📄 plugin.pas.svn-base
字号:
pluginMREW.EndRead;
end;
end;
procedure TPluginHandler.DisablePlugin(pluginid: integer);
begin
pluginMREW.BeginRead;
try
if plugins[pluginid].enabled then
begin
if not plugins[pluginid].DisablePlugin() then raise exception.Create('Error disabling '+plugins[pluginid].dllname);
plugins[pluginid].enabled:=false;
end;
finally
pluginMREW.EndRead;
end;
end;
function TPluginHandler.GetPluginName(dllname:string):string;
var hmodule: thandle;
GetVersion: TGetVersion;
PluginVersion: TPluginVersion;
begin
result:='';
if uppercase(extractfileext(dllname))<>'.DLL' then raise exception.Create('Error loading '+dllname+'. Only DLL files are allowed');
hmodule:=loadlibrary(pchar(dllname));
GetVersion:=getprocaddress(hmodule,'GetVersion');
if getprocaddress(hmodule,'InitializePlugin')=nil then raise exception.Create(dllname+' is missing the InitializePlugin export');
if getprocaddress(hmodule,'DisablePlugin')=nil then raise exception.Create(dllname+' is missing the DisablePlugin export');
if @GetVersion=nil then raise exception.Create('Error loading '+dllname+'. The dll is missing the GetVersion function');
if GetVersion(PluginVersion,sizeof(TPluginVersion)) then
result:=PluginVersion.pluginname;
freelibrary(hmodule);
end;
function TPluginHandler.GetPluginID(dllname:string):integer;
var dname: string;
i: integer;
begin
result:=-1;
dname:=uppercase(extractfilename(dllname));
pluginMREW.BeginRead;
for i:=0 to length(plugins)-1 do
begin
if uppercase(plugins[i].dllname)=dname then
begin
result:=i;
exit;
end;
end;
pluginMREW.EndRead;
end;
function TPluginHandler.LoadPlugin(dllname:string):integer;
var hmodule: thandle;
GetVersion: TGetVersion;
PluginVersion: TPluginVersion;
s: string;
i: integer;
begin
result:=0;
if uppercase(extractfileext(dllname))<>'.DLL' then raise exception.Create('Error loading '+dllname+'. Only DLL files are allowed');
s:=uppercase(extractfilename(dllname));
pluginMREW.BeginRead;
try
for i:=0 to length(plugins)-1 do
begin
//check if it was loaded already or not
if s=uppercase(plugins[length(plugins)-1].dllname) then
begin
result:=i;
exit; //already in the list so no need to load again
end;
end;
finally
pluginMREW.EndRead;
end;
hmodule:=loadlibrary(pchar(dllname));
GetVersion:=getprocaddress(hmodule,'GetVersion');
if @GetVersion=nil then raise exception.Create('Error loading '+dllname+'. The dll is missing the GetVersion function');
if GetVersion(PluginVersion,sizeof(TPluginVersion)) then
begin
if PluginVersion.version>currentpluginversion then
raise exception.Create('Error loading '+dllname+'. This dll requires a newer version of ce to function properly');
pluginMREW.BeginWrite;
try
try
setlength(plugins,length(plugins)+1);
plugins[length(plugins)-1].dllname:=extractfilename(dllname);
plugins[length(plugins)-1].filepath:=GetRelativeFilePath(dllname);
plugins[length(plugins)-1].hmodule:=hmodule;
plugins[length(plugins)-1].name:=PluginVersion.pluginname;
plugins[length(plugins)-1].GetVersion:=getprocaddress(hmodule,'GetVersion');
plugins[length(plugins)-1].EnablePlugin:=getprocaddress(hmodule,'InitializePlugin');
plugins[length(plugins)-1].DisablePlugin:=getprocaddress(hmodule,'DisablePlugin');
plugins[length(plugins)-1].nextid:=1;
if @plugins[length(plugins)-1].EnablePlugin=nil then raise exception.Create(dllname+' is missing the InitializePlugin export');
if @plugins[length(plugins)-1].DisablePlugin=nil then raise exception.Create(dllname+' is missing the DisablePlugin export');
result:=length(plugins)-1;
except
on e: exception do
begin
setlength(plugins,length(plugins)-1);
raise e;
end;
end;
finally
pluginMREW.EndWrite;
end;
end else raise exception.Create('Error loading '+dllname+'. The GetVersion function returned FALSE');
end;
procedure TPluginHandler.FillCheckListBox(clb: TCheckListbox);
var i,j: integer;
x:Tpathspecifier;
begin
for i:=0 to clb.Count-1 do
Tpathspecifier(clb.Items.Objects[i]).Free;
clb.Clear;
pluginMREW.BeginRead;
for i:=0 to length(plugins)-1 do
begin
x:=TPathSpecifier.Create;
x.path:=plugins[i].filepath;
j:=clb.Items.AddObject(plugins[i].dllname+':'+plugins[i].name,x);
clb.Checked[j]:=plugins[i].enabled;
end;
pluginMREW.EndRead;
end;
function TPluginHandler.handledebuggerplugins(devent: PDebugEvent):integer;
var i,j: integer;
begin
result:=0;
pluginMREW.BeginRead;
try
for i:=0 to length(plugins)-1 do
for j:=0 to length(plugins[i].RegisteredFunctions3)-1 do
if plugins[i].RegisteredFunctions3[j].callback(devent)=1 then result:=1;
finally
pluginMREW.EndRead;
end;
end;
function TPluginHandler.handlenewprocessplugins(processid: dword; peprocess:dword):boolean;
var i,j: integer;
begin
result:=true;
pluginMREW.BeginRead;
try
for i:=0 to length(plugins)-1 do
for j:=0 to length(plugins[i].RegisteredFunctions4)-1 do
plugins[i].RegisteredFunctions4[j].callback(processid,peprocess);
finally
pluginMREW.EndRead;
end;
end;
function TPluginHandler.handlechangedpointers(section: integer):boolean;
var i,j: integer;
begin
result:=true;
pluginMREW.BeginRead;
try
for i:=0 to length(plugins)-1 do
for j:=0 to length(plugins[i].RegisteredFunctions5)-1 do
plugins[i].RegisteredFunctions5[j].callback(section);
finally
pluginMREW.EndRead;
end;
end;
constructor TPluginHandler.create;
var test: pchar;
begin
pluginMREW:=TMultiReadExclusiveWriteSynchronizer.Create;
exportedfunctions.sizeofExportedFunctions:=sizeof(TExportedFunctions2);
exportedfunctions.showmessage:=@ce_showmessage;
exportedfunctions.registerfunction:=@ce_registerfunction;
exportedfunctions.unregisterfunction:=@ce_unregisterfunction;
exportedfunctions.OpenedProcessID:=@processid;
exportedfunctions.OpenedProcessHandle:=@processhandle;
exportedfunctions.GetMainWindowHandle:=@ce_GetMainWindowHandle;
exportedfunctions.AutoAssemble:=@ce_autoassemble;
exportedfunctions.assembler:=@ce_assembler;
exportedfunctions.disassembler:=@ce_disassembler;
exportedfunctions.ChangeRegistersAtAddress:=@ce_ChangeRegistersAtAddress;
exportedfunctions.InjectDLL:=@ce_ChangeRegistersAtAddress;
exportedfunctions.freezemem:=@ce_freezemem;
exportedfunctions.unfreezemem:=@ce_unfreezemem;
exportedfunctions.fixmem:=@ce_fixmem;
exportedfunctions.processlist:=@ce_processlist;
exportedfunctions.reloadsettings:=@ce_reloadsettings;
exportedfunctions.getaddressfrompointer:=@ce_getaddressfrompointer;
//pointers to the address that contains the pointers to the functions
exportedfunctions.ReadProcessMemory:=@@ReadProcessMemory;
exportedfunctions.WriteProcessMemory:=@@WriteProcessMemory;
exportedfunctions.GetThreadContext:=@@GetThreadContext;
exportedfunctions.SetThreadContext:=@@SetThreadContext;
exportedfunctions.SuspendThread:=@@SuspendThread;
exportedfunctions.ResumeThread:=@@ResumeThread;
exportedfunctions.OpenProcess:=@@OpenProcess;
exportedfunctions.WaitForDebugEvent:=@@WaitForDebugEvent;
exportedfunctions.ContinueDebugEvent:=@@ContinueDebugEvent;
exportedfunctions.DebugActiveProcess:=@@DebugActiveProcess;
exportedfunctions.StopDebugging:=@@StopDebugging;
exportedfunctions.StopRegisterChange:=@@StopRegisterChange;
exportedfunctions.VirtualProtect:=@@VirtualProtect;
exportedfunctions.VirtualProtectEx:=@@VirtualProtectEx;
exportedfunctions.VirtualQueryEx:=@@VirtualQueryEx;
exportedfunctions.VirtualAllocEx:=@@VirtualAllocEx;
exportedfunctions.CreateRemoteThread:=@@CreateRemoteThread;
exportedfunctions.OpenThread:=@@OpenThread;
exportedfunctions.GetPEProcess:=@@GetPEProcess;
exportedfunctions.GetPEThread:=@@GetPEThread;
exportedfunctions.GetThreadsProcessOffset:=@@GetThreadsProcessOffset;
exportedfunctions.GetThreadListEntryOffset:=@@GetThreadListEntryOffset;
exportedfunctions.GetProcessnameOffset:=@@GetProcessnameOffset;
exportedfunctions.GetDebugportOffset:=@@GetDebugportOffset;
exportedfunctions.GetPhysicalAddress:=@@GetPhysicalAddress;
exportedfunctions.ProtectMe:=@@ProtectMe;
exportedfunctions.GetCR4:=@@GetCR4;
exportedfunctions.GetCR3:=@@GetCR3;
exportedfunctions.SetCR3:=@@SetCR3;
exportedfunctions.GetSDT:=@@GetSDT;
exportedfunctions.GetSDTShadow:=@@GetSDTShadow;
exportedfunctions.setAlternateDebugMethod:=@@setAlternateDebugMethod;
exportedfunctions.getAlternateDebugMethod:=@@getAlternateDebugMethod;
exportedfunctions.DebugProcess:=@@DebugProcess;
exportedfunctions.ChangeRegOnBP:=@@ChangeRegOnBP;
exportedfunctions.RetrieveDebugData:=@@RetrieveDebugData;
exportedfunctions.StartProcessWatch:=@@StartProcessWatch;
exportedfunctions.WaitForProcessListData:=@@WaitForProcessListData;
exportedfunctions.GetProcessNameFromID:=@@GetProcessNameFromID;
exportedfunctions.GetProcessNameFromPEProcess:=@@GetProcessNameFromPEProcess;
exportedfunctions.KernelOpenProcess:=@@KernelOpenProcess;
exportedfunctions.KernelReadProcessMemory:=@@KernelReadProcessMemory;
exportedfunctions.KernelWriteProcessMemory:=@@KernelWriteProcessMemory;
exportedfunctions.KernelVirtualAllocEx:=@@KernelVirtualAllocEx;
exportedfunctions.IsValidHandle:=@@IsValidHandle;
exportedfunctions.GetIDTCurrentThread:=@@GetIDTCurrentThread;
exportedfunctions.GetIDTs:=@@GetIDTs;
exportedfunctions.MakeWritable:=@@MakeWritable;
exportedfunctions.GetLoadedState:=@@GetLoadedState;
exportedfunctions.DBKSuspendThread:=@@DBKSuspendThread;
exportedfunctions.DBKResumeThread:=@@DBKResumeThread;
exportedfunctions.DBKSuspendProcess:=@@DBKSuspendProcess;
exportedfunctions.DBKResumeProcess:=@@DBKResumeProcess;
exportedfunctions.KernelAlloc:=@@KernelAlloc;
exportedfunctions.GetKProcAddress:=@@GetKProcAddress;
exportedfunctions.CreateToolhelp32Snapshot:=@@CreateToolhelp32Snapshot;
exportedfunctions.Process32First:=@@Process32First;
exportedfunctions.Process32Next:=@@Process32Next;
exportedfunctions.Thread32First:=@@Thread32First;
exportedfunctions.Thread32Next:=@@Thread32Next;
exportedfunctions.Module32First:=@@Module32First;
exportedfunctions.Module32Next:=@@Module32Next;
exportedfunctions.Heap32ListFirst:=@@Heap32ListFirst;
exportedfunctions.Heap32ListNext:=@@Heap32ListNext;
//give the address of the variable since there is a change they arn't initialized just yet...
exportedfunctions.mainform:=@mainform;
exportedfunctions.memorybrowser:=@memorybrowser;
end;
end.
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -