C# (CSharp) DbgNativeFunctionHookContext Beispiele

Beispiel #1

Datei: ManagedDebuggerPatcherX86.cs Projekt: zyj0021/dnSpy

 public ManagedDebuggerPatcherX86(DbgNativeFunctionHookContext context, DbgCorDebugInternalRuntime runtime)
 {
     if (context == null)
     {
         throw new ArgumentNullException(nameof(context));
     }
     process      = context.Process;
     this.runtime = runtime ?? throw new ArgumentNullException(nameof(runtime));
 }

Beispiel #2

Datei: IsDebuggerPresentHook.cs Projekt: haise0/dnSurgeon

        public bool IsEnabled(DbgNativeFunctionHookContext context)
        {
            if (!debuggerSettings.AntiIsDebuggerPresent)
            {
                return(false);
            }

            return(CorDebugUtils.TryGetInternalRuntime(context.Process, out _));
        }

Beispiel #3

        public void Hook(DbgNativeFunctionHookContext context, out string?errorMessage)
        {
            switch (context.Process.Architecture)
            {
            case DbgArchitecture.X86:
                HookX86(context, out errorMessage);
                break;

            case DbgArchitecture.X64:
                HookX64(context, out errorMessage);
                break;

            default:
                Debug.Fail($"Unsupported architecture: {context.Process.Architecture}");
                errorMessage = $"Unsupported architecture: {context.Process.Architecture}";
                break;
            }
        }

Beispiel #4

Datei: IsDebuggerPresentHook.cs Projekt: haise0/dnSurgeon

        public void Hook(DbgNativeFunctionHookContext context, out string?errorMessage)
        {
            if (!CorDebugUtils.TryGetInternalRuntime(context.Process, out var runtime))
            {
                errorMessage = "Couldn't find CorDebug runtime";
                return;
            }

            switch (context.Process.Architecture)
            {
            case DbgArchitecture.X86:
                HookX86(context, runtime, out errorMessage);
                break;

            case DbgArchitecture.X64:
                HookX64(context, runtime, out errorMessage);
                break;

            default:
                Debug.Fail($"Unsupported architecture: {context.Process.Architecture}");
                errorMessage = $"Unsupported architecture: {context.Process.Architecture}";
                break;
            }
        }

Beispiel #5

 public IsDebuggerPresentPatcherX86(DbgNativeFunctionHookContext context) : base(context)
 {
 }

Beispiel #6

Datei: DisableAntiAntiDebugCode.cs Projekt: haise0/dnSurgeon

 public void Hook(DbgNativeFunctionHookContext context, out string?errorMessage) => errorMessage = null;

Beispiel #7

Datei: DisableAntiAntiDebugCode.cs Projekt: haise0/dnSurgeon

 public bool IsEnabled(DbgNativeFunctionHookContext context) => TryGetInternalRuntime(context.Process, out _);

Beispiel #8

Datei: PatcherX86.cs Projekt: zyj0021/dnSpy

 protected PatcherX86(DbgNativeFunctionHookContext context)
 {
     process            = context.Process;
     functionProvider   = context.FunctionProvider;
     nextBranchTargetId = ulong.MaxValue;
 }

Beispiel #9

 public IsDebuggerPresentPatcherX86(DbgNativeFunctionHookContext context, DbgCorDebugInternalRuntime runtime)
     : base(context) => clrFilename = runtime.ClrFilename;

Beispiel #10

 public CheckRemoteDebuggerPresentPatcherX86(DbgNativeFunctionHookContext context) : base(context) => pid = context.Process.Id;

Beispiel #11

Datei: IsDebuggerPresentHook.cs Projekt: haise0/dnSurgeon

 void HookX64(DbgNativeFunctionHookContext context, DbgCorDebugInternalRuntime runtime, [NotNullWhen(false)] out string?errorMessage) =>
 new IsDebuggerPresentPatcherX86(context, runtime).TryPatchX64(dllName, out errorMessage);

Beispiel #12

 void HookX64(DbgNativeFunctionHookContext context, out string?errorMessage) =>
 new IsDebuggerPresentPatcherX86(context).TryPatchX64(dllName, out errorMessage);

Beispiel #13

 public bool IsEnabled(DbgNativeFunctionHookContext context) => debuggerSettings.AntiIsDebuggerPresent;