Esempio n. 1
0
        public bool Set(MemoryHandler Memory)
        {
            this.Memory = Memory;
            Memory.RefreshMemory();
            var process = Memory.Process;

            Address = Memory.GetAddress(Pointer);
            if (Address == null)
            {
                return(false);
            }

            foreach (ProcessThread th in process.Threads)
            {
                if (AffectedThreads.ContainsKey(th.Id))
                {
                    continue;
                }

                var hThread = Kernel32.OpenThread(ThreadAccess.THREAD_ALL_ACCESS, false, th.Id);
                if (hThread == IntPtr.Zero)
                {
                    throw new BreakPointException("Can't open thread for access");
                }

                SetToThread(hThread, th.Id);

                if (!Kernel32.CloseHandle(hThread))
                {
                    throw new BreakPointException("Failed to close thread handle");
                }
            }

            return(true);
        }
Esempio n. 2
0
        public void UnSet(MemoryHandler Memory)
        {
            Memory.RefreshMemory();
            var process = Memory.Process;

            foreach (ProcessThread th in process.Threads)
            {
                if (!AffectedThreads.ContainsKey(th.Id))
                {
                    continue;
                }

                var hThread = Kernel32.OpenThread(ThreadAccess.THREAD_ALL_ACCESS, false, th.Id);
                if (hThread == IntPtr.Zero)
                {
                    throw new BreakPointException("Can't open thread for access");
                }

                UnsetFromThread(hThread, th.Id);

                if (!Kernel32.CloseHandle(hThread))
                {
                    throw new BreakPointException("Failed to close thread handle");
                }
            }

            AffectedThreads.Clear();
        }
Esempio n. 3
0
        public void SetToThread(IntPtr ThreadHandle, int ThreadId)
        {
            // make sure this breakpoint isn't already set
            if (AffectedThreads.ContainsKey(ThreadId))
            {
                return;
            }
            //Console.WriteLine("Thread {0} already affected", threadId);

            var cxt = new CONTEXT();

            // The only registers we care about are the debug registers
            cxt.ContextFlags = (uint)CONTEXT_FLAGS.CONTEXT_DEBUG_REGISTERS;

            // Read the register values
            if (!Kernel32.GetThreadContext(ThreadHandle, cxt))
            {
                throw new BreakPointException("Failed to get thread context");
            }

            // Find an available hardware register
            var index = cxt.GetFreeBreakpointSlot();

            if (index == -1)
            {
                throw new BreakPointException("All hardware breakpoint registers are already being used");
            }

            switch (index)
            {
            case 0: cxt.Dr0 = Address.ToUInt32(); break;

            case 1: cxt.Dr1 = Address.ToUInt32(); break;

            case 2: cxt.Dr2 = Address.ToUInt32(); break;

            case 3: cxt.Dr3 = Address.ToUInt32(); break;

            default: throw new BreakPointException("m_index has bogus value!");
            }

            SetBits(ref cxt.Dr7, 16 + index * 4, 2, (uint)Condition);
            SetBits(ref cxt.Dr7, 18 + index * 4, 2, (uint)Length);
            SetBits(ref cxt.Dr7, index * 2, 1, 1);

            // Write out the new debug registers
            if (!Kernel32.SetThreadContext(ThreadHandle, cxt))
            {
                throw new BreakPointException("Failed to set thread context");
            }

            AffectedThreads[ThreadId] = index;
        }