📄 pointerscannerfrm.pas.svn-base
字号:
staticscanner.start:=frmpointerscannersettings.start;
staticscanner.stop:=frmpointerscannersettings.Stop;
staticscanner.filterstart:=frmpointerscannersettings.FilterStart;
staticscanner.filterstop:=frmpointerscannersettings.FilterStop;
if staticscanner.reverse then
staticscanner.unalligned:=not frmpointerscannersettings.CbAlligned.checked
else
staticscanner.unalligned:=frmpointerscannersettings.unalligned;
staticscanner.codescan:=frmpointerscannersettings.codescan;
staticscanner.staticonly:=frmpointerscannersettings.cbStaticOnly.checked;
staticscanner.automatic:=true;
staticscanner.automaticaddress:=frmpointerscannersettings.automaticaddress;
staticscanner.sz:=frmpointerscannersettings.structsize;
staticscanner.sz0:=frmpointerscannersettings.level0structsize;
staticscanner.maxlevel:=frmpointerscannersettings.maxlevel;
staticscanner.method2:=true;
staticscanner.method3:=true;
staticscanner.fast:=frmpointerscannersettings.CheckBox1.Checked;
staticscanner.psychotic:=frmpointerscannersettings.psychotic;
staticscanner.writableonly:=frmpointerscannersettings.writableonly;
staticscanner.unallignedbase:=frmpointerscannersettings.unallignedbase;
staticscanner.reuse:=frmpointerscannersettings.cbreuse.checked;
staticscanner.progressbar:=progressbar1;
staticscanner.threadcount:=frmpointerscannersettings.threadcount;
staticscanner.scannerpriority:=frmpointerscannersettings.scannerpriority;
progressbar1.Max:=staticscanner.stop-staticscanner.start;
open1.Enabled:=false;
staticscanner.starttime:=gettickcount;
staticscanner.Resume;
if staticscanner.reverse then
begin
label10.visible:=false;
label3.Visible:=false;
label4.Visible:=false;
label12.Visible:=false;
label7.Visible:=false;
label9.Visible:=false;
label14.Visible:=false;
label15.Visible:=false;
end
else
begin
label10.visible:=true;
label3.Visible:=true;
label4.Visible:=true;
label12.Visible:=true;
label7.Visible:=true;
label8.Visible:=true;
label14.Visible:=true;
label15.Visible:=true;
end;
panel2.Visible:=true;
except
staticscanner.Free;
staticscanner:=nil;
end;
end;
end;
procedure Tfrmpointerscanner.Timer2Timer(Sender: TObject);
var i,j,l: integer;
s: string;
a: string;
smallestaddress: dword;
todo: dword;
done: dword;
donetime,todotime: integer;
oneaddresstime: double;
_h,_m,_s: integer;
begin
// label6.Caption:=inttostr(fcount);
// label23.Caption:=inttostr(scount);
label8.Caption:=inttostr(continued);
label2.Caption:=inttostr(pointersfound);
label13.caption:=inttostr(skipped);
if staticscanner<>nil then
try
if staticscanner.reverse then
begin
label2.Caption:=inttostr(scount)+' of '+inttostr(fcount);
if staticscanner.phase=2 then
begin
//calculate time left
todo:=dword(staticscanner.lastaddress)-dword(staticscanner.currentaddress);
done:=dword(staticscanner.currentaddress)-dword(staticscanner.firstaddress);
end;
end
else
begin
l:=length(staticscanner.method2scanners);
s:=inttostr(l);
a:='';
j:=0;
for i:=0 to l-1 do
begin
if staticscanner.method2scanners[i].isdone then inc(j);
if i=0 then smallestaddress:=staticscanner.method2scanners[i].address
else
if staticscanner.method2scanners[i].address<smallestaddress then smallestaddress:=staticscanner.method2scanners[i].address;
a:=a+' '+inttostr(i)+':'+inttohex(staticscanner.method2scanners[i].address,8);
end;
label11.caption:=s+' ('+inttostr(j)+')'+a;
label15.Caption:=inttohex(smallestaddress,8);
if staticscanner.phase=2 then
begin
//calculate time left
todo:=staticscanner.stop-dword(staticscanner.currentpos);
done:=dword(staticscanner.currentpos)-staticscanner.start;
end;
end;
if staticscanner.phase=2 then
begin
label18.Caption:='Scanning';
donetime:=gettickcount-staticscanner.starttime; //time(in ms) it did about 'done' addresses
oneaddresstime:=donetime/done;
todotime:=trunc(todo*oneaddresstime);
_h:=todotime div 3600000;
todotime:=todotime mod 3600000;
_m:=todotime div 60000;
todotime:=todotime mod 60000;
_s:=todotime div 1000;
label19.Caption:=inttostr(_h)+':'+inttostr(_m)+':'+inttostr(_s);
end
else
label18.caption:='Copying memory';
except
label11.caption:='0 (0)';
end else label18.Caption:='Idle';
label4.Caption:=inttostr(scanaddresscount);
end;
procedure Tfrmpointerscanner.Showresults1Click(Sender: TObject);
begin
panel1.caption:='There are '+inttostr(pointersfound)+' pointers in the list';
if pointersfound>15000 then
if messagedlg('This is a huge ammount of pointers. ('+inttostr(pointersfound)+') Are you sure you want to show them? (It''ll take a while to update the list)',mtconfirmation,[mbyes,mbno],0)<>mryes then exit;
drawtreeview;
end;
procedure Tfrmpointerscanner.Save1Click(Sender: TObject);
var y: tfilestream;
begin
if savedialog1.execute then
begin
y:=tfilestream.Create(savedialog1.FileName,fmcreate);
try
y.CopyFrom(pointerlist,0);
finally
y.free;
end;
end;
end;
procedure Tfrmpointerscanner.Open1Click(Sender: TObject);
var x: tfilestream;
offset: dword;
offsetsize: dword;
offsetlist: array of dword;
stringlength: dword;
s: pchar;
ssize: dword;
st: string;
begin
ssize:=0;
setlength(offsetlist,10);
if opendialog1.Execute then
begin
if staticscanner=nil then
begin
staticscanner:=tstaticscanner.Create(true);
staticscanner.Terminate;
staticscanner.Resume;
end;
setlength(staticscanner.filenames,1);
staticscanner.filenames[0]:=opendialog1.FileName;
pointersfound:=0;
x:=tfilestream.Create(opendialog1.FileName,fmopenread);
getmem(s,100);
ssize:=100;
try
while x.Position<x.Size do
begin
x.ReadBuffer(stringlength,sizeof(stringlength));
if ssize<=stringlength then
begin
freemem(s);
getmem(s,stringlength+1);
ssize:=stringlength+1;
end;
x.ReadBuffer(s^,stringlength);
s[stringlength]:=#0;
x.ReadBuffer(offset,sizeof(offset));
x.ReadBuffer(offsetsize,sizeof(offsetsize));
if length(offsetlist)<(offsetsize+1) then
setlength(offsetlist,offsetsize*2);
x.ReadBuffer(offsetlist[0],offsetsize*sizeof(offsetlist[0]));
inc(pointersfound);
end;
finally
x.free;
freemem(s);
end;
loadpointers;
doneui;
showresults1.Enabled:=true;
Rescanmemory1.Enabled:=true;
Save1.Enabled:=true;
new1.Enabled:=true;
showresults1.Click;
end;
end;
procedure TRescanpointers.execute;
var offsetsize: dword;
offsetlist: array of dword;
x,br: dword;
i: integer;
mi: TModuleInfo;
stringlength: dword;
ssize: dword;
s: pchar;
offset: dword;
begin
pointersfound:=0;
newpointerlist:=tmemorystream.Create;
oldpointerlist.Seek(0,sofrombeginning);
progressbar.Min:=0;
progressbar.Max:=oldpointerlist.Size;
getmem(s,100);
ssize:=100;
setlength(offsetlist,10);
while oldpointerlist.Position<oldpointerlist.Size do
begin
oldpointerlist.ReadBuffer(stringlength,sizeof(stringlength));
if ssize<=stringlength then
begin
freemem(s);
getmem(s,stringlength+1);
ssize:=stringlength+1;
end;
oldpointerlist.ReadBuffer(s^,stringlength);
s[stringlength]:=#0;
oldpointerlist.ReadBuffer(offset,sizeof(offset));
oldpointerlist.ReadBuffer(offsetsize,sizeof(offsetsize));
if length(offsetlist)<(offsetsize+1) then
setlength(offsetlist,offsetsize*2);
oldpointerlist.ReadBuffer(offsetlist[0],offsetsize*sizeof(offsetlist[0]));
//now check if it matches, and if so, save it back to the newpointerlist
try
x:=symhandler.getAddressFromName(s,true)+offset;
for i:=0 to offsetsize-1 do
begin
if not readprocessmemory(processhandle,pointer(x),@x,sizeof(x),br) then
begin
progressbar.Position:=oldpointerlist.Position;
x:=address+1;
break;
end;
inc(x,offsetlist[i]);
end;
if x=address then
begin
newpointerlist.WriteBuffer(stringlength,sizeof(stringlength));
newpointerlist.WriteBuffer(s^,stringlength);
newpointerlist.WriteBuffer(offset,sizeof(offset));
newpointerlist.WriteBuffer(offsetsize,sizeof(offsetsize));
newpointerlist.WriteBuffer(offsetlist[0],offsetsize*sizeof(offsetlist[0]));
inc(pointersfound);
end;
except
//not valid, so dont save
end;
progressbar.Position:=oldpointerlist.Position;
end;
postmessage(frmPointerScanner.Handle,rescan_done,0,0);
end;
procedure Tfrmpointerscanner.Rescanmemory1Click(Sender: TObject);
var address: dword;
saddress: string;
begin
saddress:='';
if inputquery('Rescan pointers','What is the current address?',saddress) then
begin
address:=strtoint('$'+saddress);
Rescanmemory1.Enabled:=false;
Save1.Enabled:=false;
new1.Enabled:=false;
showresults1.Enabled:=false;
//rescan the pointerlist
rescan:=trescanpointers.create(true);
rescan.progressbar:=progressbar1;
rescan.oldpointerlist:=pointerlist;
rescan.address:=address;
rescan.resume;
end;
end;
procedure tfrmpointerscanner.rescandone(var message: tmessage);
begin
pointerlist.free;
pointerlist:=rescan.newpointerlist;
rescan.free;
doneui;
showresults1.Enabled:=true;
Rescanmemory1.Enabled:=true;
Save1.Enabled:=true;
new1.Enabled:=true;
showresults1.Click;
end;
procedure Tfrmpointerscanner.Button1Click(Sender: TObject);
begin
if staticscanner<>nil then
begin
staticscanner.Terminate;
staticscanner.WaitFor;
end;
end;
procedure Tfrmpointerscanner.FormClose(Sender: TObject;
var Action: TCloseAction);
var i,j: integer;
begin
// if frmpointerscannersettings<>nil then freeandnil(frmpointerscannersettings);
if drawtreeviewthread<>nil then
begin
drawtreeviewthread.Terminate;
drawtreeviewthread.WaitFor;
drawtreeviewthread.free;
drawtreeviewthread:=nil;
end;
button1.click;
staticscanner.Free;
staticscanner:=nil;
if vm<>nil then
vm.free;
setlength(staticlist,0);
setlength(dissectedpointersLevelpos,0);
setlength(dissectedpointersLevel,0);
for i:=0 to length(dissectedpointersLevelMREWS)-1 do
if dissectedpointersLevelMREWS[i]<>nil then
freeandnil(dissectedpointersLevelMREWS[i]);
setlength(dissectedpointersLevelMREWS,0);
for i:=0 to length(treenodeswithchildren)-1 do
freeandnil(treenodeswithchildren[i]);
setlength(treenodeswithchildren,0);
if matchednodescs<>nil then freeandnil(matchednodescs);
for i:=0 to length(matchednodes)-1 do
setlength(matchednodes[i],0);
setlength(matchednodes,0);
TreeView2.Items.Clear;
for i:=0 to length(PossiblepathsLevelMREWS)-1 do
freeandnil(PossiblepathsLevelMREWS[i]);
setlength(PossiblepathsLevelMREWS,0);
for i:=0 to length(possiblepathsLevel)-1 do
setlength(possiblepathsLevel[i],0);
setlength(possiblepathsLevel,0);
setlength(possiblepathsLevelpos,0);
if (method2semaphore<>nil) then
freeandnil(method2semaphore);
action:=cafree;
frmpointerscanner:=nil;
end;
procedure Tfrmpointerscanner.FormShow(Sender: TObject);
begin
label9.Left:=0;
label9.Top:=frmPointerScanner.ClientHeight-progressbar1.Height;
end;
procedure Tfrmpointerscanner.openscanner(var message: tmessage);
begin
if frmpointerscannersettings=nil then
frmpointerscannersettings:=tfrmpointerscannersettings.create(nil);
frmpointerscannersettings.edtAddress.text:=inttohex(message.WParam,8);
Method3Fastspeedandaveragememoryusage1.Click;
end;
procedure Tfrmpointerscanner.TreeView2DblClick(Sender: TObject);
var base :ttreenode;
baseaddress: dword;
offsets: array of dword;
i: integer;
t: string;
begin
base:=treeview2.Selected;
if base<>nil then
begin
if base.Level=1 then
base:=base.Parent;
t:=base.Text;
baseaddress:=symhandler.getAddressFromName(t);
setlength(offsets,base.count);
base:=base.getFirstChild;
i:=length(offsets)-1;
while base<>nil do
begin
offsets[i]:=strtoint('$'+base.Text);
base:=base.GetNextsibling;
dec(i);
end;
mainform.addaddress('pointerscan result',baseaddress,offsets,length(offsets),true,2,0,0,false);
mainform.memrec[length(mainform.memrec)-1].pointers[length(mainform.memrec[length(mainform.memrec)-1].pointers)-1].Interpretableaddress:=t;
end;
end;
procedure Tfrmpointerscanner.New1Click(Sender: TObject);
begin
button1.Click;
treeview2.Visible:=false;
panel2.Visible:=false;
panel1.Caption:='';
open1.Enabled:=true;
new1.enabled:=true;
save1.Enabled:=false;
rescanmemory1.Enabled:=false;
showresults1.enabled:=false;
if vm<>nil then
freeandnil(vm);
end;
end.
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -