public NIDebugger64 Execute(NIStartupOptions opts)
{
Win64.SECURITY_ATTRIBUTES sa1 = new Win64.SECURITY_ATTRIBUTES();
sa1.nLength = Marshal.SizeOf(sa1);
Win64.SECURITY_ATTRIBUTES sa2 = new Win64.SECURITY_ATTRIBUTES();
sa2.nLength = Marshal.SizeOf(sa2);
Win64.STARTUPINFO si = new Win64.STARTUPINFO();
debuggedProcessInfo = new Win64.PROCESS_INFORMATION();
int ret = Win64.CreateProcess(opts.executable, opts.commandLine, ref sa1, ref sa2, 0, 0x00000200 | Win64.CREATE_SUSPENDED, 0, null, ref si, ref debuggedProcessInfo);
debuggedProcess = Process.GetProcessById(debuggedProcessInfo.dwProcessId);
threadHandles.Add(debuggedProcessInfo.dwThreadId, debuggedProcessInfo.hThread);
if (opts.resumeOnCreate)
{
Win64.ResumeThread((IntPtr)debuggedProcessInfo.hThread);
}
else
{
Context = getContext(getCurrentThreadId());
ulong OEP = Context.Rcx;
SetBreakpoint(OEP);
Continue();
ClearBreakpoint(OEP);
Console.WriteLine("We should be at OEP");
}
return(this);
}
private void resumeAllThreads()
{
foreach (ProcessThread t in debuggedProcess.Threads)
{
IntPtr hThread = getThreadHandle(t.Id);
int result = Win64.ResumeThread(hThread);
while (result > 1)
{
result = Win64.ResumeThread(hThread);
}
}
}