C# (CSharp) OrbisDbgUI OrbisDbg.GetRegisters Beispiele

Beispiel #1

 private void RefreshRegistersButton_Click(object sender, EventArgs e)
 {
     if (OrbisDbg.IsProcessPaused())
     {
         UpdateRegisterWindow(OrbisDbg.GetRegisters());
     }
     else
     {
         MessageBox.Show("The process must be paused before you can get/set registers", "Error Getting Registers");
     }
 }

Beispiel #2

Datei: MainForm.cs Projekt: skiff/OrbisDbgUI

        private void StepProcess()
        {
            if (OrbisDbg.IsProcessPaused())
            {
                OrbisDbg.SingleStep();

                if (registersForm != null)
                {
                    registersForm.UpdateRegisterWindow(OrbisDbg.GetRegisters());
                }
            }
        }

Beispiel #3

Datei: MainForm.cs Projekt: skiff/OrbisDbgUI

        private void UpdateFormsOnPaused()
        {
            OrbisDbg.registers regs = OrbisDbg.GetRegisters();

            if (!bUpdatedOnPause)
            {
                bool  isBreakpoint = OrbisDbg.Ext.ReadByte(regs.r_rip - 1) == 0xCC;
                ulong breakAddress = isBreakpoint ? regs.r_rip - 1 : regs.r_rip;

                if (isBreakpoint)
                {
                    for (int i = 0; i < breakpoints.Count; i++)
                    {
                        if (breakpoints[i].address == breakAddress)
                        {
                            OrbisDbg.Ext.WriteByte(breakAddress, breakpoints[i].instruction);
                            break;
                        }
                    }

                    regs.r_rip -= 1;
                    OrbisDbg.SetRegisters(regs);
                }

                if (memoryForm != null)
                {
                    memoryForm.UpdateMemoryView(regs.r_rip, 0x1000, OrbisDbg.GetMemory(regs.r_rip, 0x1000));
                }

                if (registersForm != null)
                {
                    registersForm.UpdateRegisterWindow(regs);
                }
            }

            if (disassemblyForm != null && regs.r_rip != PreviousRip)
            {
                if (PreviousRip != 0 && regs.r_rip > PreviousRip && regs.r_rip - PreviousRip < 0xD0)
                {
                    disassemblyForm.UpdateDisassemblyKeepMemory(regs.r_rip);
                }
                else
                {
                    PreviousRip = regs.r_rip;
                    byte[] memory = OrbisDbg.GetMemory(regs.r_rip, 0x100);
                    disassemblyForm.UpdateDisassembly(regs.r_rip, memory, disassemblyForm.IsShowingBytes());
                }
            }

            bUpdatedOnPause = true;
        }

Beispiel #4

 public OrbisDbg.registers GetRegisters()
 {
     OrbisDbg.registers result = OrbisDbg.GetRegisters();
     result.r_rax = Convert.ToUInt64(RAXRegisterValue.Text, 16);
     result.r_rbx = Convert.ToUInt64(RBXRegisterValue.Text, 16);
     result.r_rdi = Convert.ToUInt64(RDIRegisterValue.Text, 16);
     result.r_rsi = Convert.ToUInt64(RSIRegisterValue.Text, 16);
     result.r_rdx = Convert.ToUInt64(RDXRegisterValue.Text, 16);
     result.r_rcx = Convert.ToUInt64(RCXRegisterValue.Text, 16);
     result.r_r8  = Convert.ToUInt64(R8RegisterValue.Text, 16);
     result.r_r9  = Convert.ToUInt64(R9RegisterValue.Text, 16);
     result.r_r10 = Convert.ToUInt64(R10RegisterValue.Text, 16);
     result.r_r11 = Convert.ToUInt64(R11RegisterValue.Text, 16);
     result.r_r12 = Convert.ToUInt64(R12RegisterValue.Text, 16);
     result.r_r13 = Convert.ToUInt64(R13RegisterValue.Text, 16);
     result.r_r14 = Convert.ToUInt64(R14RegisterValue.Text, 16);
     result.r_r15 = Convert.ToUInt64(R15RegisterValue.Text, 16);
     result.r_rsp = Convert.ToUInt64(RSPRegisterValue.Text, 16);
     result.r_rbp = Convert.ToUInt64(RBPRegisterValue.Text, 16);
     result.r_rip = Convert.ToUInt64(RIPRegisterValue.Text, 16);
     return(result);
 }