PROJECT: documentation
This commit is contained in:
parent
edec2c8c3b
commit
d655fb94d7
|
@ -0,0 +1,30 @@
|
|||
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
|
||||
<html>
|
||||
<head>
|
||||
<title>_plugin_menuentryseticon</title>
|
||||
<meta name="GENERATOR" content="WinCHM">
|
||||
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
|
||||
<style>
|
||||
html,body {
|
||||
/* Default Font */
|
||||
font-family: Courier New;
|
||||
font-size: 11pt;
|
||||
}
|
||||
</style>
|
||||
|
||||
</head>
|
||||
|
||||
<body>
|
||||
<P><STRONG>_plugin_menuseticon</STRONG><BR>This
|
||||
function sets an icon to a menu.<BR>
|
||||
<P><STRONG>void _plugin_menuseticon (<BR>int</STRONG>
|
||||
pluginHandle, //plugin handle<BR><STRONG>int</STRONG>
|
||||
hEntry, //handle of the menu entry<BR><STRONG>const ICONDATA*</STRONG> icon //icon data<BR><STRONG>);</STRONG> </P>
|
||||
<P><STRONG>Parameters</STRONG></P>
|
||||
<P><U>pluginHandle</U>: Handle of the calling plugin.</P>
|
||||
<P><U>hEntry</U>: Menu handle from a
|
||||
previously-added child menu or from the main plugin menu.</P>
|
||||
<P><U>icon</U>: Icon data. See
|
||||
bridgemain.h for a definition.</P>
|
||||
<P><STRONG>Return Values</STRONG> <BR>This function does not return a value.</P></body>
|
||||
</html>
|
|
@ -0,0 +1,29 @@
|
|||
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
|
||||
<html>
|
||||
<head>
|
||||
<title>_plugin_menuseticon</title>
|
||||
<meta name="GENERATOR" content="WinCHM">
|
||||
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
|
||||
<style>
|
||||
html,body {
|
||||
/* Default Font */
|
||||
font-family: Courier New;
|
||||
font-size: 11pt;
|
||||
}
|
||||
</style>
|
||||
|
||||
</head>
|
||||
|
||||
<body>
|
||||
<P><STRONG>_plugin_menuseticon</STRONG><BR>This function
|
||||
sets an icon to a menu.<BR>
|
||||
<P><STRONG>void _plugin_menuseticon
|
||||
(<BR>int</STRONG> hMenu, //handle of the menu<BR><STRONG>const ICONDATA*</STRONG>
|
||||
icon //icon data<BR><STRONG>);</STRONG>
|
||||
</P>
|
||||
<P><STRONG>Parameters</STRONG></P>
|
||||
<P><U>hMenu</U>: Menu handle from a
|
||||
previously-added child menu or from the main plugin menu.</P>
|
||||
<P><U>icon</U>: Icon data. See bridgemain.h for a definition.</P>
|
||||
<P><STRONG>Return Values</STRONG> <BR>This function does not return a value.</P></body>
|
||||
</html>
|
|
@ -0,0 +1,23 @@
|
|||
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
|
||||
<html>
|
||||
<head>
|
||||
<title>analyse/analyze/anal</title>
|
||||
<meta name="GENERATOR" content="WinCHM">
|
||||
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
|
||||
<style>
|
||||
html,body {
|
||||
/* Default Font */
|
||||
font-family: Courier New;
|
||||
font-size: 11pt;
|
||||
}
|
||||
</style>
|
||||
|
||||
</head>
|
||||
|
||||
<body>
|
||||
<P><STRONG>analyse[,analyze,anal]</STRONG><BR>Do function
|
||||
analysis.</P>
|
||||
<P><U>arguments</U><BR>This command has no arguments.</P>
|
||||
<P><U>result</U><BR>This command does not set any result
|
||||
variables.</P></body>
|
||||
</html>
|
|
@ -0,0 +1,31 @@
|
|||
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
|
||||
<html>
|
||||
<head>
|
||||
<title>log</title>
|
||||
<meta name="GENERATOR" content="WinCHM">
|
||||
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
|
||||
<style>
|
||||
html,body {
|
||||
/* Default Font */
|
||||
font-family: Courier New;
|
||||
font-size: 11pt;
|
||||
}
|
||||
</style>
|
||||
|
||||
</head>
|
||||
|
||||
<body>
|
||||
<P><STRONG>log</STRONG><BR>Put information in the log.</P>
|
||||
<P><U>arguments</U><BR>[arg1]: Format string (see down for
|
||||
more information). When not specified, a newline will be logged.</P>
|
||||
<P>[argN]: Data for the format string.</P>
|
||||
<P><U>format string</U><BR>A format string like "Info 1:
|
||||
{0}, Info 2: {1}\n Info 3:{2}". In place of {n} the n-th argument after the
|
||||
format string is inserted. You can specify how to format the inserted data by
|
||||
prepending a format type: "{s0}" logs a string. Other types are: "d" (log as
|
||||
signed decimal), "u" (log as unsigned decimal), "p" (log as 0x????????), "s"
|
||||
(log the string at the address specified).<BR>You can print a "{" by escaping it
|
||||
like "{{". Same for "{". "\n" inserts a newline.</P>
|
||||
<P><U>result</U><BR>This command does not set any result
|
||||
variables.</P></body>
|
||||
</html>
|
|
@ -15,6 +15,7 @@ html,body {
|
|||
</head>
|
||||
|
||||
|
||||
|
||||
<body>
|
||||
<P><STRONG>modcallfind<BR></STRONG>Find all inter-modular
|
||||
calls.</P>
|
||||
|
@ -23,9 +24,6 @@ inter-modular calls in. When not specified CIP will be used.</P>
|
|||
<P class=rvps3>[arg2]: The size of the data to search
|
||||
in.</P>
|
||||
<P class=rvps3>
|
||||
<U>
|
||||
result
|
||||
<BR>
|
||||
</U>The $result variable is set to the number of
|
||||
<U>result</U><BR>The $result variable is set to the number of
|
||||
inter-modular calls found.</P></body>
|
||||
</html>
|
||||
|
|
|
@ -14,6 +14,7 @@ html,body {
|
|||
|
||||
</head>
|
||||
|
||||
|
||||
<body>
|
||||
<P><STRONG>_plugin_menuclear<BR></STRONG>This function removes all entries and child menus
|
||||
from a menu. It will <STRONG>not </STRONG>remove the menu itself.</P>
|
||||
|
|
BIN
help/x64_dbg.wcp
BIN
help/x64_dbg.wcp
Binary file not shown.
|
@ -0,0 +1,27 @@
|
|||
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
|
||||
<html>
|
||||
<head>
|
||||
<title>yara</title>
|
||||
<meta name="GENERATOR" content="WinCHM">
|
||||
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
|
||||
<style>
|
||||
html,body {
|
||||
/* Default Font */
|
||||
font-family: Courier New;
|
||||
font-size: 11pt;
|
||||
}
|
||||
</style>
|
||||
|
||||
</head>
|
||||
|
||||
<body>
|
||||
<P><STRONG>yara<BR></STRONG>Apply Yara rules to a memory range.</P>
|
||||
<P><U>arguments</U><BR> arg1: Rules file to apply.
|
||||
This should be a full path.</P>
|
||||
<P>[arg2]: Start address of the range to apply the rules to. If not specified,
|
||||
the disassembly selection will be used.</P>
|
||||
<P> [arg3]: Size of the range to apply the rules to. When not specified,
|
||||
the whole page will be used.</P>
|
||||
<P><U>result<BR></U>This command does not set any result
|
||||
variables.</P></body>
|
||||
</html>
|
|
@ -0,0 +1,25 @@
|
|||
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
|
||||
<html>
|
||||
<head>
|
||||
<title>yaramod</title>
|
||||
<meta name="GENERATOR" content="WinCHM">
|
||||
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
|
||||
<style>
|
||||
html,body {
|
||||
/* Default Font */
|
||||
font-family: Courier New;
|
||||
font-size: 11pt;
|
||||
}
|
||||
</style>
|
||||
|
||||
</head>
|
||||
|
||||
<body>
|
||||
<P><STRONG>yaramod<BR></STRONG>Apply Yara rules to a module.</P>
|
||||
<P><U>arguments</U><BR> arg1: Rules file to apply. This should be a full
|
||||
path.</P>
|
||||
<P> arg2: Name of the module to apply the rules
|
||||
to.</P>
|
||||
<P><U>result<BR></U>This command does not set any result
|
||||
variables.</P></body>
|
||||
</html>
|
|
@ -1677,7 +1677,11 @@ CMDRESULT cbInstrYara(int argc, char* argv[])
|
|||
}
|
||||
uint addr = 0;
|
||||
if(argc < 3 || !valfromstring(argv[2], &addr))
|
||||
addr = GetContextDataEx(hActiveThread, UE_CIP);
|
||||
{
|
||||
SELECTIONDATA sel;
|
||||
GuiSelectionGet(GUI_DISASSEMBLY, &sel);
|
||||
addr = sel.start;
|
||||
}
|
||||
uint size = 0;
|
||||
if(argc >= 4)
|
||||
if(!valfromstring(argv[3], &size))
|
||||
|
@ -1685,7 +1689,6 @@ CMDRESULT cbInstrYara(int argc, char* argv[])
|
|||
if(!size)
|
||||
addr = MemFindBaseAddr(addr, &size);
|
||||
uint base = addr;
|
||||
dprintf("%p[%p]\n", base, size);
|
||||
Memory<uint8_t*> data(size);
|
||||
if(!MemRead((void*)base, data(), size, 0))
|
||||
{
|
||||
|
|
|
@ -180,6 +180,7 @@ static void registercommands()
|
|||
dbgcmdnew("scriptload", cbScriptLoad, false);
|
||||
dbgcmdnew("msg", cbScriptMsg, false);
|
||||
dbgcmdnew("msgyn", cbScriptMsgyn, false);
|
||||
dbgcmdnew("log", cbInstrLog, false); //log command with superawesome hax
|
||||
|
||||
//data
|
||||
dbgcmdnew("reffind\1findref\1ref", cbInstrRefFind, true); //find references to a value
|
||||
|
@ -189,6 +190,9 @@ static void registercommands()
|
|||
dbgcmdnew("modcallfind", cbInstrModCallFind, true); //find intermodular calls
|
||||
dbgcmdnew("findasm\1asmfind", cbInstrFindAsm, true); //find instruction
|
||||
dbgcmdnew("reffindrange\1findrefrange\1refrange", cbInstrRefFindRange, true);
|
||||
dbgcmdnew("yara", cbInstrYara, true); //yara test command
|
||||
dbgcmdnew("yaramod", cbInstrYaramod, true); //yara rule on module
|
||||
dbgcmdnew("analyse\1analyze\1anal", cbInstrAnalyse, true); //secret analysis command
|
||||
|
||||
//undocumented
|
||||
dbgcmdnew("bench", cbDebugBenchmark, true); //benchmark test (readmem etc)
|
||||
|
@ -198,10 +202,6 @@ static void registercommands()
|
|||
dbgcmdnew("copystr\1strcpy", cbInstrCopystr, true); //write a string variable to memory
|
||||
dbgcmdnew("looplist", cbInstrLoopList, true); //list loops
|
||||
dbgcmdnew("capstone", cbInstrCapstone, true); //disassemble using capstone
|
||||
dbgcmdnew("yara", cbInstrYara, true); //yara test command
|
||||
dbgcmdnew("yaramod", cbInstrYaramod, true); //yara rule on module
|
||||
dbgcmdnew("log", cbInstrLog, false); //log command with superawesome hax
|
||||
dbgcmdnew("analyse\1analyze\1anal", cbInstrAnalyse, true); //secret analysis command
|
||||
}
|
||||
|
||||
static bool cbCommandProvider(char* cmd, int maxlen)
|
||||
|
|
Loading…
Reference in New Issue