Beispiel #1
0
void start_debugger(pid_t target_pid) {
  int status;
  wait(&status);

  struct user_regs_struct initial_registers;
  trace_get_registers(target_pid, &initial_registers);

  // Peek at a specific address:

  unsigned bp_addr = 0x4000b0;
  breakpoint *bp = breakpoint_create(target_pid, (void *)bp_addr);

  trace_continue(target_pid);
  wait(&status);

  while (1) {
    if (WIFSTOPPED(status)) {
      struct user_regs_struct registers;
      trace_get_registers(target_pid, &registers);
      printf("\nReached breakpoint at 0x%08llx\n", registers.rip);

      breakpoint_handle(target_pid, bp);

      int requesting_input = true;

      while (requesting_input) {
        input_option input = request_input(NULL);

        if (input == INPUT_CONTINUE) {
          trace_continue(target_pid);
          requesting_input = false;
        }
        else if (input == INPUT_SINGLE_STEP) {
          trace_single_step(target_pid);
          requesting_input = false;
        }
      }

      int resume_status;
      wait(&resume_status);

      if (WIFEXITED(resume_status)) {
        printf("Process %d exited\n", target_pid);
        return;
      }
      else if (WIFSTOPPED(resume_status)) {
        printf("Process %d stopped\n", target_pid);
        return;
      }
    }
    else if (WIFEXITED(status)) {
      printf("Process %d exited\n", target_pid);
      return;
    }
    else {
      puts("Returning");
      return;
    }
  }
}
Beispiel #2
0
Datei: main.c Projekt: 4n3w/dump
static int process_new(struct trace_process *process, int type, void *arg, void *userdata) {
	int pid = (long)arg;
	
	struct proc *proc = calloc(1, sizeof(struct proc));
	proc->pid = pid;
	fprintf(stderr, "[.] #%i start\n", proc->pid);

	return trace_continue(process, process_continue, proc);
}