Example #1
0
static void tracing_cleanup(void) {
	DECAF_stop_vm();

	if (removeproc_handle != DECAF_NULL_HANDLE)
		VMI_unregister_callback(VMI_REMOVEPROC_CB, removeproc_handle);
	if (loadmainmodule_handle != DECAF_NULL_HANDLE)
		VMI_unregister_callback(VMI_CREATEPROC_CB, loadmainmodule_handle);
	if (loadmodule_handle != DECAF_NULL_HANDLE)
		VMI_unregister_callback(VMI_LOADMODULE_CB, loadmodule_handle);
	if (block_begin_cb_handle)
		DECAF_unregister_callback(DECAF_BLOCK_BEGIN_CB, block_begin_cb_handle);
	if (insn_begin_cb_handle)
		DECAF_unregister_callback(DECAF_INSN_BEGIN_CB, insn_begin_cb_handle);
	if (insn_end_cb_handle)
		DECAF_unregister_callback(DECAF_INSN_END_CB, insn_end_cb_handle);
	if (nic_rec_cb_handle)
		DECAF_unregister_callback(DECAF_NIC_REC_CB, nic_rec_cb_handle);
	if (nic_send_cb_handle)
		DECAF_unregister_callback(DECAF_NIC_SEND_CB, nic_send_cb_handle);
	if (keystroke_cb_handle)
		DECAF_unregister_callback(DECAF_KEYSTROKE_CB, keystroke_cb_handle);
	if (check_eip_handle)
		DECAF_unregister_callback(DECAF_EIP_CHECK_CB, check_eip_handle);

	DECAF_start_vm();
}
Example #2
0
static void instraction_tracer_cleanup(void)
{
  DECAF_printf("cleaning up instruction tracer...\n");
  if (disas_logfile != NULL) {
    fclose(disas_logfile);
  }
  if (processbegin_handle != DECAF_NULL_HANDLE) {
    VMI_unregister_callback(VMI_CREATEPROC_CB, processbegin_handle);
    processbegin_handle = DECAF_NULL_HANDLE;
  }
  if (instruction_tracer_cpu_exec_handle != DECAF_NULL_HANDLE) {
    DECAF_unregister_callback(DECAF_CPU_EXEC_CB, instruction_tracer_cpu_exec_handle);
    instruction_tracer_cpu_exec_handle = DECAF_NULL_HANDLE;
  }
  if (processfinish_handle != DECAF_NULL_HANDLE) {
    VMI_unregister_callback(VMI_REMOVEPROC_CB, processfinish_handle);
    processfinish_handle = DECAF_NULL_HANDLE;
  }
  DECAF_printf("cleaned up\n");
}
Example #3
0
static void hookapitests_cleanup(void)
{
	// procmod_Callback_Params params;

	DECAF_printf("Bye world\n");

	if (processbegin_handle != DECAF_NULL_HANDLE) {
		VMI_unregister_callback(VMI_CREATEPROC_CB,
				processbegin_handle);
		processbegin_handle = DECAF_NULL_HANDLE;
	}

	if (removeproc_handle != DECAF_NULL_HANDLE) {
		VMI_unregister_callback(VMI_REMOVEPROC_CB, removeproc_handle);
		removeproc_handle = DECAF_NULL_HANDLE;
	}
	if (blockbegin_handle != DECAF_NULL_HANDLE) {
		DECAF_unregister_callback(DECAF_BLOCK_BEGIN_CB, blockbegin_handle);
		blockbegin_handle = DECAF_NULL_HANDLE;
	}

}