API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Dec 21st, 2016
32
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
C++ 4.54 KB | None | 0 0
raw download clone embed print report
  1. #include <Windows.h>
  2. #include <iostream>
  3. using namespace std;
  4.  
  5. //---------------------Defines-------------------\\
  6.  
  7. #define HWBP_LOCAL      1
  8. #define HWBP_GLOBAL     2
  9.  
  10. #define HWBP_EXECUTE    0
  11. #define HWBP_WRITE      1
  12. #define HWBP_READWRITE  3
  13.  
  14. #define HWBP_BYTE       0
  15. #define HWBP_WORD       1
  16. #define HWBP_DWORD      3
  17.  
  18. typedef struct {
  19.     ULONG   HWBP0_MODE : 2;
  20.     ULONG   HWBP1_MODE : 2;
  21.     ULONG   HWBP2_MODE : 2;
  22.     ULONG   HWBP3_MODE : 2;
  23.     ULONG   LE : 1;
  24.     ULONG   GE : 1;
  25.     ULONG   __unused : 6;
  26.     ULONG   HWBP0_ACCESS : 2;
  27.     ULONG   HWBP0_LENGTH : 2;
  28.     ULONG   HWBP1_ACCESS : 2;
  29.     ULONG   HWBP1_LENGTH : 2;
  30.     ULONG   HWBP2_ACCESS : 2;
  31.     ULONG   HWBP2_LENGTH : 2;
  32.     ULONG   HWBP3_ACCESS : 2;
  33.     ULONG   HWBP3_LENGTH : 2;
  34. }DR7;
  35.  
  36. typedef struct {
  37.     ULONG   CF : 1;
  38.     ULONG   __unused0 : 1;
  39.     ULONG   PF : 1;
  40.     ULONG   __unused1 : 1;
  41.     ULONG   AF : 1;
  42.     ULONG   __unused2 : 1;
  43.     ULONG   ZF : 1;
  44.     ULONG   SF : 1;
  45.     ULONG   TF : 1;
  46.     ULONG   IF : 1;
  47.     ULONG   DF : 1;
  48.     ULONG   OF : 1;
  49.     ULONG   IOPL : 2;
  50.     ULONG   __unused3 : 1;
  51.     ULONG   RF : 1;
  52.     ULONG   VM : 1;
  53.     ULONG   AC : 1;
  54.     ULONG   VIF : 1;
  55.     ULONG   VIP : 1;
  56.     ULONG   ID : 1;
  57.     ULONG   __unused4 : 10;
  58. }EFLAGS;
  59. //----------------------------------------------\\
  60.  
  61.  
  62.  
  63. //-------------------Main Functions--------------\\
  64.  
  65. bool SetHWBP(HANDLE hThread, unsigned int linearAddress, int type, int length, int count)
  66. {
  67.     CONTEXT context = { CONTEXT_ALL | CONTEXT_DEBUG_REGISTERS };
  68.     DR7 dr7;
  69.  
  70.     if (GetThreadContext(hThread, &context))
  71.     {
  72.         dr7 = *(DR7*)&context.Dr7;
  73.         switch (count)
  74.         {
  75.         case 0:
  76.         {
  77.             context.Dr0 = linearAddress;
  78.             dr7.HWBP0_MODE = HWBP_LOCAL;
  79.             dr7.HWBP0_LENGTH = length;
  80.             dr7.HWBP0_ACCESS = type;
  81.             break;
  82.         };
  83.         case 1:
  84.         {
  85.             context.Dr1 = linearAddress;
  86.             dr7.HWBP1_MODE = HWBP_LOCAL;
  87.             dr7.HWBP1_LENGTH = length;
  88.             dr7.HWBP1_ACCESS = type;
  89.             break;
  90.         };
  91.         case 2:
  92.         {
  93.             context.Dr2 = linearAddress;
  94.             dr7.HWBP2_MODE = HWBP_LOCAL;
  95.             dr7.HWBP2_LENGTH = length;
  96.             dr7.HWBP2_ACCESS = type;
  97.             break;
  98.         };
  99.         case 3:
  100.         {
  101.             context.Dr3 = linearAddress;
  102.             dr7.HWBP3_MODE = HWBP_LOCAL;
  103.             dr7.HWBP3_LENGTH = length;
  104.             dr7.HWBP3_ACCESS = type;
  105.             break;
  106.         };
  107.         default:
  108.             return false;
  109.         };
  110.         context.Dr7 = *(PDWORD)&dr7;
  111.         return SetThreadContext(hThread, &context);
  112.     };
  113.     return false;
  114. };
  115.  
  116. bool RemoveHWBP(HANDLE hThread, int count)
  117. {
  118.     CONTEXT context = { CONTEXT_ALL | CONTEXT_DEBUG_REGISTERS };
  119.     DR7 dr7;
  120.  
  121.     if (GetThreadContext(hThread, &context))
  122.     {
  123.         dr7 = *(DR7*)&context.Dr7;
  124.         switch (count)
  125.         {
  126.         case 0:
  127.         {
  128.             context.Dr0 = 0;
  129.             dr7.HWBP0_MODE = 0;
  130.             break;
  131.         };
  132.         case 1:
  133.         {
  134.             context.Dr1 = 0;
  135.             dr7.HWBP1_MODE = 0;
  136.             break;
  137.         };
  138.         case 2:
  139.         {
  140.             context.Dr2 = 0;
  141.             dr7.HWBP2_MODE = 0;
  142.             break;
  143.         };
  144.         case 3:
  145.         {
  146.             context.Dr3 = 0;
  147.             dr7.HWBP3_MODE = 0;
  148.             break;
  149.         };
  150.         default:
  151.             return false;
  152.         };
  153.         context.Dr7 = *(PDWORD)&dr7;
  154.         return SetThreadContext(hThread, &context);
  155.     };
  156.     return false;
  157. };
  158.  
  159. void GetRegister(CONTEXT *context)
  160. {
  161.     DWORD Register;
  162.     if (context->Eip == 0x014BD4D1) //EIP Register always pointing At The Address Number (0x014BD4D1 is The Address)
  163.     {
  164.         cout << hex << context->Ebp << endl;
  165.         cout << hex << context->Esp << endl;
  166.     };
  167. };
  168. //--------------------------------------------------\\
  169.  
  170. int main()
  171. {
  172.     DEBUG_EVENT DebugEvent;
  173.     DWORD EventCode;
  174.     DWORD ExceptionCode;
  175.  
  176.     HWND Window = FindWindow(NULL, L"GameWindow");
  177.     if (Window == NULL)
  178.     {
  179.         cout << "Couldn't Find The Window" << endl;
  180.     }
  181.     DWORD ProcessID;
  182.     GetWindowThreadProcessId(Window, &ProcessID);
  183.     HANDLE handel = OpenProcess(PROCESS_ALL_ACCESS, FALSE, ProcessID);
  184.     if (ProcessID == NULL)
  185.     {
  186.         cout << "Couldn't Open The Process" << endl;
  187.     }
  188.     bool Debug_Active_Process = DebugActiveProcess(ProcessID);
  189.     if (Debug_Active_Process)
  190.     {
  191.         while (Debug_Active_Process)
  192.         {
  193.             WaitForDebugEvent(&DebugEvent, INFINITE);
  194.             EventCode = DebugEvent.dwDebugEventCode;
  195.             ExceptionCode = DebugEvent.u.Exception.ExceptionRecord.ExceptionCode;
  196.             switch (ExceptionCode)
  197.             {
  198.             case EXCEPTION_DEBUG_EVENT:
  199.             {
  200.                 if (EXCEPTION_SINGLE_STEP == ExceptionCode)
  201.                 {
  202.                     HANDLE hThread = OpenThread(THREAD_ALL_ACCESS, false, DebugEvent.dwThreadId);
  203.                     if (hThread)
  204.                     {
  205.                         CONTEXT context = { CONTEXT_ALL | CONTEXT_DEBUG_REGISTERS | CONTEXT_CONTROL };
  206.                         if (GetThreadContext(hThread, &context))
  207.                         {
  208.                             if ((context.Dr6 & (1 << 0)))
  209.                             {
  210.                                 GetRegister(&context);
  211.                                 RemoveHWBP(hThread, 0);
  212.                             }
  213.  
  214.                         };
  215.                         CloseHandle(hThread);
  216.                     };
  217.                 };
  218.             };
  219.             ContinueDebugEvent(ProcessID, DebugEvent.dwThreadId, DBG_CONTINUE);
  220.             };
  221.         };
  222.     };
  223. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!