Exemplos de NIStartupOptions em C# (CSharp)

Exemplo n.º 1

        static void Main(string[] args)
        {
            NIStartupOptions opts = new NIStartupOptions();

            opts.executable     = @"C:\Users\Timothy\Documents\Visual Studio 2013\Projects\HelloCPP\x64\Release\HelloCPP.exe";
            opts.resumeOnCreate = false;
            debug.Execute(opts);


            ChangeAllSetText();

            Console.WriteLine("Press any key to exit...");
            Console.ReadKey();
        }

Exemplo n.º 2

        static void Main(string[] args)
        {
            NIStartupOptions opts = new NIStartupOptions();

            opts.executable     = @"c:\windows\system32\notepad.exe";
            opts.resumeOnCreate = false;
            debug.Execute(opts);

            Console.WriteLine("Installing VEH");
            debug.InstallHardVEH();

            Console.WriteLine("Setting HWBP on Execute");
            debug.SetHardBreakPoint(0xc562a8, HWBP_MODE.MODE_LOCAL, HWBP_TYPE.TYPE_EXECUTE, HWBP_SIZE.SIZE_1);


            Console.WriteLine("Generating Hello World String in Target");
            uint memoryCave;

            debug.AllocateMemory(100, out memoryCave);

            debug.WriteString(memoryCave, "Welcome to NIDebugger HWBPs", Encoding.Unicode);

            Console.WriteLine("Running...");


            debug.Continue();

            // hope and pray
            Console.WriteLine("Our EIP after HWBP is: " + debug.Context.Eip.ToString("X8"));

            Console.WriteLine("Setting EAX to new String address");
            String oldString;

            debug.ReadString(debug.Context.Eax, 100, Encoding.Unicode, out oldString);

            debug.Context.Eax = memoryCave;


            debug.Detach();
            //debug.Detach();


            //ChangeAllSetText();

            Console.WriteLine("Press any key to exit...");
            // Console.ReadKey();
        }

Exemplo n.º 3

Arquivo: Program.cs Projeto: Techlord-RCE/NIDebugger64

        static void Main(string[] args)
        {
            NIStartupOptions opts = new NIStartupOptions();

            opts.executable     = @"C:\Windows\System32\notepad.exe";
            opts.resumeOnCreate = false;

            NIDebugger64 debug = new NIDebugger64();

            debug.AutoClearBP   = true;
            debug.StepIntoCalls = true;
            debug.Execute(opts);
            ulong memoryCave;

            debug.AllocateMemory(100, out memoryCave);

            debug.WriteString(memoryCave, "Welcome to NIDebugger64", Encoding.Unicode);

            ulong setWindowTextW = debug.FindProcAddress("user32.dll", "SetWindowTextW");

            debug.SetBreakpoint(setWindowTextW);

            debug.Continue();
            debug.SingleStep();
            debug.SingleStep();
            debug.SingleStep();

            uint len = debug.GetInstrLength();

            byte[] data = debug.GetInstrOpcodes();

            debug.Context.Rdx = memoryCave;

            debug.Detach();

            int i = 0;
        }