📄 mainunit.pas.svn-base
字号:
setlength(selected,numberofrecords);
setlength(hotkeystrings,NumberOfRecords);
setlength(Hotkeys,numberofrecords);
if numberofrecords>before then
begin
//initialize the new memory
for i:=before to numberofrecords-1 do
begin
zeromemory(@memrec[i],sizeof(memrec[i]));
zeromemory(@frozenfvalue[i],sizeof(frozenfvalue[i]));
zeromemory(@frozenStrings[i],sizeof(frozenStrings[i]));
zeromemory(@frozenbytes[i],sizeof(frozenbytes[i]));
zeromemory(@selected[i],sizeof(selected[i]));
zeromemory(@hotkeystrings[i],sizeof(hotkeystrings[i]));
zeromemory(@Hotkeys[i],sizeof(Hotkeys[i]));
end;
end;
end;
procedure TMainform.setfoundlisthorizontal;
begin
//removed
end;
procedure TMainform.exceptionhandler(Sender: TObject; E: Exception);
begin
if (E.Message='Error creating window device context') then exit;
screen.Cursor:=crdefault;
closefile(addressfile);
closefile(memoryfile);
closefile(newAddressfile);
closefile(newmemoryfile);
Application.ShowException(E);
end;
procedure TMainForm.freedebugger;
begin
//the debugger says the process has ended, or the thread has stopped
freeandnil(debuggerthread);
advancedoptions.Pausebutton.Down:=false;
end;
procedure TMainform.SetReadWriteBreakpoint(address: dword; size: dword);
var mbi: _Memory_Basic_Information;
i: integer;
ct: _context;
regsinuse: integer;
olda,olds: dword;
dr: dword;
procedure Set4bytebreak;
begin
case regsinuse of
0: begin
ct.dr0:=address;
ct.dr7:=ct.dr7 or reg0set or reg0rw or debugexact or reg0len4;
end;
1: begin
ct.dr1:=address;
ct.dr7:=ct.Dr7 or reg1set or reg1rw or debugexact or reg1len4;
end;
2: begin
ct.Dr2:=address;
ct.dr7:=ct.dr7 or reg2set or reg2rw or debugexact or reg2len4;
end;
3: begin
ct.Dr3:=address;
ct.dr7:=ct.dr7 or reg3set or reg3rw or debugexact or reg3len4;
end;
end;
inc(address,4);
dec(size,4);
inc(regsinuse);
end;
procedure Set2bytebreak;
begin
case regsinuse of
0: begin
ct.dr0:=address;
ct.dr7:=ct.dr7 or reg0set or reg0rw or debugexact or reg0len2;
end;
1: begin
ct.dr1:=address;
ct.dr7:=ct.Dr7 or reg1set or reg1rw or debugexact or reg1len2;
end;
2: begin
ct.Dr2:=address;
ct.dr7:=ct.dr7 or reg2set or reg2rw or debugexact or reg2len2;
end;
3: begin
ct.Dr3:=address;
ct.dr7:=ct.dr7 or reg3set or reg3rw or debugexact or reg3len2;
end;
end;
inc(address,2);
dec(size,2);
inc(regsinuse);
end;
procedure Set1bytebreak;
begin
case regsinuse of
0: begin
ct.dr0:=address;
ct.dr7:=ct.dr7 or reg0set or reg0rw or debugexact;
end;
1: begin
ct.dr1:=address;
ct.dr7:=ct.Dr7 or reg1set or reg1rw or debugexact;
end;
2: begin
ct.Dr2:=address;
ct.dr7:=ct.dr7 or reg2set or reg2rw or debugexact;
end;
3: begin
ct.Dr3:=address;
ct.dr7:=ct.dr7 or reg3set or reg3rw or debugexact;
end;
end;
inc(address);
dec(size);
inc(regsinuse);
end;
resourcestring
strAccessed='The following opcodes accessed the selected address';
var rd: dword;
tmp: byte;
ths: thandle;
th: thandle;
tE: threadentry32;
begin
//check if you can read address to address+size
if not (formsettings.rbDebugRegisters.checked or formsettings.cbKDebug.checked) then
begin
readprocessmemory(processhandle,pointer(address),@tmp,1,rd);
if rd<>1 then raise exception.Create(strAddressHasToBeReadable);
end;
if foundcodedialog<>nil then raise exception.Create('The debugger is already trying to find out what reads,writes or accesses a certain address. First close the other window');
if debuggerthread2<>nil then raise exception.create('Please stop any other debugger option before enabling this option');
foundcodedialog:=TFoundcodedialog.create(self);
foundcodedialog.Caption:=strAccessed;
foundcodedialog.btnOK.caption:=strStop;
if (formsettings.cbKdebug.checked) and (debuggerthread=nil) then
if not DebugProcess(processid,address,size,3) then raise exception.Create(strFailedToInitialize);
olda:=address;
olds:=size;
zeromemory(@ct,sizeof(ct));
ct.ContextFlags:=CONTEXT_DEBUG_REGISTERS;
//configure the debugregs
if formsettings.rbDebugRegisters.checked or formsettings.cbKDebug.checked then
begin
foundcodedialog.useexceptions:=false;
regsinuse:=0;
ct.dr7:=0;
while (regsinuse<4) and (size>0) do
begin
if size>=4 then
begin
if (address mod 4)>0 then
begin
if (address mod 2)>0 then
begin
set1bytebreak; //watch on a byte
continue;
end
else
begin
set2bytebreak;
continue;
end;
end
else
begin
set4bytebreak;
continue;
end;
end;
if size>=2 then
begin
if (address mod 2)>0 then
begin
set1bytebreak; //watch on a byte
continue;
end
else
begin
set2bytebreak;
continue;
end;
end;
if size=1 then
set1bytebreak;
end;
//ct.dr7:=$D0303;
if formsettings.cbKdebug.Checked and (debuggerthread=nil) then
begin
if DebuggerThread2<>nil then
begin
debuggerthread2.Terminate;
debuggerthread2.WaitFor;
freeandnil(debuggerthread2);
end;
DebuggerThread2:=TDebugEvents.Create(true);
debuggerthread2.debugregs:=ct;
for i:=0 to length(debuggerthread2.threadlist)-1 do
begin
suspendthread(debuggerthread2.threadlist[i]);
SetThreadContext(debuggerthread2.threadlist[i],debuggerthread2.debugregs);
resumethread(debuggerthread2.threadlist[i]);
end;
debuggerthread2.Resume;
end
else
begin
debuggerthread.DRRegs:=ct;
debuggerthread.Suspend;
for i:=0 to length(debuggerthread.threadlist)-1 do
begin
suspendthread(debuggerthread.threadlist[i][1]);
SetThreadContext(debuggerthread.threadlist[i][1],debuggerthread.DRRegs);
resumethread(debuggerthread.threadlist[i][1]);
end;
debuggerthread.FindWriter2:=true;
debuggerthread.Resume;
end;
end
else
begin
//dont use debug regs
foundcodedialog.useexceptions:=true;
virtualqueryEx(processhandle,pointer(address),mbi,sizeof(mbi));
debugger.DebuggerThread.findreader.pagebase:=dword(mbi.BaseAddress);
debugger.DebuggerThread.findreader.pagesize:=dword(mbi.RegionSize);
debugger.DebuggerThread.findreader.Address:=address;
debugger.DebuggerThread.findreader.size:=size;
DebuggerThread.findreaderset:=true;
DebuggerThread.alsowrites:=true;
VirtualProtectEx(processhandle,pointer(address),size,PAGE_NOACCESS,debugger.DebuggerThread.findreader.originalprotection);
end;
foundcodedialog.show;
end;
procedure TMainform.SetReadBreakpoint(address: dword; size: dword);
var mbi: _Memory_Basic_Information;
i: integer;
tmp:byte;
rD:dword;
resourcestring strOpcodeRead='The following opcodes read from the selected address';
begin
readprocessmemory(processhandle,pointer(address),@tmp,1,rd);
if rd<>1 then raise exception.Create(strAddressHasToBeReadable);
if foundcodedialog<>nil then raise exception.Create('The debugger is already trying to find out what reads,writes or accesses a certain address. First close the other window');
foundcodedialog:=TFoundcodedialog.create(self);
foundcodedialog.Caption:=strOpcodeRead;
foundcodedialog.useexceptions:=true;
foundcodedialog.btnOK.caption:=strStop;
virtualqueryEx(processhandle,pointer(address),mbi,sizeof(mbi));
debugger.DebuggerThread.findreader.pagebase:=dword(mbi.BaseAddress);
debugger.DebuggerThread.findreader.pagesize:=dword(mbi.RegionSize);
debugger.DebuggerThread.findreader.Address:=address;
debugger.DebuggerThread.findreader.size:=size;
DebuggerThread.findreaderset:=true;
VirtualProtectEx(processhandle,pointer(address),size,PAGE_NOACCESS,debugger.DebuggerThread.findreader.originalprotection);
foundcodedialog.show;
end;
procedure TMainform.SetWriteBreakpoint(address: dword; size: dword);
var mbi: _Memory_Basic_Information;
i: integer;
ct: _context;
regsinuse: integer;
olda,olds: dword;
dr: dword;
procedure Set4bytebreak;
begin
case regsinuse of
0: begin
ct.dr0:=address;
ct.dr7:=ct.dr7 or reg0set or reg0w or debugexact or reg0len4;
end;
1: begin
ct.dr1:=address;
ct.dr7:=ct.Dr7 or reg1set or reg1w or debugexact or reg1len4;
end;
2: begin
ct.Dr2:=address;
ct.dr7:=ct.dr7 or reg2set or reg2w or debugexact or reg2len4;
end;
3: begin
ct.Dr3:=address;
ct.dr7:=ct.dr7 or reg3set or reg3w or debugexact or reg3len4;
end;
end;
inc(address,4);
dec(size,4);
inc(regsinuse);
end;
procedure Set2bytebreak;
begin
case regsinuse of
0: begin
ct.dr0:=address;
ct.dr7:=ct.dr7 or reg0set or reg0w or debugexact or reg0len2;
end;
1: begin
ct.dr1:=address;
ct.dr7:=ct.Dr7 or reg1set or reg1w or debugexact or reg1len2;
end;
2: begin
ct.Dr2:=address;
ct.dr7:=ct.dr7 or reg2set or reg2w or debugexact or reg2len2;
end;
3: begin
ct.Dr3:=address;
ct.dr7:=ct.dr7 or reg3set or reg3w or debugexact or reg3len2;
end;
end;
inc(address,2);
dec(size,2);
inc(regsinuse);
end;
procedure Set1bytebreak;
begin
case regsinuse of
0: begin
ct.dr0:=address;
ct.dr7:=ct.dr7 or reg0set or reg0w or debugexact;
end;
1: begin
ct.dr1:=address;
ct.dr7:=ct.Dr7 or reg1set or reg1w or debugexact;
end;
2: begin
ct.Dr2:=address;
ct.dr7:=ct.dr7 or reg2set or reg2w or debugexact;
end;
3: begin
ct.Dr3:=address;
ct.dr7:=ct.dr7 or reg3set or reg3w or debugexact;
end;
end;
inc(address);
dec(size);
inc(regsinuse);
end;
var rd: dword;
tmp: byte;
resourcestring strOpcodeChanged='The following opcodes changed the selected address';
begin
//check if you can read address to address+size
if not (formsettings.rbDebugRegisters.checked or formsettings.cbKDebug.checked) then
begin
readprocessmemory(processhandle,pointer(address),@tmp,1,rd);
if rd<>1 then raise exception.Create(strAddressHasToBeReadable);
end;
if foundcodedialog<>nil then raise exception.Create('The debugger is already trying to find out what reads,writes or accesses a certain address. First close the other window');
if debuggerthread2<>nil then raise exception.create('Please stop any other debugger option before enabling this option');
foundcodedialog:=TFoundcodedialog.create(self);
foundcodedialog.Caption:=strOpcodeChanged;
foundcodedialog.btnOK.caption:=strstop;
if formsettings.cbKdebug.checked and (debuggerthread=nil) then
if not DebugProcess(processid,address,size,2) then raise exception.Create(strFailedToInitialize);
olda:=address;
olds:=size;
zeromemory(@ct,sizeof(ct));
ct.ContextFlags:=CONTEXT_DEBUG_REGISTERS;
if formsettings.rbDebugRegisters.checked then
begin
foundcodedialog.useexceptions:=false;
regsinuse:=0;
ct.dr7:=0;
while (regsinuse<4) and (size>0) do
begin
if size>=4 then
begin
if (address mod 4)>0 then
begin
if (address mod 2)>0 then
begin
set1bytebreak; //watch on a byte
continue;
end
else
begin
set2bytebreak;
continue;
end;
end
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -