public override void Execute(string text)
{
base.Execute(text);
char[] sp = { ' ', '\t' };
var argv = text.Split(sp, 1, StringSplitOptions.RemoveEmptyEntries);
if (argv.Length != 1)
{
Context.CONSOLE.Write(CommandHelp);
return;
}
var strArgAddr = argv[0];
var varArgAddr = Context.IDE.Debugger.GetExpression(strArgAddr, false, 100);
var processId = Context.IDE.Debugger.CurrentProcess.ProcessID;
if (!varArgAddr.IsValidValue)
{
Context.CONSOLE.Write("Argument <address>: " + strArgAddr + " is invalid!");
return;
}
long lpAddress = 0;
var numStyleAddr = NumberHelpers.IsHexNumber(varArgAddr.Value)
? NumberStyles.HexNumber
: NumberStyles.Integer;
var bRet = true;
bRet = bRet && NumberHelpers.TryParseLong(varArgAddr.Value, numStyleAddr, out lpAddress);
if (!bRet)
{
Context.CONSOLE.Write("Failed to evaluate command arguments!");
return;
}
var ntdbgStatus = NativeMethods.NtdbgOk;
if (NativeMethods.NtdbgOk != (ntdbgStatus = MemoryHelpers.ProcFree(processId, lpAddress)))
{
Context.CONSOLE.Write("Failed to release memory!");
Context.CONSOLE.Write("Error code:" + ntdbgStatus + " - " + NativeMethods.GetStatusString(ntdbgStatus) +
".");
return;
}
Context.CONSOLE.Write("Released memory at address: " + NumberHelpers.ToHex(lpAddress));
}
public override void Execute(string text)
{
base.Execute(text);
char[] sp = { ' ', '\t' };
var argv = text.Split(sp, 1, StringSplitOptions.RemoveEmptyEntries);
if (argv.Length != 1)
{
Context.CONSOLE.Write(CommandHelp);
return;
}
var strArgSize = argv[0];
var varArgSize = Context.IDE.Debugger.GetExpression(strArgSize, false, 100);
var processId = Context.IDE.Debugger.CurrentProcess.ProcessID;
if (!varArgSize.IsValidValue)
{
Context.CONSOLE.Write("Argument <size>: " + strArgSize + " is invalid!");
return;
}
long dataSize = 0;
var numStyleSize = NumberHelpers.IsHexNumber(varArgSize.Value)
? NumberStyles.HexNumber
: NumberStyles.Integer;
var bRet = true;
bRet = bRet && NumberHelpers.TryParseLong(varArgSize.Value, numStyleSize, out dataSize);
if (!bRet)
{
Context.CONSOLE.Write("Failed to evaluate command arguments!");
return;
}
ulong qwPtr = 0;
qwPtr = MemoryHelpers.ProcAlloc(processId, dataSize);
if (0 == qwPtr)
{
Context.CONSOLE.Write("Failed to allocate memory!");
return;
}
Context.CONSOLE.Write("Allocated: " + dataSize + " bytes at address: " + NumberHelpers.ToHex((long)qwPtr));
}
public override void Execute(string[] args)
{
base.Execute(args);
if (args.Length != 1)
{
Context.CONSOLE.Write(CommandHelp);
return;
}
var strArgSize = args[0];
var varArgSize = Context.IDE.Debugger.GetExpression(strArgSize, false, 100);
if (!varArgSize.IsValidValue)
{
Context.CONSOLE.Write("Argument <size>: " + strArgSize + " is invalid!");
return;
}
long dataSize = 0;
var numStyleSize = NumberHelpers.IsHexNumber(varArgSize.Value)
? NumberStyles.HexNumber
: NumberStyles.Integer;
var bRet = true;
bRet = bRet && NumberHelpers.TryParseLong(varArgSize.Value, numStyleSize, out dataSize);
if (!bRet)
{
Context.CONSOLE.Write("Failed to evaluate command arguments!");
return;
}
ulong qwPtr = MemoryHelpers.ProcAlloc(Context.IDE.Debugger.CurrentStackFrame, dataSize);
if (0 == qwPtr)
{
Context.CONSOLE.Write("Failed to allocate memory!");
return;
}
Context.CONSOLE.Write("Allocated: " + dataSize + " bytes at address: " + NumberHelpers.ToHex((long)qwPtr));
}
public override void Execute(string[] args)
{
base.Execute(args);
if (args.Length != 1)
{
Context.CONSOLE.Write(CommandHelp);
return;
}
var strArgAddr = args[0];
var varArgAddr = Context.IDE.Debugger.GetExpression(strArgAddr, false, 100);
if (!varArgAddr.IsValidValue)
{
Context.CONSOLE.Write("Argument <address>: " + strArgAddr + " is invalid!");
return;
}
long lpAddress = 0;
var numStyleAddr = NumberHelpers.IsHexNumber(varArgAddr.Value)
? NumberStyles.HexNumber
: NumberStyles.Integer;
var bRet = true;
bRet = bRet && NumberHelpers.TryParseLong(varArgAddr.Value, numStyleAddr, out lpAddress);
if (!bRet)
{
Context.CONSOLE.Write("Failed to evaluate command arguments!");
return;
}
MemoryHelpers.ProcFree(Context.IDE.Debugger.CurrentStackFrame, lpAddress);
Context.CONSOLE.Write("Released memory at address: " + NumberHelpers.ToHex(lpAddress));
}
public override void Execute(string text)
{
base.Execute(text);
char[] sp = { ' ', '\t' };
var argv = text.Split(sp, 3, StringSplitOptions.RemoveEmptyEntries);
if (argv.Length != 3)
{
Context.CONSOLE.Write(CommandHelp);
return;
}
var strArgAddr1 = argv[0];
var strArgAddr2 = argv[1];
var strArgSize = argv[2];
var varArgAddr1 = Context.IDE.Debugger.GetExpression(strArgAddr1, false, 100);
var varArgAddr2 = Context.IDE.Debugger.GetExpression(strArgAddr2, false, 100);
var varArgSize = Context.IDE.Debugger.GetExpression(strArgSize, false, 100);
if (!varArgAddr1.IsValidValue)
{
Context.CONSOLE.Write("Argument <address>: " + strArgAddr1 + " is invalid!");
return;
}
if (!varArgAddr2.IsValidValue)
{
Context.CONSOLE.Write("Argument <address>: " + strArgAddr2 + " is invalid!");
return;
}
if (!varArgSize.IsValidValue)
{
Context.CONSOLE.Write("Argument <size>: " + strArgSize + " is invalid!");
return;
}
long addr1 = 0;
long addr2 = 0;
long dataSize = 0;
var numStyleAddr1 = NumberHelpers.IsHexNumber(varArgAddr1.Value)
? NumberStyles.HexNumber
: NumberStyles.Integer;
var numStyleAddr2 = NumberHelpers.IsHexNumber(varArgAddr2.Value)
? NumberStyles.HexNumber
: NumberStyles.Integer;
var numStyleSize = NumberHelpers.IsHexNumber(varArgSize.Value)
? NumberStyles.HexNumber
: NumberStyles.Integer;
var bRet = true;
bRet = bRet && NumberHelpers.TryParseLong(varArgAddr1.Value, numStyleAddr1, out addr1);
bRet = bRet && NumberHelpers.TryParseLong(varArgAddr2.Value, numStyleAddr2, out addr2);
bRet = bRet && NumberHelpers.TryParseLong(varArgSize.Value, numStyleSize, out dataSize);
if (!bRet)
{
Context.CONSOLE.Write("Failed to evaluate command arguments!");
return;
}
// get file path
var strFile1 = Path.GetTempFileName();
var strFile2 = Path.GetTempFileName();
var strDiffTool = Context.Settings.GeneralSettings.DiffTool;
if (string.Empty == strDiffTool)
{
Context.CONSOLE.Write("Diff tool not set!");
return;
}
if (!MemoryHelpers.WriteMemoryToFile(strFile1,
Context.IDE.Debugger.CurrentStackFrame,
addr1,
dataSize
))
{
Context.CONSOLE.Write("Failed to read data from address: " + NumberHelpers.ToHex(addr1) + "!");
return;
}
if (!MemoryHelpers.WriteMemoryToFile(strFile2,
Context.IDE.Debugger.CurrentStackFrame,
addr2,
dataSize
))
{
Context.CONSOLE.Write("Failed to read data from address: " + NumberHelpers.ToHex(addr2) + "!");
return;
}
Process.Start(strDiffTool, strFile1 + " " + strFile2);
}
public override void Execute(string text)
{
base.Execute(text);
char[] sp = { ' ', '\t' };
var argv = text.Split(sp, 3, StringSplitOptions.RemoveEmptyEntries);
if (argv.Length != 3)
{
Context.CONSOLE.Write(CommandHelp);
return;
}
var strArgDst = argv[0];
var strArgSize = argv[2];
var strArgVal = argv[1];
var varArgDst = Context.IDE.Debugger.GetExpression(strArgDst, false, 100);
var varArgVal = Context.IDE.Debugger.GetExpression(strArgVal, false, 100);
var varArgSize = Context.IDE.Debugger.GetExpression(strArgSize, false, 100);
var processId = Context.IDE.Debugger.CurrentProcess.ProcessID;
if (!varArgDst.IsValidValue)
{
Context.CONSOLE.Write("Argument <address>: " + strArgDst + " is invalid!");
return;
}
if (!varArgVal.IsValidValue)
{
Context.CONSOLE.Write("Argument <val>: " + strArgVal + " is invalid!");
return;
}
if (!varArgSize.IsValidValue)
{
Context.CONSOLE.Write("Argument <size>: " + strArgSize + " is invalid!");
return;
}
long byteval = 0;
long dstAddress = 0;
long dataSize = 0;
var numStyleSrc = NumberHelpers.IsHexNumber(varArgVal.Value)
? NumberStyles.HexNumber
: NumberStyles.Integer;
var numStyleDst = NumberHelpers.IsHexNumber(varArgDst.Value)
? NumberStyles.HexNumber
: NumberStyles.Integer;
var numStyleSize = NumberHelpers.IsHexNumber(varArgSize.Value)
? NumberStyles.HexNumber
: NumberStyles.Integer;
var bRet = true;
bRet = bRet && NumberHelpers.TryParseLong(varArgDst.Value, numStyleDst, out dstAddress);
bRet = bRet && NumberHelpers.TryParseLong(varArgVal.Value, numStyleSrc, out byteval);
bRet = bRet && NumberHelpers.TryParseLong(varArgSize.Value, numStyleSize, out dataSize);
if (!bRet)
{
Context.CONSOLE.Write("Failed to evaluate command arguments!");
return;
}
var ntdbgStatus = NativeMethods.NtdbgOk;
if (NativeMethods.NtdbgOk !=
(ntdbgStatus = MemoryHelpers.ProcMemset(processId, dstAddress, (byte)byteval, dataSize)))
{
Context.CONSOLE.Write("Memory set dst:" + NumberHelpers.ToHex(dstAddress) + " " + (byte)byteval + " " +
dataSize + " failed!");
Context.CONSOLE.Write("Error code:" + ntdbgStatus + " - " + NativeMethods.GetStatusString(ntdbgStatus) +
".");
return;
}
Context.CONSOLE.Write("Wrote: " + dataSize + " bytes to address: " + NumberHelpers.ToHex(dstAddress));
}
public override void Execute(string text)
{
base.Execute(text);
char[] sp = new char[] { ' ', '\t' };
string[] argv = text.Split(sp, 3, StringSplitOptions.RemoveEmptyEntries);
if (argv.Length != 3)
{
Context.CONSOLE.Write(CommandHelp);
return;
}
string strArgDst = argv[0];
string strArgSize = argv[2];
string strArgSrc = argv[1];
var varArgDst = Context.IDE.Debugger.GetExpression(strArgDst, false, 100);
var varArgSrc = Context.IDE.Debugger.GetExpression(strArgSrc, false, 100);
var varArgSize = Context.IDE.Debugger.GetExpression(strArgSize, false, 100);
int processId = Context.IDE.Debugger.CurrentProcess.ProcessID;
if (!varArgDst.IsValidValue)
{
Context.CONSOLE.Write("Argument <address>: " + strArgDst + " is invalid!");
return;
}
if (!varArgSrc.IsValidValue)
{
Context.CONSOLE.Write("Argument <address>: " + strArgSrc + " is invalid!");
return;
}
if (!varArgSize.IsValidValue)
{
Context.CONSOLE.Write("Argument <size>: " + strArgSize + " is invalid!");
return;
}
long srcAddress = 0;
long dstAddress = 0;
long dataSize = 0;
NumberStyles numStyleSrc = NumberHelpers.IsHexNumber(varArgSrc.Value) ? NumberStyles.HexNumber : NumberStyles.Integer;
NumberStyles numStyleDst = NumberHelpers.IsHexNumber(varArgDst.Value) ? NumberStyles.HexNumber : NumberStyles.Integer;
NumberStyles numStyleSize = NumberHelpers.IsHexNumber(varArgSize.Value) ? NumberStyles.HexNumber : NumberStyles.Integer;
bool bRet = true;
bRet = bRet && NumberHelpers.TryParseLong(varArgDst.Value, numStyleDst, out dstAddress);
bRet = bRet && NumberHelpers.TryParseLong(varArgSrc.Value, numStyleSrc, out srcAddress);
bRet = bRet && NumberHelpers.TryParseLong(varArgSize.Value, numStyleSize, out dataSize);
if (!bRet)
{
Context.CONSOLE.Write("Failed to evaluate command arguments!");
return;
}
int ntdbgStatus = NativeMethods.NTDBG_OK;
if (NativeMethods.NTDBG_OK != (ntdbgStatus = MemoryHelpers.ProcMemoryCopy(processId, dstAddress, srcAddress, dataSize)))
{
Context.CONSOLE.Write("Memory copy src:" + NumberHelpers.ToHex(srcAddress) + " dst:" + NumberHelpers.ToHex(dstAddress) + " " + dataSize.ToString() + " failed!");
Context.CONSOLE.Write("Error code:" + ntdbgStatus.ToString() + " - " + NativeMethods.GetStatusString(ntdbgStatus) + ".");
return;
}
Context.CONSOLE.Write("Wrote: " + dataSize.ToString() + " bytes to address: " + NumberHelpers.ToHex(dstAddress));
}
public override void Execute(string text)
{
base.Execute(text);
char[] sp = new char[] { ' ', '\t' };
string[] argv = text.Split(sp, 3, StringSplitOptions.RemoveEmptyEntries);
if (argv.Length != 3)
{
Context.CONSOLE.Write(CommandHelp);
return;
}
string strArgAddr1 = argv[0];
string strArgAddr2 = argv[1];
string strArgSize = argv[2];
var varArgAddr1 = Context.IDE.Debugger.GetExpression(strArgAddr1, false, 100);
var varArgAddr2 = Context.IDE.Debugger.GetExpression(strArgAddr2, false, 100);
var varArgSize = Context.IDE.Debugger.GetExpression(strArgSize, false, 100);
int processId = Context.IDE.Debugger.CurrentProcess.ProcessID;
if (!varArgAddr1.IsValidValue)
{
Context.CONSOLE.Write("Argument <address>: " + strArgAddr1 + " is invalid!");
return;
}
if (!varArgAddr2.IsValidValue)
{
Context.CONSOLE.Write("Argument <address>: " + strArgAddr2 + " is invalid!");
return;
}
if (!varArgSize.IsValidValue)
{
Context.CONSOLE.Write("Argument <size>: " + strArgSize + " is invalid!");
return;
}
long addr1 = 0;
long addr2 = 0;
long dataSize = 0;
NumberStyles numStyleAddr1 = NumberHelpers.IsHexNumber(varArgAddr1.Value) ? NumberStyles.HexNumber : NumberStyles.Integer;
NumberStyles numStyleAddr2 = NumberHelpers.IsHexNumber(varArgAddr2.Value) ? NumberStyles.HexNumber : NumberStyles.Integer;
NumberStyles numStyleSize = NumberHelpers.IsHexNumber(varArgSize.Value) ? NumberStyles.HexNumber : NumberStyles.Integer;
bool bRet = true;
bRet = bRet && NumberHelpers.TryParseLong(varArgAddr1.Value, numStyleAddr1, out addr1);
bRet = bRet && NumberHelpers.TryParseLong(varArgAddr2.Value, numStyleAddr2, out addr2);
bRet = bRet && NumberHelpers.TryParseLong(varArgSize.Value, numStyleSize, out dataSize);
if (!bRet)
{
Context.CONSOLE.Write("Failed to evaluate command arguments!");
return;
}
// get file path
string strPath = Path.GetTempPath();
string strFile1 = Path.GetTempFileName();
string strFile2 = Path.GetTempFileName();
string strDiffTool = Context.Settings.GeneralSettings.DiffTool;
if (string.Empty == strDiffTool)
{
Context.CONSOLE.Write("Diff tool not set!");
return;
}
int ntdbgStatus = NativeMethods.NTDBG_OK;
if (NativeMethods.NTDBG_OK != (ntdbgStatus = MemoryHelpers.WriteMemoryToFile(strFile1, processId, addr1, dataSize)))
{
Context.CONSOLE.Write("Failed to read data from address: " + NumberHelpers.ToHex(addr1) + "!");
Context.CONSOLE.Write("Error code:" + ntdbgStatus.ToString() + " - " + NativeMethods.GetStatusString(ntdbgStatus) + ".");
return;
}
if (NativeMethods.NTDBG_OK != (ntdbgStatus = MemoryHelpers.WriteMemoryToFile(strFile2, processId, addr2, dataSize)))
{
Context.CONSOLE.Write("Failed to read data from address: " + NumberHelpers.ToHex(addr2) + "!");
Context.CONSOLE.Write("Error code:" + ntdbgStatus.ToString() + " - " + NativeMethods.GetStatusString(ntdbgStatus) + ".");
return;
}
Process.Start(strDiffTool, strFile1 + " " + strFile2);
return;
}
public override void Execute(string text)
{
base.Execute(text);
char[] sp = { ' ', '\t' };
var argv = text.Split(sp, 3, StringSplitOptions.RemoveEmptyEntries);
if (argv.Length != 3)
{
Context.CONSOLE.Write(CommandHelp);
return;
}
var strArgDst = argv[0];
var strArgSize = argv[2];
var strArgSrc = argv[1];
var varArgDst = Context.IDE.Debugger.GetExpression(strArgDst, false, 100);
var varArgSrc = Context.IDE.Debugger.GetExpression(strArgSrc, false, 100);
var varArgSize = Context.IDE.Debugger.GetExpression(strArgSize, false, 100);
if (!varArgDst.IsValidValue)
{
Context.CONSOLE.Write("Argument <address>: " + strArgDst + " is invalid!");
return;
}
if (!varArgSrc.IsValidValue)
{
Context.CONSOLE.Write("Argument <address>: " + strArgSrc + " is invalid!");
return;
}
if (!varArgSize.IsValidValue)
{
Context.CONSOLE.Write("Argument <size>: " + strArgSize + " is invalid!");
return;
}
long srcAddress = 0;
long dstAddress = 0;
long dataSize = 0;
var numStyleSrc = NumberHelpers.IsHexNumber(varArgSrc.Value)
? NumberStyles.HexNumber
: NumberStyles.Integer;
var numStyleDst = NumberHelpers.IsHexNumber(varArgDst.Value)
? NumberStyles.HexNumber
: NumberStyles.Integer;
var numStyleSize = NumberHelpers.IsHexNumber(varArgSize.Value)
? NumberStyles.HexNumber
: NumberStyles.Integer;
var bRet = true;
bRet = bRet && NumberHelpers.TryParseLong(varArgDst.Value, numStyleDst, out dstAddress);
bRet = bRet && NumberHelpers.TryParseLong(varArgSrc.Value, numStyleSrc, out srcAddress);
bRet = bRet && NumberHelpers.TryParseLong(varArgSize.Value, numStyleSize, out dataSize);
if (!bRet)
{
Context.CONSOLE.Write("Failed to evaluate command arguments!");
return;
}
if (!MemoryHelpers.ProcMemoryCopy(
Context.IDE.Debugger.CurrentStackFrame,
dstAddress,
srcAddress,
dataSize
))
{
Context.CONSOLE.Write("Memory copy src:" + NumberHelpers.ToHex(srcAddress) + " dst:" +
NumberHelpers.ToHex(dstAddress) + " " + dataSize + " failed!");
return;
}
Context.CONSOLE.Write("Wrote: " + dataSize + " bytes to address: " + NumberHelpers.ToHex(dstAddress));
}
public override void Execute(string[] args)
{
base.Execute(args);
if (args.Length != 3)
{
Context.CONSOLE.Write(CommandHelp);
return;
}
var strArgDst = args[0];
var strArgVal = args[1];
var strArgSize = args[2];
var varArgDst = Context.IDE.Debugger.GetExpression(strArgDst, false, 100);
var varArgVal = Context.IDE.Debugger.GetExpression(strArgVal, false, 100);
var varArgSize = Context.IDE.Debugger.GetExpression(strArgSize, false, 100);
if (!varArgDst.IsValidValue)
{
Context.CONSOLE.Write("Argument <address>: " + strArgDst + " is invalid!");
return;
}
if (!varArgVal.IsValidValue)
{
Context.CONSOLE.Write("Argument <val>: " + strArgVal + " is invalid!");
return;
}
if (!varArgSize.IsValidValue)
{
Context.CONSOLE.Write("Argument <size>: " + strArgSize + " is invalid!");
return;
}
long byteval = 0;
long dstAddress = 0;
long dataSize = 0;
var numStyleSrc = NumberHelpers.IsHexNumber(varArgVal.Value)
? NumberStyles.HexNumber
: NumberStyles.Integer;
var numStyleDst = NumberHelpers.IsHexNumber(varArgDst.Value)
? NumberStyles.HexNumber
: NumberStyles.Integer;
var numStyleSize = NumberHelpers.IsHexNumber(varArgSize.Value)
? NumberStyles.HexNumber
: NumberStyles.Integer;
var bRet = true;
bRet = bRet && NumberHelpers.TryParseLong(varArgDst.Value, numStyleDst, out dstAddress);
bRet = bRet && NumberHelpers.TryParseLong(varArgVal.Value, numStyleSrc, out byteval);
bRet = bRet && NumberHelpers.TryParseLong(varArgSize.Value, numStyleSize, out dataSize);
if (!bRet)
{
Context.CONSOLE.Write("Failed to evaluate command arguments!");
return;
}
if (!MemoryHelpers.ProcMemset(
Context.IDE.Debugger.CurrentStackFrame,
dstAddress,
(byte)byteval,
dataSize
))
{
Context.CONSOLE.Write("Memory set dst:" + NumberHelpers.ToHex(dstAddress) + " " + (byte)byteval + " " +
dataSize + " failed!");
return;
}
Context.CONSOLE.Write("Wrote: " + dataSize + " bytes to address: " + NumberHelpers.ToHex(dstAddress));
}
