Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


How does CE handle stepping through instructions for VEH?

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> General programming
View previous topic :: View next topic  
Author Message
newuser2
How do I cheat?
Reputation: 0

Joined: 21 Oct 2021
Posts: 1
PostPosted: Thu Oct 21, 2021 2:07 am    Post subject: How does CE handle stepping through instructions for VEH? Reply with quote
I am trying to embed debugger-like code within my project for a remote process - not writing a full-blown debugger, I just need specific functionality:

I add a vectored exception handler and then I register a software breakpoint (int 3, 0xCC) at a specific memory address.

The exception handler receives EXCEPTION_BREAKPOINT, and then I handle it by removing the breakpoint, then performing this operation on eflags:

Code:
EFlags ^= 1 << 8
to set the tracer flag

After this I flush the instruction cache, call SetThreadContext, and return EXCEPTION_CONTINUE_EXECUTION.

Following this, I receive EXCEPTION_SINGLE_STEP

the result of EXCEPTION_SINGLE_STEP are what happened after the instruction executed instead of prior to execution (as expected.)

Then I set the resume flag and clear the trap flag as otherwise I get into an infinite loop on that address:

Code:
EFlags ^= 1 << 16
EFlags &= !(1 << 8)


These are my questions:

How do I set the tracer flag so that say, I breakpoint on address 0x00000001, it transitions to single step mode.
And then it steps to 0x00000002, handles that
steps to 0x00000003, handles that, etc.

Basically, how do I capture single step operations for every subsequent instruction until I tell it to stop? Currently what I am doing is disassembling the instruction, getting the size, and doing:

Code:
IP += instruction.size()


However this would not be sufficient for conditional operations. What is the best way to go about handling this?
Back to top
View user's profile Send private message
atom0s
Moderator
Reputation: 205

Joined: 25 Jan 2006
Posts: 8587
Location: 127.0.0.1
PostPosted: Thu Oct 21, 2021 3:24 am    Post subject: Reply with quote
If you are unaware, CE is open source. The VEH code is here:
https://github.com/cheat-engine/cheat-engine/tree/master/Cheat%20Engine/VEHDebug

https://github.com/cheat-engine/cheat-engine/blob/master/Cheat%20Engine/VEHDebugger.pas
_________________
- Retired.
Back to top
View user's profile Send private message Visit poster's website
Dark Byte
Site Admin
Reputation: 470

Joined: 09 May 2003
Posts: 25807
Location: The netherlands
PostPosted: Thu Oct 21, 2021 3:58 am    Post subject: Reply with quote
you don't increase IP manually. set the resume flag if you wish to continue while tf is set
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.

Like my help? Join me on Patreon so i can keep helping
Back to top
View user's profile Send private message MSN Messenger
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> General programming All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites