📄 debugger.pas.svn-base
字号:
begin
attached:=true;
attaching:=false;
synchronize(ProcessCreated);
end;
debugging:=ContinueDebugEvent(devent.dwProcessId,devent.dwThreadId,DBG_CONTINUE);
continue;
end;
end;
if attached and {hidedebugger and} (not userisdebugging) then
if readprocessmemory(newprocesses[currentprocess].processhandle,pointeR(context.eip-1),@ab,1,a) then
begin
if ab=int3 then
begin
if (not createaprocess) or (creationHandled) then
begin
if (context.Eip-1)<>DbgBreakPointLocation then
begin
if handlebreakpoints then
debugging:=ContinueDebugEvent(devent.dwProcessId,devent.dwThreadId,DBG_CONTINUE)
else
debugging:=ContinueDebugEvent(devent.dwProcessId,devent.dwThreadId,DBG_EXCEPTION_NOT_HANDLED);
outputdebugstring('err1');
continue;
end;
end;
end;
end;
if not attached then
begin
attached:=true;
attaching:=false;
synchronize(ProcessCreated);
end;
i:=0;
//find out what exception it is
if devent.Exception.ExceptionRecord.ExceptionCode=EXCEPTION_BREAKPOINT then
begin
if userisdebugging then
begin
//check if this is a exception breakpoint that was made by cheat engine
addressfound:=dword(devent.Exception.ExceptionRecord.ExceptionAddress);
found:=(int3CEBreakpoint.address=addressfound);
crdebugging.enter;
try
for i:=0 to length(int3userbreakpoints)-1 do
if (int3userbreakpoints[i].address=addressfound) then found:=true;
finally
crdebugging.Leave;
end;
if found or createdusingprocesswindow then
begin
//we have a confirmation....
//set the byte back
if not createdusingprocesswindow then
removebreakpoint;
createdusingprocesswindow:=false;
if int3CEBreakpoint.address=addressfound then
begin
int3CEBreakpoint.address:=0;
int3CEBreakpoint.originalbyte:=0;
end;
//set eip back
dec(context.Eip);
notinlist:=true;
crdebugging.enter;
try
for i:=0 to length(registermodificationBPs)-1 do
begin
if registermodificationBPs[i].address=context.eip then
begin
notinlist:=false;
//modify the context of this thread according to the data in registermodificationBPs[i]
if registermodificationBPs[i].change_eax then context.Eax:=registermodificationBPs[i].new_eax;
if registermodificationBPs[i].change_ebx then context.Ebx:=registermodificationBPs[i].new_ebx;
if registermodificationBPs[i].change_ecx then context.Ecx:=registermodificationBPs[i].new_ecx;
if registermodificationBPs[i].change_edx then context.Edx:=registermodificationBPs[i].new_edx;
if registermodificationBPs[i].change_esi then context.Esi:=registermodificationBPs[i].new_esi;
if registermodificationBPs[i].change_edi then context.Edi:=registermodificationBPs[i].new_edi;
if registermodificationBPs[i].change_ebp then context.Ebp:=registermodificationBPs[i].new_ebp;
if registermodificationBPs[i].change_esp then context.Esp:=registermodificationBPs[i].new_esp;
if registermodificationBPs[i].change_eip then context.Eip:=registermodificationBPs[i].new_eip;
if registermodificationBPs[i].change_cf then
if registermodificationBPs[i].new_cf then
context.EFlags:=context.EFlags or $1 //enable the bit
else
context.EFlags:=context.EFlags and (not $1);
if registermodificationBPs[i].change_pf then
if registermodificationBPs[i].new_pf then
context.EFlags:=context.EFlags or $4 //enable the bit
else
context.EFlags:=context.EFlags and (not $4);
if registermodificationBPs[i].change_af then
if registermodificationBPs[i].new_af then
context.EFlags:=context.EFlags or $10 //enable the bit
else
context.EFlags:=context.EFlags and (not $10);
if registermodificationBPs[i].change_zf then
if registermodificationBPs[i].new_zf then
context.EFlags:=context.EFlags or $40 //enable the bit
else
context.EFlags:=context.EFlags and (not $40);
if registermodificationBPs[i].change_sf then
if registermodificationBPs[i].new_sf then
context.EFlags:=context.EFlags or $80 //enable the bit
else
context.EFlags:=context.EFlags and (not $80);
if registermodificationBPs[i].change_of then
if registermodificationBPs[i].new_of then
context.EFlags:=context.EFlags or $800 //enable the bit
else
context.EFlags:=context.EFlags and (not $800);
context.ContextFlags:=CONTEXT_FULL;
setthreadcontext(pausedthreadhandle,context);
SetSingleStepping(devent.dwThreadId);
debugging:=ContinueDebugEvent(devent.dwProcessId,devent.dwThreadId,DBG_CONTINUE);
j:=devent.dwThreadId;
if not WaitForDebugEvent(devent,10000) then application.MessageBox('userbreakpoint bug','Cheat Engine Debugger',0);
while j<>devent.dwthreadid do
begin
debugging:=ContinueDebugEvent(devent.dwProcessId,devent.dwThreadId,DBG_CONTINUE);
if not WaitForDebugEvent(devent,10000) then application.MessageBox('userbreakpoint bug','Cheat Engine Debugger',0);
end;
resetbreakpoint;
debugging:=ContinueDebugEvent(devent.dwProcessId,devent.dwThreadId,DBG_CONTINUE);
break;
end;
end; //registermodificiation loop
finally
crdebugging.Leave;
end;
if (traceaddress<>0) and (self.traceaddress=dword(devent.Exception.ExceptionRecord.ExceptionAddress)) then //do tracecount steps
begin
context.ContextFlags:=CONTEXT_FULL;
setthreadcontext(pausedthreadhandle,context);
if tracecount>0 then
begin
debugging:=tracer(devent);
tracecount:=0;
end else debugging:=ContinueDebugEvent(devent.dwProcessId,devent.dwThreadId,DBG_CONTINUE);
resetbreakpoint;
continue;
end;
if not notinlist then continue; //exit, we've done what was needed
context.ContextFlags:=CONTEXT_FULL;
setthreadcontext(pausedthreadhandle,context);
continueprocess:=false;
continuehow:=0;
suspendallthreads;
synchronize(updateregisters);
running:=false;
while not continueprocess do sleep(10);
WaitForSingleObject(semaphore,infinite);
running:=true; //meaning, keep your fucking hands of the registers
resumeallthreads;
//make a step
SetSingleStepping(devent.dwThreadId);
debugging:=ContinueDebugEvent(devent.dwProcessId,devent.dwThreadId,DBG_CONTINUE);
j:=devent.dwThreadId;
if not WaitForDebugEvent(devent,10000) then application.MessageBox('userbreakpoint bug','Cheat Engine Debugger',0);
while j<>devent.dwthreadid do
begin
debugging:=ContinueDebugEvent(devent.dwProcessId,devent.dwThreadId,DBG_CONTINUE);
if not WaitForDebugEvent(devent,10000) then application.MessageBox('userbreakpoint bug','Cheat Engine Debugger',0);
end;
//set the breakpoint back if needed
resetbreakpoint;
releasesemaphore(semaphore,1,nil);
if continuehow=1 then //it was a step, so
begin
continueprocess:=false;
continuehow:=0;
suspendallthreads;
for j:=0 to length(threadlist)-1 do
if threadlist[j,0]=devent.dwThreadId then
begin
context.ContextFlags:=CONTEXT_FULL;
getthreadcontext(threadlist[j,1],context);
pausedthreadhandle:=threadlist[j,1];
break;
end;
synchronize(updateregisters);
running:=true; //meaning, keep your fucking hands of the registers
while not continueprocess do sleep(10);
running:=true; //meaning, keep your fucking hands of the registers
resumeallthreads;
//make a step
if continuehow=1 then SetSingleStepping(devent.dwThreadId);
end;
end;
debugging:=ContinueDebugEvent(devent.dwProcessId,devent.dwThreadId,DBG_CONTINUE);
continue;
end;
debugging:=ContinueDebugEvent(devent.dwProcessId,devent.dwThreadId,DBG_CONTINUE);
Outputdebugstring(pchar('Breakpoint:'+IntToHex(dword(devent.Exception.ExceptionRecord.ExceptionAddress),8)));
continue;
end;
//check if it is because the single stepping mode is enabled
if devent.Exception.ExceptionRecord.ExceptionCode=EXCEPTION_SINGLE_STEP then
begin //it is in single step mode
//--added
if (traceaddress<>0) and (dword(devent.Exception.ExceptionRecord.ExceptionAddress)=traceaddress) then
begin
RemoveBreakpoint;
if tracecount>0 then
debugging:=tracer(devent)
else
debugging:=ContinueDebugEvent(devent.dwProcessId,devent.dwThreadId,DBG_CONTINUE);
tracecount:=0;
ResetBreakpoint;
continue;
end;
if findwriter2 then
begin
addressfound:=dword(devent.Exception.ExceptionRecord.ExceptionAddress);
offset:=addressfound;
opcode:=disassemble(offset,desc);
if pos('REP',opcode)>0 then
begin
if context.Ecx=0 then addressfound:=previousopcode(addressfound);
end else
addressfound:=previousopcode(addressfound);
//check if the address is in the list
notinlist:=true;
try
{$ifndef net}
for i:=0 to length(foundcodedialog.coderecords)-1 do
if foundcodedialog.coderecords[i].address=addressfound then //if it is in the list then set notinlist to false and go out of the loop
begin
notinlist:=false;
break;
end;
{$else}
//check if it is in the list
for i:=0 to length(coderecords)-1 do
if coderecords[i]=addressfound then
begin
notinlist:=false;
break;
end;
{$endif}
except
//list got shortened or invalid
end;
if notinlist then synchronize(foundone); //add this memory address to the foundcode window.
end;
if findreaderset then
begin
WaitForSingleObject(semaphore,infinite);
if findreaderset then VirtualProtectEx(processhandle,pointer(findreader.Address),findreader.size,PAGE_NOACCESS,original);
releasesemaphore(semaphore,1,nil);
end;
if breakpointset then
begin
if breakpointaddress=dword(devent.Exception.ExceptionRecord.ExceptionAddress) then
begin
//find out what the address points to
offset:=breakpointaddress;
opcode:=disassemble(offset,desc);
fb:=pos('[',opcode);
if fb>0 then
begin
nb:=pos(']',opcode);
if nb>fb then //just a simple check to verify the opcode is ok
begin
temps:=copy(opcode,fb+1,nb-fb-1);
//lastbreakpoint:=address;
synchronize(addtochangeslist);
//and add that address to a list
removebreakpoint;
SetSingleStepping(devent.dwThreadId);
debugging:=ContinueDebugEvent(devent.dwProcessId,devent.dwThreadId,DBG_CONTINUE);
if WaitForDebugEvent(devent,10000)=false then application.MessageBox('error2-3','error2-3',0);
while devent.Exception.ExceptionRecord.ExceptionCode<>EXCEPTION_SINGLE_STEP do
begin
if devent.dwDebugEventCode=EXCEPTION_DEBUG_EVENT then
begin
//I hate it when this happens
debugging:=ContinueDebugEvent(devent.dwProcessId,devent.dwThreadId,DBG_EXCEPTION_NOT_HANDLED);
outputdebugstring('err2');
break;
end;
end;
if breakpointset then resetbreakpoint;
end;
end;
end;
end;
if userisdebugging then
begin
//got a breakpoint
//set the breakpoint
if not canusedebugregs then
removebreakpoint;
if (canusedebugregs) and (drregs.dr3=context.Eip) then
begin
drregs.Dr3:=0;
resetbreakpoint;
end;
//check if it is a regmodification bp
crdebugging.Enter;
try
notinlist:=true;
for i:=0 to length(registermodificationBPs)-1 do
begin
if registermodificationBPs[i].address=context.eip then
begin
notinlist:=false;
//modify the context of this thread according to the data in registermodificationBPs[i]
if registermodificationBPs[i].change_eax then context.Eax:=registermodificationBPs[i].new_eax;
if registermodificationBPs[i].change_ebx then context.Ebx:=registermodificationBPs[i].new_ebx;
if registermodificationBPs[i].change_ecx then context.Ecx:=registermodificationBPs[i].new_ecx;
if registermodificationBPs[i].change_edx then context.Edx:=registermodificationBPs[i].new_edx;
if registermodificationBPs[i].change_esi then context.Esi:=registermodificationBPs[i].new_esi;
if registermodificationBPs[i].change_edi then context.Edi:=registermodificationBPs[i].new_edi;
if registermodificationBPs[i].change_ebp then context.Ebp:=registermodificationBPs[i].new_ebp;
if registermodificationBPs[i].change_esp then context.Esp:=registermodificationBPs[i].new_esp;
if registermodificationBPs[i].change_eip then context.Eip:=registermodificationBPs[i].new_eip;
if registermodificationBPs[i].change_cf then
if registermodificationBPs[i].new_cf then
context.EFlags:=context.EFlags or $1 //enable the bit
else
context.EFlags:=context.EFlags and (not $1);
if registermodificationBPs[i].change_pf then
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -