📄 plugin.h
字号:
// Status of animation or trace.
#define ANIMATE_OFF 0 // No animation
#define ANIMATE_IN 1 // Animate into
#define ANIMATE_OVER 2 // Animate over
#define ANIMATE_RET 3 // Execute till RET
#define ANIMATE_SKPRET 4 // Skip RET instruction
#define ANIMATE_USER 5 // Execute till user code
#define ANIMATE_TRIN 6 // Run trace in
#define ANIMATE_TROVER 7 // Run trace over
#define ANIMATE_STOP 8 // Gracefully stop animation
typedef struct t_hexstr { // String used for hex/text search
int n; // String length
uchar data[TEXTLEN]; // Data
uchar mask[TEXTLEN]; // Mask, 0 bits are masked
} t_hexstr;
typedef struct t_asmmodel { // Model to search for assembler command
uchar code[MAXCMDSIZE]; // Binary code
uchar mask[MAXCMDSIZE]; // Mask for binary code (0: bit ignored)
int length; // Length of code, bytes (0: empty)
int jmpsize; // Offset size if relative jump
int jmpoffset; // Offset relative to IP
int jmppos; // Position of jump offset in command
} t_asmmodel;
typedef struct t_extmodel { // Model for extended command search
char code[MAXCMDSIZE]; // Binary code
char mask[MAXCMDSIZE]; // Mask for binary code (0: bit ignored)
int length; // Length of code, bytes (0: empty)
int jmpsize; // Offset size if relative jump
int jmpoffset; // Offset relative to IP
int jmppos; // Position of jump offset in command
int isany; // Count for ANY's argument
int cmdoffset; // Offset of command in the source
char ramask[MAXCMDSIZE]; // Mask for pseudoregister RA
char rbmask[MAXCMDSIZE]; // Mask for pseudoregister RB
} t_extmodel;
extc int cdecl Getlong(char *title,ulong *data,int datasize,
char letter,int mode);
extc int cdecl Getlongxy(char *title,ulong *data,int datasize,
char letter,int mode,int x,int y);
extc int cdecl Getregxy(char *title,ulong *data,char letter,int x,int y);
extc int cdecl Getline(char *title,ulong *data);
extc int cdecl Getlinexy(char *title,ulong *data,int x,int y);
extc int cdecl Getfloat10(char *title,long double *fdata,
uchar *tag,char letter,int mode);
extc int cdecl Getfloat10xy(char *title,long double *fdata,
char *tag,char letter,int mode,int x,int y);
extc int cdecl Getfloat(char *title,void *fdata,int size,
char letter,int mode);
extc int cdecl Getfloatxy(char *title,void *fdata,int size,
char letter,int mode,int x,int y);
extc void cdecl Getasmfindmodel(t_asmmodel model[NMODELS],
char letter,int searchall);
extc void cdecl Getasmfindmodelxy(t_asmmodel model[NMODELS],
char letter,int searchall,int x,int y);
extc int cdecl Gettext(char *title,char *text,
char letter,int type,int fontindex);
extc int cdecl Gettextxy(char *title,char *text,char letter,
int type,int fontindex,int x,int y);
extc int cdecl Gethexstring(char *title,t_hexstr *hs,
int mode,int fontindex,char letter);
extc int cdecl Gethexstringxy(char *title,t_hexstr *hs,int mode,
int fontindex,char letter,int x,int y);
extc int cdecl Getmmx(char *title,uchar *data,int mode);
extc int cdecl Getmmxxy(char *title,char *data,int mode,int x,int y);
extc int cdecl Get3dnow(char *title,uchar *data,int mode);
extc int cdecl Get3dnowxy(char *title,char *data,int mode,int x,int y);
extc int cdecl Browsefilename(char *title,char *name,char *defext,
int getarguments);
extc int cdecl OpenEXEfile(char *path,int dropped);
extc int cdecl Attachtoactiveprocess(int newprocessid);
extc void cdecl Animate(int animation);
////////////////////////////////////////////////////////////////////////////////
//////////////////////////// SORTED DATA FUNCTIONS /////////////////////////////
#define NBAR 17 // Max allowed number of segments in bar
#define BAR_PRESSED 0x01 // Bar segment pressed, used internally
#define BAR_DISABLED 0x02 // Bar segment disabled
#define BAR_NOSORT 0x04 // Flat bar column, supports no sorting
#define BAR_NORESIZE 0x08 // Bar column cannot be resized
#define BAR_BUTTON 0x10 // Segment sends WM_USER_BAR
#define BAR_SHIFTSEL 0x20 // Selection shifted 1/2 char to left
#define CAPT_FREE 0 // Bar and data are not captured
#define TABLE_DIR 0x0001 // Bottom-to-top table
#define TABLE_COPYMENU 0x0002 // Attach copy item
#define TABLE_SORTMENU 0x0004 // Attach sort menu
#define TABLE_APPMENU 0x0010 // Attach appearance menu
#define TABLE_WIDECOL 0x0020 // Attach wide columns menu item
#define TABLE_USERAPP 0x0040 // Attach user-processed appearance menu
#define TABLE_USERDEF 0x0080 // User-drawn table
#define TABLE_NOHSCR 0x0100 // Table contains no horizontal scroll
#define TABLE_SAVEPOS 0x0200 // Save position & appearance to .ini
#define TABLE_CPU 0x0400 // Table belongs to CPU window
#define TABLE_FASTSEL 0x0800 // Update when selection changes
#define TABLE_COLSEL 0x1000 // Column-wide selection
#define TABLE_SAVEAPP 0x2000 // Save multiinstance appearance to .ini
#define TABLE_HILMENU 0x4000 // Attach Syntax highlighting menu
#define TABLE_ONTOP 0x8000 // Attach Always on top menu
#define DRAW_NORMAL 0x0000 // Normal plain text
#define DRAW_GRAY 0x0001 // Grayed text
#define DRAW_HILITE 0x0002 // Highlighted text
#define DRAW_UL 0x0004 // Underlined text
#define DRAW_SELECT 0x0008 // Selected background
#define DRAW_EIP 0x0010 // Inverted normal text/background
#define DRAW_BREAK 0x0020 // Breakpoint background
#define DRAW_GRAPH 0x0040 // Graphical element
#define DRAW_DIRECT 0x0080 // Direct text colour index (mask only)
#define DRAW_MASK 0x0080 // Use mask to set individual colors
#define DRAW_EXTSEL 0x0100 // Extend mask till end of column
#define DRAW_UNICODE 0x0200 // Text in UNICODE
#define DRAW_TOP 0x0400 // Draw upper half of text
#define DRAW_BOTTOM 0x0800 // Draw lower half of text
// Symbolic names for graphical characters. Any other character is displayed
// as space. Use only characters in range [1..0x7F]!
#define D_SPACE 'N' // Space
#define D_SEP ' ' // Thin separating line
#define D_BEGIN 'B' // Begin of procedure or scope
#define D_BODY 'I' // Body of procedure or scope
#define D_ENTRY 'J' // Loop entry point
#define D_LEAF 'K' // Intermediate leaf on a tree
#define D_END 'E' // End of procedure or scope
#define D_SINGLE 'S' // Single-line scope
#define D_ENDBEG 'T' // End and begin of stack scope
#define D_POINT '.' // Point
#define D_JMPUP 'U' // Jump upstairs
#define D_JMPOUT '<' // Jump to same location or out of module
#define D_JMPDN 'D' // Jump downstairs
#define D_PATHUP 'u' // Jump path upstairs (highlighted)
#define D_GRAYUP 'v' // Jump path upstairs (grayed)
#define D_PATH 'i' // Jump path through text (highlighted)
#define D_GRAYPATH 'j' // Jump path through text (grayed)
#define D_PATHDN 'd' // Jump path downstairs (highlighted)
#define D_GRAYDN 'e' // Jump path downstairs (grayed)
#define D_PATHUPEND 'r' // End of path upstairs (highlighted)
#define D_GRAYUPEND 's' // End of path upstairs (grayed)
#define D_PATHDNEND 'f' // End of path downstairs (highlighted)
#define D_GRAYDNEND 'g' // End of path downstairs (grayed)
#define D_SWTOP 't' // Start of switch
#define D_SWBODY 'b' // Switch body
#define D_CASE 'c' // Intermediate switch case
#define D_LASTCASE 'l' // Last switch case
// Please note: Although types here contain mostly unique bit assignments, it's
// not really necessary. Same bits, except for reserved general types, can be
// freely shared between different types of sorted data.
// General item types:
#define TY_NEW 0x00000001 // Item is new
#define TY_CONFIRMED 0x00000002 // Item still exists
#define TY_MAIN 0x00000004 // Main item (thread or module)
#define TY_INVALID 0x00000008 // Invalid type (item does not exist)
#define TY_SELECTED 0x80000000 // Reserved for multiple selection
// Module-specific types:
#define TY_REPORTED 0x00000010 // Stop on module was reported
// Reference-specific types:
#define TY_REFERENCE 0x00000020 // Item is a real reference
#define TY_ORIGIN 0x00000040 // Item is a search origin
// Breakpoint-specific types:
#define TY_STOPAN 0x00000080 // Stop animation if TY_ONESHOT
#define TY_SET 0x00000100 // Code INT3 is in memory
#define TY_ACTIVE 0x00000200 // Permanent breakpoint
#define TY_DISABLED 0x00000400 // Permanent disabled breakpoint
#define TY_ONESHOT 0x00000800 // Temporary stop
#define TY_TEMP 0x00001000 // Temporary breakpoint
#define TY_KEEPCODE 0x00002000 // Set and keep command code
#define TY_KEEPCOND 0x00004000 // Keep condition unchanged (0: remove)
#define TY_NOUPDATE 0x00008000 // Don't redraw breakpoint window
#define TY_RTRACE 0x00010000 // Pseudotype of run trace breakpoint
// Namelist-specific types:
#define TY_EXPORT 0x00010000 // Exported name
#define TY_IMPORT 0x00020000 // Imported name
#define TY_LIBRARY 0x00040000 // Name extracted from object file
#define TY_LABEL 0x00080000 // User-defined name
#define TY_ANYNAME 0x000F0000 // Any of the namelist flags above
#define TY_KNOWN 0x00100000 // Name of known function
// Memory-specific types:
#define TY_DEFHEAP 0x00020000 // Contains default heap
#define TY_HEAP 0x00040000 // Contains non-default heap
#define TY_SFX 0x00080000 // Contains self-extractor
#define TY_CODE 0x00100000 // Contains image of code section
#define TY_DATA 0x00200000 // Contains image of data section
#define TY_IMPDATA 0x00400000 // Memory block includes import data
#define TY_EXPDATA 0x00800000 // Memory block includes export data
#define TY_RSRC 0x01000000 // Memory block includes resources
#define TY_RELOC 0x02000000 // Memory block includes relocation data
#define TY_STACK 0x04000000 // Contains stack of some thread
#define TY_THREAD 0x08000000 // Contains data block of some thread
#define TY_HEADER 0x10000000 // COFF header
#define TY_ANYMEM 0x1FFE0000 // Any of the memory flags above
#define TY_GUARDED 0x20000000 // NT only: guarded memory block
// Procedure data-specific types:
#define TY_PURE 0x00004000 // No side effects except in stack
#define TY_PASCAL 0x00010000 // Procedure ends with RET nnn
#define TY_C 0x00020000 // ADD ESP,nnn after call to procedure
#define TY_NOTENTRY 0x00100000 // Not necessarily entry point
// Switch data-specific types.
#define TY_CHARSW 0x00100000 // ASCII switch
#define TY_WMSW 0x00200000 // Window message switch
#define TY_EXCEPTSW 0x00400000 // Exception switch
// Stack walk data-specific types.
#define TY_RELIABLE 0x01000000 // Reliable call
#define TY_GUESSED 0x02000000 // Not a real entry, just guessed
#define TY_BELONGS 0x04000000 // Not a real entry, just belongs to proc
// Call tree-specific types.
#define TY_RECURSIVE 0x00000100 // Routine calls self
#define TY_TERMINAL 0x00000200 // Leaf function, doesn't call others
#define TY_SYSTEM 0x00000400 // Function resides in system DLL
#define TY_DIRECT 0x00000800 // Called directly
#define TY_NODATA 0x00001000 // Not analyzed or outside procedure
#define TY_DUMMY 0x00002000 // Consists of single RET command
#define TY_NOSIDE 0x00004000 // No side effects except in stack
typedef struct t_scheme { // Color scheme
char *name; // Name of the scheme
int textcolor; // Colour used to draw text
int hitextcolor; // Colour used to draw highlited text
int lowcolor; // Colour used to draw auxiliary text
int bkcolor; // Colour used to draw backgrounds
int selbkcolor; // Colour used for selecting background
int linecolor; // Colour used for separating lines
int auxcolor; // Colour used for auxiliary objects
int condbkcolor; // Colour used for background of cond brk
} t_scheme;
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -