//-------------------------------------------------------------------------- static int idaapi start_process( const char *path, const char *args, const char *startdir, uint32 input_file_crc32) { // check that the host application has been specified char p2[QMAXPATH]; dbg_get_input_path(p2, sizeof(p2)); if (is_dll && strcmp(qbasename(path), qbasename(p2)) == 0) { warning("AUTOHIDE NONE\n" "Please specify the host application first (Debugger, Process options)"); return 0; } int flags = is_dll ? DBG_PROC_IS_DLL : 0; if ( callui(ui_get_hwnd).vptr != NULL ) flags |= DBG_PROC_IS_GUI; const char *input; if ( is_temp_database() ) { input = ""; } else { // for mini databases the name of the input file won't have the full // path. make it full path so that we will use correct path for the input // file name. if ( is_miniidb() ) { set_root_filename(path); input = path; } else { input = p2; } } int code; while ( true ) { code = s_start_process(path, args, startdir, flags, input, input_file_crc32); #ifdef REMOTE_DEBUGGER if ( code == -2 && debugger.open_file != NULL ) { // if the file is missing on the remote location // then propose to copy it if ( ask_user_and_copy(p2) ) { dbg_get_input_path(p2, sizeof(p2)); path = p2; startdir = ""; continue; } } #endif break; } return code; }
//-------------------------------------------------------------------------- // return the address of all names exported by a DLL in 'ni' // if 'exported_name' is given, only the address of this exported name will be returned in 'ni' bool win32_debmod_t::get_dll_exports( const images_t &dlls, ea_t imagebase, name_info_t &ni, const char *exported_name) { char prefix[MAXSTR]; images_t::const_iterator p = dlls.find(imagebase); if ( p == dlls.end() ) { dwarning("get_dll_exports: can't find dll name for imagebase %a", imagebase); return false; } const char *dllname = p->second.name.c_str(); linput_t *li = open_linput(dllname, false); if ( li == NULL ) { // sysWOW64: ntdll32.dll does not exist but there is a file called ntdll.dll if ( stricmp(qbasename(dllname), "ntdll32.dll") != 0 ) return false; qstrncpy(prefix, dllname, sizeof(prefix)); char *fname = qbasename(prefix); qstrncpy(fname, "ntdll.dll", sizeof(prefix)-(fname-prefix)); dllname = prefix; li = open_linput(dllname, false); if ( li == NULL ) return false; } // prepare nice name prefix for exported functions names qstrncpy(prefix, qbasename(dllname), sizeof(prefix)); char *ptr = strrchr(prefix, '.'); if ( ptr != NULL ) *ptr = '\0'; qstrlwr(prefix); bool ok = get_dll_exports_from_file(prefix, li, imagebase, ni, exported_name); close_linput(li); return ok; }
void chatlog_done(void) { char str[MAX_STRING + 5] = {0}; FILE *chatlog = NULL; time_t tt; struct tm *t; if ( rcpos ) chatlog_write( "\n", 1 ); if ( mcpos ) chatlog_write( "\n", 0 ); if ( cfgs( CFG_CHATLOG )) chatlog = fopen( ccs, "at" ); tt = time( NULL ); t = localtime( &tt ); strftime( str, MAX_STRING - 1, "\n[--- Chat closed at %d %b %Y %H:%M:%S ---]\n\n", t ); if ( chatlog ) { fwrite( str, strlen( str ), 1, chatlog ); fclose( chatlog ); } if ( lemail ) fwrite( str, strlen( str ), 1, lemail ); if ( cpkt ) { if ( cfgi( CFG_RECODEPKTS )) recode_to_remote( str ); strtr( str, '\n', '\r' ); fwrite( str, strlen( str ) - 1, 1, cpkt ); closeqpkt( cpkt, adr ); snprintf( str, MAX_STRING - 1, "%s/%s", cfgs( CFG_INBOUND ), qbasename( pktname )); if ( rename( pktname, str )) write_log( "can't rename %s to %s: %s", pktname, str, strerror( errno )); else chmod( str, cfgi( CFG_DEFPERM )); } if ( lemail ) { fclose( lemail ); snprintf( str, MAX_STRING-1, "mail -s chatlog %s < /tmp/qlemail.%04lx", cfgs( CFG_CHATTOEMAIL ), (long) getpid()); execsh( str ); lunlink( strrchr( str, '<' ) + 1 ); } write_log( "Chat closed" ); }
//-------------------------------------------------------------------------- static bool create_impdir(const area_t &impdir) { // now rename all entries in impdir do_unknown_range(impdir.startEA, impdir.size(), DOUNK_EXPAND); if ( !create_idata_segm(impdir) ) return false; char dll[MAXSTR]; char buf[MAXSTR]; dll[0] = '\0'; module_info_t mi; mi.base = BADADDR; mi.size = 0; size_t len = 0; for ( ea_t ea=impdir.startEA; ea < impdir.endEA; ea += ptrSz ) { doPtr(ea); ea_t func = is_9x ? win9x_find_thunk(ea) : getPtr(ea); if ( !get_true_name(BADADDR, func, buf, sizeof(buf)) ) continue; if ( !area_t(mi.base, mi.base+mi.size).contains(func) ) { find_module(func, &mi); qstrncpy(dll, qbasename(mi.name), sizeof(dll)); char *ptr = strrchr(dll, '.'); if ( ptr != NULL ) *ptr = '\0'; len = strlen(dll); } const char *name = buf; if ( strnicmp(dll, buf, len) == 0 && buf[len] == '_' ) name += len + 1; if ( !do_name_anyway(ea, name) ) msg("%a: can not rename to imported name '%s'\n", ea, name); } return true; }
//-------------------------------------------------------------------------- // input is valid only if n==0 int idaapi dosbox_debmod_t::dbg_process_get_info(int n, const char * /*input*/, process_info_t *info) { if ( n == 0 ) // initialize the list { // if ( !trk.get_process_list(proclist) ) return 0; #if 0 // commented out because we can not match file names with process names if ( input != NULL ) { // remove all unmatching processes from the list qstring inpbuf; input = qbasename(input); const char *end = strchr(input, '.'); if ( end != NULL ) { // ignore everything after '.' (remove extension) inpbuf = qstring(input, end-input); input = inpbuf.c_str(); } for ( int i=proclist.size()-1; i >= 0; i-- ) if ( strstr(proclist[i].name.c_str(), input) == NULL ) proclist.erase(proclist.begin()+i); } #endif } /* if ( n >= proclist.size() ) return 0; if ( info != NULL ) { proclist_entry_t &pe = proclist[n]; info->pid = pe.pid; qstrncpy(info->name, pe.name.c_str(), sizeof(info->name)); } */ return 1; }
//-------------------------------------------------------------------------- // ipath==input file path static bool ask_user_and_copy(const char *ipath) { // check if the input file exists at the current dir of the remote host const char *input_file = ipath; #if DEBUGGER_ID != DEBUGGER_ID_ARM_EPOC_USER input_file = qbasename(input_file); #endif int fn = -1; // try to open remote file in the current dir if not tried before if ( input_file != ipath ) fn = s_open_file(input_file, NULL, true); if ( fn != -1 ) { s_close_file(fn); switch ( askbuttons_c("~U~se found", "~C~opy new", "Cancel", 1, "IDA could not find the remote file %s.\n" "But it could find remote file %s.\n" "Do you want to use the found file?", ipath, input_file) ) { case 1: set_root_filename(input_file); return true; case -1: return false; } // the user wants to overwrite the old file } else { if ( askyn_c(1, "HIDECANCEL\n" "The remote file %s could not be found.\n" "Do you want IDA to copy the executable to the remote computer?", ipath) <= 0 ) return false; } // We are to copy the input file to the remote computer's current directory const char *lname = ipath; // check if the file path is valid on the local system if ( !qfileexist(lname) ) { lname = askfile_c(false, lname, "Please select the file to copy"); if ( lname == NULL ) return false; } #if DEBUGGER_ID == DEBUGGER_ID_ARM_EPOC_USER const char *rname = input_file; #else const char *rname = qbasename(lname); #endif int code = copy_to_remote(lname, rname); if ( code != 0 ) { #if DEBUGGER_ID == DEBUGGER_ID_ARM_WINCE_USER // Windows CE does not have errno and uses GetLastError() const char *err = winerr(code); #else const char *err = qerrstr(code); #endif warning("Failed to copy %s -> %s\n%s", lname, rname, err); } set_root_filename(rname); return true; }
//-------------------------------------------------------------------------- // 1-ok, 0-failed, -1-error static int idaapi get_debug_event(debug_event_t *event, bool ida_is_idle) { int code = s_get_debug_event(event, ida_is_idle); if ( code == 1 ) { // determine rebasing - we can't do that reliabily remotely, because: // - 'is_dll' is not passed to attach_process(), and we can't modify // the protocol without breaking compatibility // - 'input_file_path' is undefined if attach_process() but process_get_info() // was not called (if debugger started from the command line with PID) switch ( event->eid ) { case PROCESS_ATTACH: #if DEBUGGER_ID == DEBUGGER_ID_ARM_WINCE_USER info("AUTOHIDE REGISTRY\n" "Successfully attached to the process.\n" "Now you can browse the process memory and set breakpoints.\n"); #endif // no break case PROCESS_START: event->modinfo.rebase_to = is_dll ? BADADDR : event->modinfo.base; default: break; case LIBRARY_LOAD: { // get input module info char full_input_file[QMAXFILE]; dbg_get_input_path(full_input_file, sizeof(full_input_file)); char *base_input_file = qbasename(full_input_file); // get current module info char *full_modname = event->modinfo.name; char *base_modname = qbasename(full_modname); // we compare basenames and then full path // if they have same base names, then we ask the user if ( stricmp(base_input_file, base_modname) == 0 ) { // let us compare full path now, if they match, then rebase bool rebase = stricmp(full_input_file, full_modname) == 0; // no match, we may have same names different files if ( !rebase ) { static const char dbg_module_conflict[] = "TITLE Debugger warning\n" "ICON WARNING\n" "HIDECANCEL\n" "AUTOHIDE DATABASE\n" "Debugger found two modules with same base name but different paths\n" "This could happen if the program loads the module from a path different than the specified input file\n" "\n" "Is the loaded file <%s> the same as the input file <%s>?\n"; rebase = askbuttons_c("~S~ame", "~N~ot the same", NULL, 1, dbg_module_conflict, full_modname, full_input_file) == 1; } if ( rebase ) event->modinfo.rebase_to = event->modinfo.base; } break; } } } return code; }
int freq_ifextrp(slist_t *reqs) { FILE *f, *g, *r; char s[MAX_PATH], fn[MAX_PATH], sfn[MAX_PATH], *ss; char priv = 'a', *p, *sprt = "UNPROTEC", *slst = "UNLIS"; int got = 0, wz = cfgs( CFG_EXTRP ) ? 1 : 0, kil; long tpid = (long) getpid(); ftnaddr_t *ma = akamatch( &rnode->addrs->addr, cfgal( CFG_ADDRESS )); DEBUG(('R',1,"Freq received")); if ( rnode->options & O_LST ) { priv = 'l'; slst += 2; } if( rnode->options & O_PWD ) { priv = 'p'; sprt += 2; } snprintf( fn, MAX_PATH, "/tmp/qreq.%04lx", tpid ); if( !( f = fopen( fn, "wt" ))) { write_log( "can't open '%s' for writing: %s", fn, strerror( errno )); return 0; } while( reqs ) { if ( cfgs( CFG_MAPIN ) && strchr( ccs, 'r' )) recode_to_local( reqs->str ); DEBUG(('R',1,"requested '%s'", reqs->str)); fprintf( f, "%s\n", reqs->str ); reqs = reqs->next; } fclose( f ); if(!wz) { falist_t *ra; snprintf(sfn,MAX_PATH,"/tmp/qsrif.%04lx",tpid); if(!(r=fopen(sfn,"wt"))){write_log("can't open '%s' for writing: %s",sfn,strerror(errno));return 0;} fprintf(r,"SessionType %s\n",bink?"OTHER":"EMSI"); fprintf(r,"Sysop %s\n",rnode->sysop); for(ra=rnode->addrs;ra;ra=ra->next)fprintf(r,"AKA %s\n",ftnaddrtoa(&ra->addr)); if(!is_ip)fprintf(r,"Baud %d\n",rnode->realspeed); fprintf(r,"Time -1\n"); fprintf(r,"RemoteStatus %sTED\n",sprt); fprintf(r,"SystemStatus %sTED\n",slst); fprintf(r,"RequestList /tmp/qreq.%04lx\n",tpid); fprintf(r,"ResponseList /tmp/qfls.%04lx\n",tpid); fprintf(r,"Location %s\n",rnode->place); if(rnode->phone&&*rnode->phone)fprintf(r,"Phone %s\n",rnode->phone); if(rnode->options&O_PWD)fprintf(r,"Password %s\n",rnode->pwd); fprintf(r,"Mailer %s\n",rnode->mailer); fprintf(r,"Site %s\n",rnode->name); if(!is_ip&&(ss=getenv("CALLER_ID"))&&strcasecmp(ss,"none")&&strlen(ss)>3)fprintf(r,"CallerID %s\n",ss); fprintf(r,"OurAKA %s\n",ftnaddrtoa(ma)); fprintf(r,"TRANX %08lu\n",time(NULL)); fclose(r); snprintf(s,MAX_PATH,"%s %s",cfgs(CFG_SRIFRP),sfn); } else snprintf(s,MAX_PATH,"%s -wazoo -%c -s%d %s /tmp/qreq.%04lx /tmp/qfls.%04lx /tmp/qrep.%04lx", cfgs(CFG_EXTRP),priv,rnode->realspeed,ftnaddrtoa(&rnode->addrs->addr),tpid,tpid,tpid); write_log("exec '%s' returned rc=%d",s,execsh(s)); lunlink(fn);lunlink(sfn); snprintf(fn,MAX_PATH,"/tmp/qfls.%04lx",tpid); if(!(f=fopen(fn,"rt"))) { snprintf(fn,MAX_PATH,"/tmp/qrep.%04lx",tpid); lunlink(fn); snprintf(fn,MAX_PATH,"/tmp/qfls.%04lx",tpid); lunlink(fn); write_log("can't open '%s' for reading",fn); return 0; } while(fgets(s,MAX_PATH-1,f)) { if(*s=='\n'||*s=='\r'||*s==' '||!*s)continue; ss=s;kil=0;got=1; if(*s=='='||*s=='-'){ss++;kil=1;} else if(*s=='+')ss++; p=ss+strlen(ss)-1; while(*p=='\r'||*p=='\n')*p--=0; p=strrchr(ss,' '); if(p)*p++=0;else p=ss; DEBUG(('R',1,"sending '%s' as '%s'%s",ss,qbasename((p!=ss)?p:ss),kil?" and kill":"")); addflist(&fl,xstrdup(ss),xstrdup(qbasename((p!=ss)?p:ss)),kil?'^':' ',0,NULL,0); } fclose(f);lunlink(fn); snprintf(fn,MAX_PATH,"/tmp/qrep.%04lx",tpid); if(!(f=fopen(fn,"rt"))&&wz)write_log("can't open '%s' for reading",fn); snprintf(fn,MAX_PATH,"/tmp/qpkt.%04lx%02x",tpid,++freq_pktcount); g=openpktmsg(ma,&rnode->addrs->addr,cfgs(CFG_FREQFROM),rnode->sysop,cfgs(CFG_FREQSUBJ),NULL,fn,1); if(!g) { write_log("can't open '%s' for writing: %s",fn,strerror(errno)); if(f)fclose(f); freq_pktcount--; } if(f&&g) { while(fgets(s,MAX_PATH-1,f)) { p=s+strlen(s)-1; while(*p=='\r'||*p=='\n')*p--=0; if(cfgi(CFG_RECODEPKTS))recode_to_remote(s); fputs(s,g);fputc('\r',g); } fclose(f); closeqpkt(g,ma); snprintf(s,MAX_PATH,"/tmp/qpkt.%04lx%02x",tpid,freq_pktcount); p=xstrdup(s); snprintf(s,MAX_PATH,"%08lx.pkt",sequencer()); addflist(&fl,p,xstrdup(s),'^',0,NULL,1); } snprintf(fn,MAX_PATH,"/tmp/qrep.%04lx",tpid); lunlink(fn); return got; }