fix ddkwork/debuger#10

ddkwork · Nov 24, 2024 · 267928a · 267928a
1 parent caae0ae
commit 267928a
Show file tree

Hide file tree

Showing 2 changed files with 175 additions and 1 deletion.
diff --git a/sdk/api.go b/sdk/api.go
@@ -0,0 +1,97 @@
+package sdk
+
+import "unsafe"
+
+type API interface {
+	init()
+	DetectVmxSupport() Boolean
+	ReadVendorString(arg0 *Char)
+	LoadVmm() Int
+	UnloadVmm() Int
+	InstallVmmDriver() Int
+	UninstallVmmDriver() Int
+	StopVmmDriver() Int
+	TestCommandParser(command *Char, number_of_tokens Uint32, tokens_list **Char, failed_token_num *Uint32, failed_token_position *Uint32) Boolean
+	TestCommandParserShowTokens(command *Char)
+	SetupPathForFilename(filename *Char, file_location *Char, buffer_len Uint32, check_file_existence Boolean) Boolean
+	RunCommand(command *Char) Int
+	ShowSignature()
+	SetTextMessageCallback(handler unsafe.Pointer)
+	SetTextMessageCallbackUsingSharedBuffer(handler unsafe.Pointer) unsafe.Pointer
+	UnsetTextMessageCallback()
+	ScriptReadFileAndExecuteCommandline(argc Int, argv **Char) Int
+	ContinuePreviousCommand() Boolean
+	CheckMultilineCommand(current_command *Char, reset Boolean) Boolean
+	SetCustomDriverPath(driver_file_path *Char, driver_name *Char) Boolean
+	UseDefaultDriverPath()
+	ConnectLocalDebugger()
+	ConnectRemoteDebugger(ip *Char, port *Char) Boolean
+	ConnectRemoteDebuggerUsingComPort(port_name *Char, baudrate Dword, pause_after_connection Boolean) Boolean
+	ConnectRemoteDebuggerUsingNamedPipe(named_pipe *Char, pause_after_connection Boolean) Boolean
+	ConnectCurrentDebuggerUsingComPort(port_name *Char, baudrate Dword) Boolean
+	DebugCloseRemoteDebugger() Boolean
+	GetKernelBase() Uint64
+	ReadMemory(target_address Uint64, memory_type DebuggerReadMemoryType, reading_Type DebuggerReadReadingType, pid Uint32, size Uint32, get_address_mode Boolean, address_mode *DebuggerReadMemoryAddressMode, target_buffer_to_store *Byte, return_length *Uint32) Boolean
+	ShowMemoryOrDisassemble(style DebuggerShowMemoryStyle, address Uint64, memory_type DebuggerReadMemoryType, reading_type DebuggerReadReadingType, pid Uint32, size Uint32, dt_details PdebuggerDtCommandOptions)
+	WriteMemory(destination_address unsafe.Pointer, memory_type DebuggerEditMemoryType, process_id Uint32, source_address unsafe.Pointer, number_of_bytes Uint32) Boolean
+	ReadAllRegisters(guest_registers unsafe.Pointer, extra_registers unsafe.Pointer) Boolean
+	ReadTargetRegister(register_id RegsEnum, target_register *Uint64) Boolean
+	WriteTargetRegister(register_id RegsEnum, value Uint64) Boolean
+	ShowAllRegisters() Boolean
+	ShowTargetRegister(register_id RegsEnum) Boolean
+	ContinueDebuggee()
+	PauseDebuggee()
+	SetBreakpoint(address Uint64, pid Uint32, tid Uint32, core_numer Uint32)
+	SteppingInstrumentationStepIn() Boolean
+	SteppingRegularStepIn() Boolean
+	SteppingStepOver() Boolean
+	SteppingInstrumentationStepInForTracking() Boolean
+	SteppingStepOverForGu(last_instruction Boolean) Boolean
+	StartProcess(path *Wchar) Boolean
+	StartProcessWithArgs(path *Wchar, arguments *Wchar) Boolean
+	CommandGetLocalApic(local_apic PlapicPage, is_using_x2apic *Boolean) Boolean
+	AssembleGetLength(assembly_code *Char, start_address Uint64, length *Uint32) Boolean
+	Assemble(assembly_code *Char, start_address Uint64, buffer_to_store_assembled_data unsafe.Pointer, buffer_size Uint32) Boolean
+	HwdbgScriptRunScript(script *Char, instance_filepath_to_read *Char, hardware_script_file_path_to_save *Char, initial_bram_buffer_size Uint32) Boolean
+	HwdbgScriptEngineWrapperTestParser(Expr *Char)
+	HardwareScriptInterpreterShowScriptCapabilities(InstanceInfo *HwdbgInstanceInformation)
+	HardwareScriptInterpreterCheckScriptBufferWithScriptCapabilities(InstanceInfo *HwdbgInstanceInformation, ScriptBuffer unsafe.Pointer, CountOfScriptSymbolChunks Uint32, NumberOfStages *Uint32, NumberOfOperands *Uint32, NumberOfOperandsImplemented *Uint32) Boolean
+	HardwareScriptInterpreterCompressBuffer(Buffer *Uint64, BufferLength int32, ScriptVariableLength Uint32, BramDataWidth Uint32, NewBufferSize *int32, NumberOfBytesPerChunk *int32) Boolean
+	HardwareScriptInterpreterConvertSymbolToHwdbgShortSymbolBuffer(InstanceInfo *HwdbgInstanceInformation, SymbolBuffer unsafe.Pointer, SymbolBufferLength int32, NumberOfStages Uint32, NewShortSymbolBuffer *unsafe.Pointer, NewBufferSize *int32) Boolean
+	HardwareScriptInterpreterFreeHwdbgShortSymbolBuffer(NewShortSymbolBuffer unsafe.Pointer)
+	ScriptEngineParse(str *byte) unsafe.Pointer
+	ScriptEngineSetHwdbgInstanceInfo(InstancInfo *HwdbgInstanceInformation) Boolean
+	PrintSymbolBuffer(SymbolBuffer unsafe.Pointer)
+	RemoveSymbolBuffer(SymbolBuffer unsafe.Pointer)
+	PrintSymbol(Symbol unsafe.Pointer)
+	ScriptEngineConvertNameToAddress(FunctionOrVariableName *byte, WasFound Pboolean) Uint64
+	ScriptEngineLoadFileSymbol(BaseAddress Uint64, PdbFileName *byte, CustomModuleName *byte) Uint32
+	ScriptEngineUnloadAllSymbols() Uint32
+	ScriptEngineUnloadModuleSymbol(ModuleName *byte) Uint32
+	ScriptEngineSearchSymbolForMask(SearchMask *byte) Uint32
+	ScriptEngineGetFieldOffset(TypeName *Char, FieldName *Char, FieldOffset *Uint32) Boolean
+	ScriptEngineGetDataTypeSize(TypeName *Char, TypeSize *Uint64) Boolean
+	ScriptEngineCreateSymbolTableForDisassembler(CallbackFunction unsafe.Pointer) Boolean
+	ScriptEngineConvertFileToPdbPath(LocalFilePath *byte, ResultPath *byte) Boolean
+	ScriptEngineConvertFileToPdbFileAndGuidAndAgeDetails(LocalFilePath *byte, PdbFilePath *byte, GuidAndAgeDetails *byte, Is32BitModule Boolean) Boolean
+	ScriptEngineSymbolInitLoad(BufferToStoreDetails unsafe.Pointer, StoredLength Uint32, DownloadIfAvailable Boolean, SymbolPath *byte, IsSilentLoad Boolean) Boolean
+	ScriptEngineShowDataBasedOnSymbolTypes(TypeName *byte, Address Uint64, IsStruct Boolean, BufferAddress unsafe.Pointer, AdditionalParameters *byte) Boolean
+	ScriptEngineSymbolAbortLoading()
+	ScriptEngineSetTextMessageCallback(Handler unsafe.Pointer)
+	SymSetTextMessageCallback(Handler unsafe.Pointer)
+	SymbolAbortLoading()
+	SymConvertNameToAddress(FunctionOrVariableName *byte, WasFound Pboolean) Uint64
+	SymLoadFileSymbol(BaseAddress Uint64, PdbFileName *byte, CustomModuleName *byte) Uint32
+	SymUnloadAllSymbols() Uint32
+	SymUnloadModuleSymbol(ModuleName *byte) Uint32
+	SymSearchSymbolForMask(SearchMask *byte) Uint32
+	SymGetFieldOffset(TypeName *Char, FieldName *Char, FieldOffset *Uint32) Boolean
+	SymGetDataTypeSize(TypeName *Char, TypeSize *Uint64) Boolean
+	SymCreateSymbolTableForDisassembler(CallbackFunction unsafe.Pointer) Boolean
+	SymConvertFileToPdbPath(LocalFilePath *byte, ResultPath *byte) Boolean
+	SymConvertFileToPdbFileAndGuidAndAgeDetails(LocalFilePath *byte, PdbFilePath *byte, GuidAndAgeDetails *byte, Is32BitModule Boolean) Boolean
+	SymbolInitLoad(BufferToStoreDetails unsafe.Pointer, StoredLength Uint32, DownloadIfAvailable Boolean, SymbolPath *byte, IsSilentLoad Boolean) Boolean
+	SymShowDataBasedOnSymbolTypes(TypeName *byte, Address Uint64, IsStruct Boolean, BufferAddress unsafe.Pointer, AdditionalParameters *byte) Boolean
+	SymQuerySizeof(StructNameOrTypeName *byte, SizeOfField *Uint32) Boolean
+	SymCastingQueryForFiledsAndTypes(StructName *byte, FiledOfStructName *byte, IsStructNamePointerOrNot Pboolean, IsFiledOfStructNamePointerOrNot Pboolean, NewStructOrTypeName **byte, OffsetOfFieldFromTop *Uint32, SizeOfField *Uint32) Boolean
+}
diff --git a/sdk/sdk_test.go b/sdk/sdk_test.go
@@ -2,14 +2,44 @@ package sdk
 
 import (
 	"fmt"
+	"strings"
 	"testing"
 	"unsafe"
 
+	"github.com/ddkwork/golibrary/stream"
+
 	"github.com/ddkwork/golibrary/assert"
 	"github.com/ddkwork/golibrary/mylog"
 	"github.com/ebitengine/purego"
 )
 
+func TestGenInterface(t *testing.T) {
+	g := stream.NewGeneratedFile()
+	index := 0
+	g.P(`package sdk`)
+	g.P(`import "unsafe"`)
+	g.P(`type API interface {`)
+	for _, s := range stream.ToLines("sdk.go") {
+		if strings.HasPrefix(s, "func ") {
+			s = strings.TrimPrefix(s, "func ")
+			if strings.Contains(s, "{") && strings.Contains(s, "}") {
+				before, _, found := strings.Cut(s, "{")
+				if found {
+					s = before
+				}
+			}
+			s = strings.TrimSuffix(s, "{")
+			if strings.Contains(s, "Anon") {
+				continue
+			}
+			index++
+			g.P(s)
+		}
+	}
+	g.P(`}`)
+	stream.WriteGoFile("api.go", g.Bytes())
+}
+
 const (
 	COMMUNICATION_BUFFER_SIZE     = 0x100
 	TCP_END_OF_BUFFER_CHARS_COUNT = 4
@@ -40,9 +70,10 @@ func TestSdk(t *testing.T) {
 
 		mylog.Trace("LoadVmm", LoadVmm())
 		// assert.True(t, Boolean2Bool(ConnectRemoteDebuggerUsingNamedPipe(StringToBytePointer("\\\\.\\pipe\\HyperDbgDebug"))))
-
 		// assert.True(t, Boolean2Bool(StartProcessWithArgs(&[]rune("path")[0], &[]rune("C:\\Windows\\SysWOW64\\notepad.exe")[0])))
 
+		TargetFilePath = "../testdata/asm.exe"
+
 		// todo:
 		// start debugger
 		// read memory
@@ -59,6 +90,52 @@ func TestSdk(t *testing.T) {
 	})
 }
 
+func Test_x32dbg_GetMainModuleEntry(t *testing.T) {
+	//stream.RunCommand("netstat -ano | findstr :6589")
+	//a := New().Connect()
+	//defer a.Close()
+	//// a.Restart()//restartadmin todo 重载后服务端被关闭了，还是不方便使用,解决办法是在gui命令栏内输入 restartadmin 重启服务端，这样不用关闭调试器
+	//// breakpoints := a.Breakpoints()
+	//// mylog.Struct("breakpoints", breakpoints)
+	//a.BreakpointsRemoveAll()
+	//
+	////a.SetBreakpoint(a.GetMainModuleEntry())
+	////$+19     | E9 4E060000              | jmp <asm._asm1>                         |
+	////$+A7     | E8 99030000              | call <asm.__allmul>                     | main.c:69
+	////$+10B    | E8 70030000              | call <asm.__alldiv>                     | main.c:101
+	////$+50B    | 68 34A03800              | push asm.38A034                         | 38A034:"asm1 for code3"
+	//singular := a.DisassemblySingular(a.MainModuleEntry() + 0x19)
+	//asm1 := getAddressBySingularDisassembly[uint32](singular.Assembly)
+	//mylog.Hex("asm1", asm1)
+	//end := asm1 + 0x50B
+	//a.SetBreakpoint(end)
+	//a.SetCommentNotes(end, "end trace")
+	//
+	//singular = a.DisassemblySingular(asm1 + 0xa7)
+	//allmul := getAddressBySingularDisassembly[uint32](singular.Assembly)
+	//mylog.Hex("__allmul", allmul)
+	//a.SetCommentNotes(allmul, "__allmul")
+	//
+	//singular = a.DisassemblySingular(asm1 + 0x10b)
+	//alldiv := getAddressBySingularDisassembly[uint32](singular.Assembly)
+	//mylog.Hex("__alldiv", alldiv)
+	//a.SetCommentNotes(alldiv, "__alldiv")
+	//
+	//a.SetBreakpoint(allmul)
+	//a.SetBreakpoint(alldiv)
+	//
+	//bigNumTrace := func() {
+	//	switch a.Eip() {
+	//	case allmul:
+	//		mul(a.PeekStack(1), a.PeekStack(2), a.PeekStack(3), a.PeekStack(4))
+	//	case alldiv:
+	//		div(a.PeekStack(1), a.PeekStack(2), a.PeekStack(3), a.PeekStack(4))
+	//	case end: // 如何把这个条件传递到RunCommandWithCount的停止条件呢？这样就不会让程序退出了
+	//	}
+	//}
+	//a.RunCommandWithCount("run", 400, bigNumTrace)
+}
+
 /*
 .connect local
 load vmm