/*----------------------------------------------------------------------------* * NAME * GetThreadIndex * * DESCRIPTION * Local support function. Finds the current thread's instance data * index and returns this. * * RETURNS * Index of the current thread or 0xFF if not found. * *----------------------------------------------------------------------------*/ uint8 GetThreadIndex(void) { uint8 index; ThreadHandle handle; if ((instance != NULL) && (ThreadGetHandle(&handle) == _RESULT_SUCCESS)) { for (index = 0; index < _SCHED_MAX_SEGMENTS; index++) { if (instance->thread[index].inUse && (ThreadEqual(&instance->thread[index].thread_handle, &handle) == _RESULT_SUCCESS)) { return index; } } } return 0xFF; }
static void cbDebugLoadLibBPX() { HANDLE LoadLibThread = ThreadGetHandle((DWORD)LoadLibThreadID); #ifdef _WIN64 duint LibAddr = GetContextDataEx(LoadLibThread, UE_RAX); #else duint LibAddr = GetContextDataEx(LoadLibThread, UE_EAX); #endif //_WIN64 varset("$result", LibAddr, false); backupctx.eflags &= ~0x100; SetFullContextDataEx(LoadLibThread, &backupctx); MemFreeRemote(DLLNameMem); MemFreeRemote(ASMAddr); ThreadResumeAll(); //update GUI DebugUpdateGuiSetStateAsync(GetContextDataEx(hActiveThread, UE_CIP), true); //lock lock(WAITID_RUN); dbgsetforeground(); PLUG_CB_PAUSEDEBUG pauseInfo = { nullptr }; plugincbcall(CB_PAUSEDEBUG, &pauseInfo); wait(WAITID_RUN); }
bool cbDebugLoadLib(int argc, char* argv[]) { if(argc < 2) { dputs(QT_TRANSLATE_NOOP("DBG", "Error: you must specify the name of the DLL to load\n")); return false; } LoadLibThreadID = fdProcessInfo->dwThreadId; HANDLE LoadLibThread = ThreadGetHandle((DWORD)LoadLibThreadID); DLLNameMem = MemAllocRemote(0, strlen(argv[1]) + 1); ASMAddr = MemAllocRemote(0, 0x1000); if(!DLLNameMem || !ASMAddr) { dputs(QT_TRANSLATE_NOOP("DBG", "Error: couldn't allocate memory in debuggee")); return false; } if(!MemWrite(DLLNameMem, argv[1], strlen(argv[1]))) { dputs(QT_TRANSLATE_NOOP("DBG", "Error: couldn't write process memory")); return false; } int size = 0; int counter = 0; duint LoadLibraryA = 0; char command[50] = ""; char error[MAX_ERROR_SIZE] = ""; GetFullContextDataEx(LoadLibThread, &backupctx); if(!valfromstring("kernel32:LoadLibraryA", &LoadLibraryA, false)) { dputs(QT_TRANSLATE_NOOP("DBG", "Error: couldn't get kernel32:LoadLibraryA")); return false; } // Arch specific asm code #ifdef _WIN64 sprintf_s(command, "mov rcx, %p", DLLNameMem); #else sprintf_s(command, "push %p", DLLNameMem); #endif // _WIN64 assembleat(ASMAddr, command, &size, error, true); counter += size; #ifdef _WIN64 sprintf_s(command, "mov rax, %p", LoadLibraryA); assembleat(ASMAddr + counter, command, &size, error, true); counter += size; sprintf_s(command, "call rax"); #else sprintf_s(command, "call %p", LoadLibraryA); #endif // _WIN64 assembleat(ASMAddr + counter, command, &size, error, true); counter += size; SetContextDataEx(LoadLibThread, UE_CIP, ASMAddr); auto ok = SetBPX(ASMAddr + counter, UE_SINGLESHOOT | UE_BREAKPOINT_TYPE_INT3, (void*)cbDebugLoadLibBPX); ThreadSuspendAll(); ResumeThread(LoadLibThread); unlock(WAITID_RUN); return ok; }