| View previous topic :: View next topic |
| Author |
Message |
dnsi0
I post too much
![]() Reputation: 0
Joined: 04 Jan 2007
Posts: 2674
|
 Posted: Tue Nov 11, 2008 11:16 am Post subject: Debug Registers... |
 |
|
Whats the problem with this?
| Code: | tCONTEXT.ContextFlags:=CONTEXT_DEBUG_REGISTERS;
tCONTEXT.Dr7:=set0 or set1 or set2 or set3;
//Clear Registers
tCONTEXT.Dr0:=0;
tCONTEXT.Dr1:=0;
tCONTEXT.Dr2:=0;
tCONTEXT.Dr3:=0;
If reg=0 then tCONTEXT.Dr0:=Address;
If reg=1 then tCONTEXT.Dr1:=Address;
If reg=2 then tCONTEXT.Dr2:=Address;
If reg=3 then tCONTEXT.Dr3:=Address;
suspendthread(threadid);
setthreadcontext(threadid,tCONTEXT);
resumethread(threadid); |
So This is done to every thread that exists in a process. I tried getting the context first then putting it back in with the breakpoints but it doesn't work... Help? I probably made about 10 mistakes in working registers but oh well... |
|
| Back to top |
|
 |
BanMe
Master Cheater
![]() Reputation: 0
Joined: 29 Nov 2005
Posts: 375
Location: Farmington NH, USA
|
| Posted: Tue Nov 11, 2008 12:19 pm Post subject: |
|
|
a whole code section would make it far easier to debug for you  |
|
| Back to top |
|
|
tombana
Master Cheater
![]() Reputation: 2
Joined: 14 Jun 2007
Posts: 456
Location: The Netherlands
|
| Posted: Tue Nov 11, 2008 1:49 pm Post subject: |
|
|
I don't know if it matters, but you could try first doing:
GetThreadContext, and then modify the output, and then do SetThreadContext. Because maybe the thread has already got some flags on/off which you change by doing it this way. |
|
| Back to top |
|
|
BanMe
Master Cheater
![]() Reputation: 0
Joined: 29 Nov 2005
Posts: 375
Location: Farmington NH, USA
|
| Posted: Tue Nov 11, 2008 4:07 pm Post subject: |
|
|
i agree with Tombana but the methodology should be a bit different
| Code: | SuspendThread()
GetThreadContext()
ModifyTheContext
SetThreadContext()
FlushInstructionCache()
ResumeThread() |
|
|
| Back to top |
|
|
samuri25404
Grandmaster Cheater
 Reputation: 7
Joined: 04 May 2007
Posts: 955
Location: Why do you care?
|
| Posted: Tue Nov 11, 2008 5:27 pm Post subject: |
|
|
Other APIs you will probably need
| Code: |
OpenThread
CloseHandle
DebugActiveProcess
DebugActiveProcessStop
WaitForDebugEvent
ContinueDebugEvent
|
_________________
|
|
| Back to top |
|
|
dnsi0
I post too much
![]() Reputation: 0
Joined: 04 Jan 2007
Posts: 2674
|
| Posted: Wed Nov 12, 2008 6:36 pm Post subject: |
|
|
| I tried those things... Including DebugActiveProcess, and getting the context then setting. But nothing works on the process cause I made a dummy program where clicking a button tells you the address of the function and another button activates the function. I set a breakpoint with cheatengine and it activates when I click the 2nd button but when I try it my self with get/setthreadcontext, it does nothing... |
|
| Back to top |
|
|
BanMe
Master Cheater
![]() Reputation: 0
Joined: 29 Nov 2005
Posts: 375
Location: Farmington NH, USA
|
| Posted: Thu Nov 13, 2008 11:16 am Post subject: |
|
|
do you have SE_DEBUG_NAME privilege?
also a more robust snippet would greatly help me help you  |
|
| Back to top |
|
|
dnsi0
I post too much
![]() Reputation: 0
Joined: 04 Jan 2007
Posts: 2674
|
| Posted: Thu Nov 13, 2008 5:59 pm Post subject: |
|
|
| Dang... I forgot to give my process debug privs... |
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
