View previous topic :: View next topic |
Author |
Message |
fred26 Expert Cheater Reputation: 0
Joined: 20 Dec 2014 Posts: 103
|
Posted: Mon Mar 30, 2015 5:42 pm Post subject: Break and Trace Question |
|
|
Can I exclude any modules in the Break and Trace feature ?
When I do Break and Trace, there are lengthy unnecessary systems or msvcrt function calls that I want to avoid.
Thanks
|
|
Back to top |
|
|
Geri Moderator Reputation: 111
Joined: 05 Feb 2010 Posts: 5636
|
Posted: Mon Mar 30, 2015 6:35 pm Post subject: |
|
|
Step over is stepping over every function, but you can't specify to step over certain functions only. At least not by default. But there may be some magical trick in lua or something similar. I don't know.
_________________
|
|
Back to top |
|
|
fred26 Expert Cheater Reputation: 0
Joined: 20 Dec 2014 Posts: 103
|
Posted: Mon Mar 30, 2015 7:02 pm Post subject: |
|
|
Thanks. Two questions here:
1) Can you simulate a trace via Lua?
2) Can you get the module's address via Lua?
|
|
Back to top |
|
|
fred26 Expert Cheater Reputation: 0
Joined: 20 Dec 2014 Posts: 103
|
Posted: Tue Mar 31, 2015 8:56 pm Post subject: |
|
|
No takers on this one?
|
|
Back to top |
|
|
Zanzer I post too much Reputation: 126
Joined: 09 Jun 2013 Posts: 3278
|
Posted: Tue Mar 31, 2015 9:00 pm Post subject: |
|
|
Press F1 and search under the Script Engine topic.
Code: | createProcess(path, parameters OPTIONAL, debug OPTIONAL, breakonentrypoint OPTIONAL) : Creates a process. If debug is true it will be created using the windows debugger and if breakonentry is true it will cause a breakpoint to occur on entrypoint |
Code: | debug_setBreakpoint(address, size OPTIONAL, trigger OPTIONAL) : sets a breakpoint of a specific size at the given address. if trigger is bptExecute then size is ignored. If trigger is ignored then it will be of type bptExecute, which obviously also ignores the size then as well |
Code: | getAddress("game.exe") |
|
|
Back to top |
|
|
fred26 Expert Cheater Reputation: 0
Joined: 20 Dec 2014 Posts: 103
|
Posted: Wed Apr 01, 2015 8:53 am Post subject: |
|
|
Thanks. One question, if I need to do a trace via Lua.
Should I:
1) Set a BreakPoint
2) In debugger_onBreakpoint() , I will do my stuff and then debug_continueFromBreakpoint(co_stepinto).
How can I break on the next OpCode ?
Thanks!
|
|
Back to top |
|
|
fred26 Expert Cheater Reputation: 0
Joined: 20 Dec 2014 Posts: 103
|
Posted: Thu Apr 02, 2015 12:02 pm Post subject: |
|
|
Well, I figure it out.
Now how can I find the next EIP ?
Easy when no JMPs or Calls opcodes, but has anyone implemented this?
Thanks
|
|
Back to top |
|
|
fred26 Expert Cheater Reputation: 0
Joined: 20 Dec 2014 Posts: 103
|
Posted: Fri Apr 03, 2015 7:21 am Post subject: |
|
|
No one?
DarkByte?
|
|
Back to top |
|
|
Dark Byte Site Admin Reputation: 457
Joined: 09 May 2003 Posts: 25262 Location: The netherlands
|
Posted: Fri Apr 03, 2015 8:10 am Post subject: |
|
|
debug_continueFromBreakpoint(co_stepover) usually breaks on the next EIP
it checks if it's a call and sets the breakpoint on the instruction after it (else it goes for stepinto). It will fail if an exception happens inside that call causing the function to never return, so beware of that
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
Back to top |
|
|
fred26 Expert Cheater Reputation: 0
Joined: 20 Dec 2014 Posts: 103
|
Posted: Sat Apr 04, 2015 8:25 am Post subject: |
|
|
Thanks DarkByte. But what about if I want to have the next EIP winthin a call or jump oppcode? Should I parse the current opccode and see if it will jump or call and "construct" the EIP and breakpoint on it? Thanks
|
|
Back to top |
|
|
|