Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


debugging

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> General programming
View previous topic :: View next topic  
Author Message
aeon
How do I cheat?
Reputation: 0

Joined: 27 May 2007
Posts: 1
PostPosted: Mon May 28, 2007 6:42 am    Post subject: debugging Reply with quote
hi

I'm working on my small project in delphi which should:

1. create another proccess
2. set breakpoint on certain address to break the process
3. read values from registers(at breakpoint)
4. dump part of process memory according to values from registers

first and fourth part I have already handled but need help with 2. and 3.


here is my code for first part:
Code:

var
  StartInfo : TStartupInfo;
  ProcInfo : TProcessInformation;
  DbgEvent : DEBUG_EVENT;
  a : integer;
  Cont:_Context;

begin

  FillChar(StartInfo,SizeOf(TStartupInfo),#0);
  FillChar(ProcInfo,SizeOf(TProcessInformation),#0);
  StartInfo.cb := SizeOf(TStartupInfo);

If not
  CreateProcess(PChar('e:\tutorial.exe'),nil, nil, nil,False,
              DEBUG_PROCESS+DEBUG_ONLY_THIS_PROCESS,
              nil, nil, StartInfo, ProcInfo)
              then
  begin
   MessageBox (Application.Handle, 'created by the debugging process to fail','!' ,MB_OK or MB_ICONERROR);
  End;

try
 while WaitForDebugEvent(DbgEvent, INFINITE) do
  begin
    case DbgEvent.dwDebugEventCode of
          EXIT_PROCESS_DEBUG_EVENT:
            begin
                MessageBox (Application.Handle, 'Process Exited','!' ,MB_OK or MB_ICONERROR);  Break;
            end;
           CREATE_PROCESS_DEBUG_EVENT :
             begin
                MessageBox (Application.Handle, 'debugging process has been established,', '!', MB_OK or MB_ICONERROR);
                   end;
            EXCEPTION_DEBUG_EVENT :
            begin
                 if DbgEvent.Exception.ExceptionRecord.ExceptionCode = EXCEPTION_BREAKPOINT
                   then
                     begin
                        ContinueDebugEvent(DbgEvent.dwProcessId,DbgEvent.dwThreadId,DBG_CONTINUE);
                                               end
                   else
                     begin
                       MessageBox (Application.Handle, 'Exception', '!', MB_OK or MB_ICONERROR); break
                     end;
             end;

    end;

    ContinueDebugEvent(DbgEvent.dwProcessId, DbgEvent.dwThreadid, DBG_CONTINUE);

end;
    finally

        CloseHandle(   ProcInfo.hProcess );
         CloseHandle(   ProcInfo.hThread);
end;
end;


correct me if i'm wrong:
theory behind creating breakpoint it to set $cc on address when program should break then wait for the exception $cc creates and set original byte back, although I've found some code snippets they did not work for me, it would be nice if some could apply it to my code


for reading registers this code shold work

Code:

cont.ContextFlags := CONTEXT_INTEGER;
GetThreadContext( ProcInfo.hThread,cont);
cont.EFlags := cont.EFlags or $100;
showmessage(IntToHex(cont.edx,4));


it returns some value but i'm not sure if it's correct.
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> General programming All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites