Cleanup hooking

momo5502 · Sep 2, 2024 · 9086792 · 9086792
1 parent daff0d1
commit 9086792
Show file tree

Hide file tree

Showing 3 changed files with 14 additions and 6 deletions.
diff --git a/src/emulator/emulator.hpp b/src/emulator/emulator.hpp
@@ -9,7 +9,13 @@ struct emulator_hook;
 
 using memory_operation = memory_permission;
 
-using hook_callback = std::function<bool()>;
+enum class hook_continuation : bool
+{
+	run_instruction = false,
+	skip_instruction = true,
+};
+
+using hook_callback = std::function<hook_continuation()>;
 
 using simple_memory_hook_callback = std::function<void(uint64_t address, size_t size)>;
 using complex_memory_hook_callback = std::function<void(uint64_t address, size_t size, memory_operation operation)>;

diff --git a/src/unicorn_emulator/unicorn_x64_emulator.cpp b/src/unicorn_emulator/unicorn_x64_emulator.cpp
@@ -257,7 +257,9 @@ namespace unicorn
 
 				function_wrapper<int, uc_engine*> wrapper([c = std::move(callback)](uc_engine*)
 				{
-					return c() ? 1 : 0;
+					return (c() == hook_continuation::skip_instruction)
+						       ? 1
+						       : 0;
 				});
 
 				unicorn_hook hook{*this};

diff --git a/src/windows_emulator/main.cpp b/src/windows_emulator/main.cpp
@@ -24,7 +24,7 @@
 #define STACK_ADDRESS (0x80000000000 - STACK_SIZE)
 #define KUSD_ADDRESS 0x7ffe0000
 
-bool use_gdb = false;
+bool use_gdb = true;
 
 struct breakpoint_key
 {
@@ -625,13 +625,13 @@ namespace
 		emu->hook_instruction(x64_hookable_instructions::syscall, [&]
 		{
 			dispatcher.dispatch(*emu, context);
-			return true;
+			return hook_continuation::skip_instruction;
 		});
 
 		emu->hook_instruction(x64_hookable_instructions::rdtsc, [&]
 		{
-			puts("RDTSC Hook");
-			return true;
+			emu->reg(x64_register::rax, 0x0011223344556677);
+			return hook_continuation::skip_instruction;
 		});
 
 		watch_object(*emu, context.teb);