW, cCharacters, *ppszA, cbAnsi, NULL, NULL))
{
dwError = GetLastError();
free(*ppszA);
*ppszA = NULL;
return HRESULT_FROM_WIN32(dwError);
}
return NOERROR;
}
bool _getcommandlineaddr(uint* addr, cmdline_error_t* cmd_line_error)
{
SIZE_T size;
@ -1906,7 +1849,8 @@ bool _getcommandlineaddr(uint* addr, cmdline_error_t* cmd_line_error)
return false;
}
cmd_line_error->addr = (uint) & (((MSDNPEB*) cmd_line_error->addr)->ProcessParameters);
//cast-trick to calculate the address of the remote peb field ProcessParameters
cmd_line_error->addr = (uint) & (((PPEB) cmd_line_error->addr)->ProcessParameters);
if(!memread(fdProcessInfo->hProcess, (const void*) cmd_line_error->addr, & pprocess_parameters, sizeof(pprocess_parameters), & size))
{
cmd_line_error->type = CMDL_ERR_READ_PEBBASE;
@ -1918,7 +1862,7 @@ bool _getcommandlineaddr(uint* addr, cmdline_error_t* cmd_line_error)
return true;
}
bool __FixGetCommandLines(uint getcommandline, uint new_command_line, cmdline_error_t* cmd_line_error)
bool __fixgetcommandlines(uint getcommandline, uint new_command_line, cmdline_error_t* cmd_line_error)
{
uint command_line_stored = 0;
uint aux = 0;
@ -1970,7 +1914,7 @@ bool __FixGetCommandLines(uint getcommandline, uint new_command_line, cmdline_er
return true;
}
bool _FixGetCommandLines(uint new_command_line_unicode, uint new_command_line_ascii, cmdline_error_t* cmd_line_error)
bool _fixgetcommandlines(uint new_command_line_unicode, uint new_command_line_ascii, cmdline_error_t* cmd_line_error)
{
uint getcommandline;
@ -1983,7 +1927,7 @@ bool _FixGetCommandLines(uint new_command_line_unicode, uint new_command_line_as
}
}
if(!__FixGetCommandLines(getcommandline, new_command_line_ascii, cmd_line_error))
if(!__fixgetcommandlines(getcommandline, new_command_line_ascii, cmd_line_error))
return false;
if(!valfromstring("kernelbase:GetCommandLineW", & getcommandline))
@ -1995,7 +1939,7 @@ bool _FixGetCommandLines(uint new_command_line_unicode, uint new_command_line_as
}
}
if(! __FixGetCommandLines(getcommandline, new_command_line_unicode, cmd_line_error))
if(! __fixgetcommandlines(getcommandline, new_command_line_unicode, cmd_line_error))
return false;
return true;
@ -2007,8 +1951,6 @@ bool dbgsetcmdline(char* cmd_line, cmdline_error_t* cmd_line_error)
UNICODE_STRING new_command_line;
SIZE_T size;
uint command_line_addr;
bool returnf;
PWSTR command_linewstr;
if(cmd_line_error == NULL)
cmd_line_error = & cmd_line_error_aux;
@ -2018,10 +1960,14 @@ bool dbgsetcmdline(char* cmd_line, cmdline_error_t* cmd_line_error)
command_line_addr = cmd_line_error->addr;
new_command_line.Length = (strlen(cmd_line) + 1) * 2;
SIZE_T cmd_line_size = strlen(cmd_line);
new_command_line.Length = (USHORT)(strlen(cmd_line) + 1) * sizeof(WCHAR);
new_command_line.MaximumLength = new_command_line.Length;
if(AnsiToUnicode(cmd_line, & command_linewstr) != NOERROR)
Memory<wchar_t*> command_linewstr(new_command_line.Length);
// Covert to Unicode.
if(MultiByteToWideChar(CP_ACP, 0, cmd_line, (int) cmd_line_size + 1, command_linewstr, (int) cmd_line_size + 1) == 0)
{
cmd_line_error->type = CMDL_ERR_CONVERTUNICODE;
return false;
@ -2029,55 +1975,48 @@ bool dbgsetcmdline(char* cmd_line, cmdline_error_t* cmd_line_error)
new_command_line.Buffer = command_linewstr;
returnf = false;
uint mem = (uint)memalloc(fdProcessInfo->hProcess, 0, new_command_line.Length * 2, PAGE_READWRITE);
if(!mem)
cmd_line_error->type = CMDL_ERR_ALLOC_UNICODEANSI_COMMANDLINE;
else
{
memupdatemap(fdProcessInfo->hProcess);
GuiUpdateMemoryView();
if(! memwrite(fdProcessInfo->hProcess, (void*) mem, new_command_line.Buffer, new_command_line.Length, & size))
{
cmd_line_error->addr = mem;
cmd_line_error->type = CMDL_ERR_WRITE_UNICODE_COMMANDLINE;
}
else
{
if(! memwrite(fdProcessInfo->hProcess, (void*)(mem + new_command_line.Length), cmd_line, strlen(cmd_line) + 1, & size))
{
cmd_line_error->addr = mem + new_command_line.Length;
cmd_line_error->type = CMDL_ERR_WRITE_ANSI_COMMANDLINE;
}
else
{
if(_FixGetCommandLines(mem, mem + new_command_line.Length, cmd_line_error))
{
new_command_line.Buffer = (PWSTR) mem;
if(! memwrite(fdProcessInfo->hProcess, (void*) command_line_addr, & new_command_line, sizeof(new_command_line), & size))
{
cmd_line_error->addr = command_line_addr;
cmd_line_error->type = CMDL_ERR_WRITE_PEBUNICODE_COMMANDLINE;
}
else
returnf = true;
}
}
}
cmd_line_error->type = CMDL_ERR_ALLOC_UNICODEANSI_COMMANDLINE;
return false;
}
free(command_linewstr);
memupdatemap(fdProcessInfo->hProcess);
GuiUpdateMemoryView();
return returnf;
if(! memwrite(fdProcessInfo->hProcess, (void*) mem, new_command_line.Buffer, new_command_line.Length, & size))
{
cmd_line_error->addr = mem;
cmd_line_error->type = CMDL_ERR_WRITE_UNICODE_COMMANDLINE;
return false;
}
if(! memwrite(fdProcessInfo->hProcess, (void*)(mem + new_command_line.Length), cmd_line, strlen(cmd_line) + 1, & size))
{
cmd_line_error->addr = mem + new_command_line.Length;
cmd_line_error->type = CMDL_ERR_WRITE_ANSI_COMMANDLINE;
return false;
}
if(!_fixgetcommandlines(mem, mem + new_command_line.Length, cmd_line_error))
return false;
new_command_line.Buffer = (PWSTR) mem;
if(! memwrite(fdProcessInfo->hProcess, (void*) command_line_addr, & new_command_line, sizeof(new_command_line), & size))
{
cmd_line_error->addr = command_line_addr;
cmd_line_error->type = CMDL_ERR_WRITE_PEBUNICODE_COMMANDLINE;
return false;
}
return true;
}
bool dbggetcmdline(char** cmd_line, cmdline_error_t* cmd_line_error)
{
SIZE_T size;
UNICODE_STRING CommandLine;
PWSTR wstr_cmd;
bool returnf;
cmdline_error_t cmd_line_error_aux;
if(cmd_line_error == NULL)
@ -2092,27 +2031,33 @@ bool dbggetcmdline(char** cmd_line, cmdline_error_t* cmd_line_error)
return false;
}
wstr_cmd = (PWSTR) calloc(1, CommandLine.Length + sizeof(WCHAR));
if(wstr_cmd == NULL)
Memory<wchar_t*> wstr_cmd(CommandLine.Length + sizeof(wchar_t));
cmd_line_error->addr = (uint) CommandLine.Buffer;
if(!memread(fdProcessInfo->hProcess, (const void*) cmd_line_error->addr, wstr_cmd, CommandLine.Length, & size))
{
cmd_line_error->type = CMDL_ERR_READ_PROCPARM_CMDLINE;
return false;
}
SIZE_T wstr_cmd_size = wcslen(wstr_cmd) + 1;
SIZE_T cmd_line_size = wstr_cmd_size * 2;
* cmd_line = (char*) calloc(1, cmd_line_size);
if(* cmd_line == NULL)
{
cmd_line_error->type = CMDL_ERR_ALLOC;
return false;
}
returnf = false;
cmd_line_error->addr = (uint) CommandLine.Buffer;
if(!memread(fdProcessInfo->hProcess, (const void*) cmd_line_error->addr, wstr_cmd, CommandLine.Length, & size))
cmd_line_error->type = CMDL_ERR_READ_PROCPARM_CMDLINE;
else
//Convert TO ASCII
if(WideCharToMultiByte(CP_ACP, 0, wstr_cmd, (int) wstr_cmd_size, * cmd_line, (int) cmd_line_size, NULL, NULL) == 0)
{
if(UnicodeToAnsi(wstr_cmd, cmd_line) != NOERROR)
cmd_line_error->type = CMDL_ERR_CONVERTUNICODE;
else
returnf = true;
free(* cmd_line);
cmd_line_error->type = CMDL_ERR_CONVERTUNICODE;
return false;
}
free(wstr_cmd);
return returnf;
return true;
}

10
x64_dbg_dbg/debugger.h
View File

@ -12,7 +12,7 @@
#define JIT_ENTRY_DEF_SIZE (MAX_PATH + sizeof(ATTACH_CMD_LINE) + 2)
#define JIT_ENTRY_MAX_SIZE 512
#define JIT_REG_KEY TEXT("SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\AeDebug")
#define RIGHTS_STRING (sizeof("ERWCG") + 1)
typedef enum
{
@ -95,7 +95,7 @@ bool dbggetpagerights(uint*, char*);
bool dbgpagerightstostring(DWORD, char*);
void dbggetpageligned(uint*);
bool dbgpagerightsfromstring(DWORD*, char*);
bool dbgsetpagerights(uint*, char*);
bool dbgsetpagerights(uint*, char*, bool);
bool dbgsetjit(char* jit_cmd, arch arch_in, arch* arch_out, readwritejitkey_error_t*);
bool dbggetdefjit(char* jit_entry);
bool _readwritejitkey(char*, DWORD*, char*, arch, arch*, readwritejitkey_error_t*, bool);
@ -103,12 +103,10 @@ bool dbggetjitauto(bool*, arch, arch*, readwritejitkey_error_t*);
bool dbgsetjitauto(bool, arch, arch*, readwritejitkey_error_t*);
bool dbglistprocesses(std::vector<PROCESSENTRY32>* list);
bool IsProcessElevated();
HRESULT UnicodeToAnsi(LPCOLESTR, LPSTR*);
HRESULT AnsiToUnicode(LPSTR, LPCOLESTR*);
bool dbggetcmdline(char**, cmdline_error_t*);
bool dbgsetcmdline(char*, cmdline_error_t*);
bool _FixGetCommandLines(uint new_command_line_unicode, uint new_command_line_ascii, cmdline_error_t* cmd_line_error);
bool __FixGetCommandLines(uint getcommandline, uint new_command_line, cmdline_error_t* cmd_line_error);
bool _fixgetcommandlines(uint new_command_line_unicode, uint new_command_line_ascii, cmdline_error_t* cmd_line_error);
bool __fixgetcommandlines(uint getcommandline, uint new_command_line, cmdline_error_t* cmd_line_error);
bool _getcommandlineaddr(uint* addr, cmdline_error_t* cmd_line_error);
void cbStep();

13
x64_dbg_dbg/debugger_commands.cpp
View File

@ -705,7 +705,8 @@ CMDRESULT cbDebugAlloc(int argc, char* argv[])
varset("$lastalloc", mem, true);
dbggetprivateusage(fdProcessInfo->hProcess, true);
memupdatemap(fdProcessInfo->hProcess);
GuiUpdateMemoryView();
if(argc <= 2)
GuiUpdateMemoryView();
varset("$res", mem, false);
return STATUS_CONTINUE;
}
@ -733,6 +734,8 @@ CMDRESULT cbDebugFree(int argc, char* argv[])
dputs("VirtualFreeEx failed");
dbggetprivateusage(fdProcessInfo->hProcess, true);
memupdatemap(fdProcessInfo->hProcess);
if(argc <= 2)
GuiUpdateMemoryView();
varset("$res", ok, false);
return STATUS_CONTINUE;
}
@ -1727,14 +1730,18 @@ CMDRESULT cbDebugSetPageRights(int argc, char* argv[])
{
uint addr = 0;
char rights[RIGHTS_STRING];
bool update_memmap = true;
if(argc != 3 || !valfromstring(argv[1], &addr))
if(argc < 3 || !valfromstring(argv[1], &addr))
{
dprintf("Error: using an address as arg1 and as arg2: Execute, ExecuteRead, ExecuteReadWrite, ExecuteWriteCopy, NoAccess, ReadOnly, ReadWrite, WriteCopy. You can add a G at first for add PAGE GUARD, example: GReadOnly\n");
return STATUS_ERROR;
}
if(!dbgsetpagerights(&addr, argv[2]))
if(argc >= 4)
update_memmap = false;
if(!dbgsetpagerights(&addr, argv[2], update_memmap))
{
dprintf("Error: Set rights of "fhex" with Rights: %s\n", addr, argv[2]);
return STATUS_ERROR;

2
x64_dbg_dbg/memory.h
View File

@ -4,8 +4,6 @@
#include "_global.h"
#include "addrinfo.h"
#define PAGE_SIZE 0x1000 //TODO: better stuff here
typedef std::map<Range, MEMPAGE, RangeCompare> MemoryMap;
extern MemoryMap memoryPages;

204
x64_dbg_dbg/undocumented.h
View File

@ -19,51 +19,92 @@ typedef struct _CLIENT_ID
HANDLE UniqueThread;
} CLIENT_ID;
/* FIX IT TO WORK FROM x64 debugger: ADD PVOIDs etc.. */
typedef struct _PEB
typedef struct _RTL_USER_PROCESS_PARAMETERS
{
BYTE InheritedAddressSpace;
BYTE ReadImageFileExecOptions;
BYTE BeingDebugged;
BYTE SpareBool;
DWORD Mutant;
DWORD ImageBaseAddress;
DWORD LoaderData;
DWORD ProcessParameters;
DWORD SubSystemData;
DWORD ProcessHeap;
DWORD FastPebLock;
DWORD FastPebLockRoutine;
DWORD FastPebUnlockRoutine;
DWORD EnviromentUpdateCount;
DWORD KernelCallbackTable;
DWORD UserSharedInfoPtr;
DWORD ThunksOrOptions;
DWORD FreeList;
DWORD TlsExpansionCounter;
DWORD TlsBitmap;
BYTE Reserved1[16];
PVOID Reserved2[10];
UNICODE_STRING ImagePathName;
UNICODE_STRING CommandLine;
} RTL_USER_PROCESS_PARAMETERS, *PRTL_USER_PROCESS_PARAMETERS;
#pragma pack(push)
#pragma pack(1)
template <class T>
struct LIST_ENTRY_T
{
T Flink;
T Blink;
};
template <class T>
struct UNICODE_STRING_T
{
union
{
struct
{
WORD Length;
WORD MaximumLength;
};
T dummy;
};
T _Buffer;
};
template <class T, class NGF, int A>
struct _PEB_T
{
union
{
struct
{
BYTE InheritedAddressSpace;
BYTE ReadImageFileExecOptions;
BYTE BeingDebugged;
BYTE BitField;
};
T dummy01;
};
T Mutant;
T ImageBaseAddress;
T Ldr;
T ProcessParameters;
T SubSystemData;
T ProcessHeap;
T FastPebLock;
T AtlThunkSListPtr;
T IFEOKey;
T CrossProcessFlags;
T UserSharedInfoPtr;
DWORD SystemReserved;
DWORD AtlThunkSListPtr32;
T ApiSetMap;
T TlsExpansionCounter;
T TlsBitmap;
DWORD TlsBitmapBits[2];
DWORD ReadOnlySharedMemoryBase;
DWORD ReadOnlySharedMemoryHeap;
DWORD ReadOnlyStaticServerData;
DWORD AnsiCodePageData;
DWORD OemCodePageData;
DWORD UnicodeCaseTableData;
T ReadOnlySharedMemoryBase;
T HotpatchInformation;
T ReadOnlyStaticServerData;
T AnsiCodePageData;
T OemCodePageData;
T UnicodeCaseTableData;
DWORD NumberOfProcessors;
DWORD NtGlobalFlag;
DWORD Reserved;
union
{
DWORD NtGlobalFlag;
NGF dummy02;
};
LARGE_INTEGER CriticalSectionTimeout;
DWORD HeapSegmentReserve;
DWORD HeapSegmentCommit;
DWORD HeapDeCommitTotalFreeThreshold;
DWORD HeapDeCommitFreeBlockThreshold;
T HeapSegmentReserve;
T HeapSegmentCommit;
T HeapDeCommitTotalFreeThreshold;
T HeapDeCommitFreeBlockThreshold;
DWORD NumberOfHeaps;
DWORD MaximumNumberOfHeaps;
DWORD ProcessHeaps;
DWORD GdiSharedHandleTable;
DWORD ProcessStarterHelper;
DWORD GdiDCAttributeList;
DWORD LoaderLock;
T ProcessHeaps;
T GdiSharedHandleTable;
T ProcessStarterHelper;
T GdiDCAttributeList;
T LoaderLock;
DWORD OSMajorVersion;
DWORD OSMinorVersion;
WORD OSBuildNumber;
@ -71,30 +112,47 @@ typedef struct _PEB
DWORD OSPlatformId;
DWORD ImageSubsystem;
DWORD ImageSubsystemMajorVersion;
DWORD ImageSubsystemMinorVersion;
DWORD ImageProcessAffinityMask;
DWORD GdiHandleBuffer[34];
DWORD PostProcessInitRoutine;
DWORD TlsExpansionBitmap;
T ImageSubsystemMinorVersion;
T ActiveProcessAffinityMask;
T GdiHandleBuffer[A];
T PostProcessInitRoutine;
T TlsExpansionBitmap;
DWORD TlsExpansionBitmapBits[32];
DWORD SessionId;
T SessionId;
ULARGE_INTEGER AppCompatFlags;
ULARGE_INTEGER AppCompatFlagsUser;
DWORD pShimData;
DWORD AppCompatInfo;
UNICODE_STRING CSDVersion;
DWORD ActivationContextData;
DWORD ProcessAssemblyStorageMap;
DWORD SystemDefaultActivationContextData;
DWORD SystemAssemblyStorageMap;
DWORD MinimumStackCommit;
DWORD FlsCallback;
DWORD FlsListHead_Flink;
DWORD FlsListHead_Blink;
DWORD FlsBitmap;
T pShimData;
T AppCompatInfo;
UNICODE_STRING_T<T> CSDVersion;
T ActivationContextData;
T ProcessAssemblyStorageMap;
T SystemDefaultActivationContextData;
T SystemAssemblyStorageMap;
T MinimumStackCommit;
T FlsCallback;
LIST_ENTRY_T<T> FlsListHead;
T FlsBitmap;
DWORD FlsBitmapBits[4];
DWORD FlsHighIndex;
} PEB, *PPEB;
T FlsHighIndex;
T WerRegistrationData;
T WerShipAssertPtr;
T pContextData;
T pImageHeaderHash;
T TracingFlags;
};
typedef _PEB_T<DWORD, DWORD64, 34> PEB32;
typedef _PEB_T<DWORD64, DWORD, 30> PEB64;
#pragma pack(pop)
#ifdef _WIN64 //x64
typedef PEB64 PEB;
#else //x86
typedef PEB32 PEB;
#endif //_WIN64
typedef PEB* PPEB;
typedef struct _TEB
{
@ -157,33 +215,5 @@ typedef struct _TEB
PVOID StackReserved;
} TEB, *PTEB;
typedef struct _RTL_USER_PROCESS_PARAMETERS
{
BYTE Reserved1[16];
PVOID Reserved2[10];
UNICODE_STRING ImagePathName;
UNICODE_STRING CommandLine;
} RTL_USER_PROCESS_PARAMETERS, *PRTL_USER_PROCESS_PARAMETERS;
/*
Workarround: this PEB its like the default PEB struct in MSDN,
if you use the PEB of this header from the x64debugger you will have problems,
for example: accessing ProcessParamater.
*/
typedef struct _MSDNPEB
{
BYTE Reserved1[2];
BYTE BeingDebugged;
BYTE Reserved2[1];
PVOID Reserved3[2];
PVOID /*PPEB_LDR_DATA*/ Ldr;
PRTL_USER_PROCESS_PARAMETERS ProcessParameters;
BYTE Reserved4[104];
PVOID Reserved5[52];
PVOID /* PPS_POST_PROCESS_INIT_ROUTINE */ PostProcessInitRoutine;
BYTE Reserved6[128];
PVOID Reserved7[1];
ULONG SessionId;
} MSDNPEB, *PMSDNPEB;
#endif /* _UNDOCUMENTED_H */

5
x64_dbg_gui/Project/Src/Gui/LineEditDialog.cpp
View File

@ -17,6 +17,11 @@ LineEditDialog::~LineEditDialog()
delete ui;
}
void LineEditDialog::setCursorPosition(int position)
{
ui->textEdit->setCursorPosition(position);
}
void LineEditDialog::setText(const QString & text)
{
ui->textEdit->setText(text);

1
x64_dbg_gui/Project/Src/Gui/LineEditDialog.h
View File

@ -21,6 +21,7 @@ public:
void enableCheckBox(bool bEnable);
void setCheckBox(bool bSet);
void setCheckBoxText(const QString & text);
void setCursorPosition(int position);
private slots:
void on_textEdit_textChanged(const QString & arg1);

32
x64_dbg_gui/Project/Src/Gui/MainWindow.cpp
View File

@ -12,7 +12,6 @@
#include "ShortcutsDialog.h"
#include "AttachDialog.h"
#include "LineEditDialog.h"
#include "changecommandline.h"
MainWindow::MainWindow(QWidget* parent) : QMainWindow(parent), ui(new Ui::MainWindow)
{
@ -945,7 +944,34 @@ void MainWindow::on_actionChange_command_line_triggered()
return;
}
ChangeCommandline change_command_line;
change_command_line.exec();
LineEditDialog mLineEdit(this);
mLineEdit.setText("this is the current command line");
mLineEdit.setWindowTitle("Edit Command Line");
mLineEdit.setWindowIcon(QIcon(":/icons/images/changeargs.png"));
char* cmd_line;
if(! DbgFunctions()->GetCmdline(& cmd_line))
mLineEdit.setText("Cant get remote command line use getcmdline command for more information");
else
{
mLineEdit.setText(QString(cmd_line));
free(cmd_line);
}
mLineEdit.setCursorPosition(0);
if(mLineEdit.exec() != QDialog::Accepted)
return; //pressed cancel
if(!DbgFunctions()->SetCmdline((char*)mLineEdit.editText.toUtf8().constData()))
{
QMessageBox msg(QMessageBox::Warning, "ERROR CANT SET COMMAND LINE", "ERROR SETTING COMMAND LINE TRY SETCOMMANDLINE COMMAND");
msg.setWindowIcon(QIcon(":/icons/images/compile-warning.png"));
msg.setParent(this, Qt::Dialog);
msg.setWindowFlags(msg.windowFlags() & (~Qt::WindowContextHelpButtonHint));
msg.exec();
}
else
GuiAddStatusBarMessage(QString("New command line: " + mLineEdit.editText + "\n").toUtf8().constData());
}

1
x64_dbg_gui/Project/Src/Gui/PageMemoryRights.cpp
View File

@ -30,7 +30,6 @@ void PageMemoryRights::RunAddrSize(uint_t addrin, uint_t sizein, QString pagetyp
tableWidget->setHorizontalHeaderItem(0, new QTableWidgetItem(QString("Address")));
tableWidget->setHorizontalHeaderItem(1, new QTableWidgetItem(QString("Rights")));
#define RIGHTS_STRING (sizeof("ERWCG") + 1)
duint actual_addr;
char rights[RIGHTS_STRING];
for(uint_t i = 0; i < nr_pages; i++)

2
x64_dbg_gui/Project/Src/Gui/PageMemoryRights.h
View File

@ -4,8 +4,6 @@
#include <QDialog>
#include "NewTypes.h"
#define PAGE_SIZE 0x1000
namespace Ui
{
class PageMemoryRights;

44
x64_dbg_gui/Project/Src/Gui/changecommandline.cpp
View File

@ -1,44 +0,0 @@
#include "changecommandline.h"
#include "ui_changecommandline.h"
#include <QMessageBox>
#include <QIcon>
ChangeCommandline::ChangeCommandline(QWidget* parent) :
QDialog(parent),
ui(new Ui::ChangeCommandline)
{
ui->setupUi(this);
char* cmd_line;
//set window flags
setModal(true);
setWindowFlags(Qt::Dialog | Qt::WindowSystemMenuHint | Qt::WindowTitleHint | Qt::MSWindowsFixedSizeDialogHint);
if(! DbgFunctions()->GetCmdline(& cmd_line))
ui->lneditCommandline->setText("Cant get remote command line use getcmdline command for more information");
else
{
ui->lneditCommandline->setText(QString(cmd_line));
ui->lneditCommandline->setCursorPosition(0);
free(cmd_line);
}
}
ChangeCommandline::~ChangeCommandline()
{
delete ui;
}
void ChangeCommandline::on_buttonBox_accepted()
{
if(!DbgFunctions()->SetCmdline((char*)ui->lneditCommandline->text().toUtf8().constData()))
{
QMessageBox msg(QMessageBox::Warning, "ERROR CANT SET COMMAND LINE", "ERROR SETTING COMMAND LINE TRY SETCOMMANDLINE COMMAND");
msg.setWindowIcon(QIcon(":/icons/images/compile-warning.png"));
msg.setParent(this, Qt::Dialog);
msg.setWindowFlags(msg.windowFlags() & (~Qt::WindowContextHelpButtonHint));
msg.exec();
}
else
GuiAddStatusBarMessage(QString("New command line: " + ui->lneditCommandline->text() + "\n").toUtf8().constData());
}

27
x64_dbg_gui/Project/Src/Gui/changecommandline.h
View File

@ -1,27 +0,0 @@
#ifndef CHANGECOMMANDLINE_H
#define CHANGECOMMANDLINE_H
#include <QDialog>
#include "NewTypes.h"
namespace Ui
{
class ChangeCommandline;
}
class ChangeCommandline : public QDialog
{
Q_OBJECT
public:
explicit ChangeCommandline(QWidget* parent = 0);
~ChangeCommandline();
private slots:
void on_buttonBox_accepted();
private:
Ui::ChangeCommandline* ui;
};
#endif // CHANGECOMMANDLINE_H

90
x64_dbg_gui/Project/Src/Gui/changecommandline.ui
View File

@ -1,90 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<ui version="4.0">
<class>ChangeCommandline</class>
<widget class="QDialog" name="ChangeCommandline">
<property name="geometry">
<rect>
<x>0</x>
<y>0</y>
<width>471</width>
<height>84</height>
</rect>
</property>
<property name="windowTitle">
<string>Change Command Line</string>
</property>
<property name="windowIcon">
<iconset resource="../../resource.qrc">
<normaloff>:/icons/images/changeargs.png</normaloff>:/icons/images/changeargs.png</iconset>
</property>
<widget class="QWidget" name="layoutWidget">
<property name="geometry">
<rect>
<x>10</x>
<y>10</y>
<width>451</width>
<height>70</height>
</rect>
</property>
<layout class="QVBoxLayout" name="verticalLayout">
<item>
<widget class="QLabel" name="label">
<property name="text">
<string>New Command Line:</string>
</property>
</widget>
</item>
<item>
<widget class="QLineEdit" name="lneditCommandline"/>
</item>
<item>
<widget class="QDialogButtonBox" name="buttonBox">
<property name="orientation">
<enum>Qt::Horizontal</enum>
</property>
<property name="standardButtons">
<set>QDialogButtonBox::Cancel|QDialogButtonBox::Ok</set>
</property>
</widget>
</item>
</layout>
</widget>
</widget>
<resources>
<include location="../../resource.qrc"/>
</resources>
<connections>
<connection>
<sender>buttonBox</sender>
<signal>accepted()</signal>
<receiver>ChangeCommandline</receiver>
<slot>accept()</slot>
<hints>
<hint type="sourcelabel">
<x>229</x>
<y>70</y>
</hint>
<hint type="destinationlabel">
<x>157</x>
<y>83</y>
</hint>
</hints>
</connection>
<connection>
<sender>buttonBox</sender>
<signal>rejected()</signal>
<receiver>ChangeCommandline</receiver>
<slot>reject()</slot>
<hints>
<hint type="sourcelabel">
<x>297</x>
<y>76</y>
</hint>
<hint type="destinationlabel">
<x>286</x>
<y>83</y>
</hint>
</hints>
</connection>
</connections>
</ui>

9
x64_dbg_gui/Project/x64_dbg.pro
View File

@ -83,8 +83,7 @@ SOURCES += \
Src/BasicView/ShortcutEdit.cpp \
Src/Gui/CalculatorDialog.cpp \
Src/Gui/AttachDialog.cpp \
Src/Gui/PageMemoryRights.cpp \
Src/Gui/changecommandline.cpp
Src/Gui/PageMemoryRights.cpp
HEADERS += \
@ -146,8 +145,7 @@ HEADERS += \
Src/BasicView/ShortcutEdit.h \
Src/Gui/CalculatorDialog.h \
Src/Gui/AttachDialog.h \
Src/Gui/PageMemoryRights.h \
Src/Gui/changecommandline.h
Src/Gui/PageMemoryRights.h
INCLUDEPATH += \
@ -181,8 +179,7 @@ FORMS += \
Src/Gui/ShortcutsDialog.ui \
Src/Gui/CalculatorDialog.ui \
Src/Gui/AttachDialog.ui \
Src/Gui/PageMemoryRights.ui \
Src/Gui/changecommandline.ui
Src/Gui/PageMemoryRights.ui
INCLUDEPATH += $$PWD/Src/Bridge