RoboDBG
Loading...
Searching...
No Matches
debugger.callbacks.cpp
1#include "debugger.h"
2#include <iostream> // ensure iostream is visible
3
4namespace RoboDBG {
5
6 // ==================================================
7 // HOOKS
8 // ==================================================
9 void Debugger::onStart(uintptr_t imageBase, uintptr_t entryPoint) {
10 if (!this->verbose) return;
11
12 std::cout << "[*] Debugger::onStart\n";
13 std::cout << " ImageBase : 0x" << std::hex << imageBase << "\n";
14 std::cout << " EntryPoint: 0x" << std::hex << entryPoint << std::dec << "\n";
15 }
16
17 void Debugger::onEnd(DWORD exitCode, DWORD pid) {
18 if (!this->verbose) return;
19
20 std::cout << "[*] Process exited\n";
21 std::cout << " PID : " << pid << "\n";
22 std::cout << " Exit Code : 0x" << std::hex << exitCode
23 << std::dec << " (" << exitCode << ")\n";
24 }
25
26 void Debugger::onAttach() {
27 if (!this->verbose) return;
28
29 std::cout << "[*] Debugger::onAttach: Attached\n";
30 }
31
32 BreakpointAction Debugger::onBreakpoint(uintptr_t address, HANDLE hThread) {
33 if (this->verbose) {
34 std::cout << "[*] Breakpoint hit\n";
35 std::cout << " Address: 0x" << std::hex << address
36 << " Thread: 0x" << reinterpret_cast<uintptr_t>(hThread)
37 << std::dec << "\n";
38 }
39 return RESTORE;
40 }
41
42 bool Debugger::onDLLLoad(uintptr_t address, std::string dllName, uintptr_t entryPoint) {
43 if (!this->verbose) return false;
44
45 std::cout << "[*] DLL Load\n";
46 std::cout << " Address : 0x" << std::hex << address << "\n";
47 std::cout << " DLL Name : " << std::dec << dllName << "\n";
48 std::cout << " Entry Point: 0x" << std::hex << entryPoint << std::dec << "\n";
49 return false;
50 }
51
52 void Debugger::onThreadCreate(HANDLE hThread, DWORD threadId, uintptr_t threadBase, uintptr_t startAddress) {
53 if (!this->verbose) return;
54
55 std::cout << "[*] Thread created\n";
56 std::cout << " TID : " << std::dec << threadId << "\n";
57 std::cout << " Handle : 0x" << std::hex << reinterpret_cast<uintptr_t>(hThread) << "\n";
58 std::cout << " TEB/Base : 0x" << std::hex << threadBase << "\n";
59 std::cout << " StartAddress : 0x" << std::hex << startAddress << std::dec << "\n";
60 }
61
62 void Debugger::onThreadExit(DWORD threadID) {
63 if (!this->verbose) return;
64
65 std::cout << "[*] Thread exited\n";
66 std::cout << " TID: " << std::dec << threadID << "\n";
67 }
68
69 void Debugger::onDLLUnload(uintptr_t address, std::string dllName) {
70 if (!this->verbose) return;
71
72 std::cout << "[*] DLL Unload\n";
73 std::cout << " Address : 0x" << std::hex << address << "\n";
74 std::cout << " DLL Name: " << std::dec << dllName << "\n";
75 }
76
77 void Debugger::onSinglestep(uintptr_t address, HANDLE hThread) {
78 if (!this->verbose) return;
79
80 std::cout << "[*] Single-step\n";
81 std::cout << " Address: 0x" << std::hex << address
82 << " Thread: 0x" << reinterpret_cast<uintptr_t>(hThread)
83 << std::dec << "\n";
84 }
85
86 void Debugger::onAccessViolation(uintptr_t address, uintptr_t faultingAddress, long accessType) {
87 if (!this->verbose) return;
88
89 std::cout << "[!] Access violation\n";
90 std::cout << " At Address : 0x" << std::hex << address << "\n";
91 std::cout << " Faulting Addr : 0x" << std::hex << faultingAddress << "\n";
92 std::cout << " Access Type : " << std::dec << accessType << " -> ";
93
94 switch (accessType) {
95 case 0: std::cout << "Read\n"; break;
96 case 1: std::cout << "Write\n"; break;
97 case 8: std::cout << "Execute (NX)\n"; break;
98 default: std::cout << "Unknown\n"; break;
99 }
100 }
101
102 void Debugger::onDebugString(std::string msg) {
103 if (!this->verbose) return;
104
105 std::cout << "[*] Debug string\n";
106 std::cout << " \"" << msg << "\"\n";
107 }
108
109 void Debugger::onRIPError(const RIP_INFO& rip) {
110 if (!this->verbose) return;
111
112 // We don't assume fields; print the address of the struct so it's referenced.
113 std::cout << "[*] RIP error\n";
114 std::cout << " RIP_INFO@0x" << std::hex << reinterpret_cast<uintptr_t>(&rip) << std::dec << "\n";
115 }
116
117 void Debugger::onUnknownException(uintptr_t addr, DWORD code) {
118 if (!this->verbose) return;
119
120 std::cout << "[*] Unknown exception\n";
121 std::cout << " Code : 0x" << std::hex << code << "\n";
122 std::cout << " Addr : 0x" << std::hex << addr << std::dec << "\n";
123 }
124
125 void Debugger::onUnknownDebugEvent(DWORD code) {
126 if (!this->verbose) return;
127
128 std::cout << "[*] Unknown debug event\n";
129 std::cout << " Code: " << std::dec << code << "\n";
130 }
131
132 BreakpointAction Debugger::onHardwareBreakpoint(uintptr_t address, HANDLE hThread, DRReg reg) {
133 if (this->verbose) {
134 std::cout << "[*] Hardware Breakpoint\n";
135 std::cout << " Address: 0x" << std::hex << address
136 << " Thread: 0x" << reinterpret_cast<uintptr_t>(hThread)
137 << " DR: " << static_cast<int>(reg)
138 << std::dec << "\n";
139 }
140 return RESTORE;
141 }
142
143} // namespace RoboDBG
144
RoboDBG::Debugger::onAttach
virtual void onAttach()
Called after successfully attaching to an already running process.
Definition debugger.callbacks.cpp:26
RoboDBG::Debugger::onAccessViolation
virtual void onAccessViolation(uintptr_t address, uintptr_t faultingAddress, long accessType)
Called on access violation (AV).
Definition debugger.callbacks.cpp:86
RoboDBG::Debugger::onThreadExit
virtual void onThreadExit(DWORD threadID)
Called when a thread exits.
Definition debugger.callbacks.cpp:62
RoboDBG::Debugger::onEnd
virtual void onEnd(DWORD exitCode, DWORD pid)
Called when the debuggee exits.
Definition debugger.callbacks.cpp:17
RoboDBG::Debugger::onDLLUnload
virtual void onDLLUnload(uintptr_t address, std::string dllName)
Called when a DLL is unloaded.
Definition debugger.callbacks.cpp:69
RoboDBG::Debugger::onUnknownException
virtual void onUnknownException(uintptr_t addr, DWORD code)
Called on unknown exception.
Definition debugger.callbacks.cpp:117
RoboDBG::Debugger::onStart
virtual void onStart(uintptr_t imageBase, uintptr_t entryPoint)
Called when a new debuggee process is started.
Definition debugger.callbacks.cpp:9
RoboDBG::Debugger::onThreadCreate
virtual void onThreadCreate(HANDLE hThread, DWORD threadId, uintptr_t threadBase, uintptr_t startAddress)
Called when a thread is created in the debuggee.
Definition debugger.callbacks.cpp:52
RoboDBG::Debugger::onRIPError
virtual void onRIPError(const RIP_INFO &rip)
Called on RIP error (native debug port issues).
Definition debugger.callbacks.cpp:109
RoboDBG::Debugger::onDLLLoad
virtual bool onDLLLoad(uintptr_t address, std::string dllName, uintptr_t entryPoint)
Called when a DLL is loaded.
Definition debugger.callbacks.cpp:42
RoboDBG::Debugger::onBreakpoint
virtual BreakpointAction onBreakpoint(uintptr_t address, HANDLE hThread)
Called on software breakpoint (INT3).
Definition debugger.callbacks.cpp:32
RoboDBG::Debugger::onDebugString
virtual void onDebugString(std::string dbgString)
Called when OutputDebugString is emitted by the debuggee.
Definition debugger.callbacks.cpp:102
RoboDBG::Debugger::onHardwareBreakpoint
virtual BreakpointAction onHardwareBreakpoint(uintptr_t address, HANDLE hThread, DRReg reg)
Called on hardware breakpoint hit.
Definition debugger.callbacks.cpp:132
RoboDBG::Debugger::onUnknownDebugEvent
virtual void onUnknownDebugEvent(DWORD code)
Called on unhandled/unknown debug events.
Definition debugger.callbacks.cpp:125
RoboDBG::Debugger::onSinglestep
virtual void onSinglestep(uintptr_t address, HANDLE hThread)
Called on single-step exception.
Definition debugger.callbacks.cpp:77
debugger.h
Main Debugger file.
RoboDBG::BreakpointAction
BreakpointAction
Specifies the action to take when a breakpoint is hit.
Definition debugger.h:37
RoboDBG::RESTORE
@ RESTORE
Restore the original instruction at the breakpoint.
Definition debugger.h:39
RoboDBG::DRReg
DRReg
Hardware debug registers used for breakpoints.
Definition debugger.h:57