root/Cheat Engine/plugin.pas @ 309

Revision 309, 47.3 kB (checked in by dark_byte, 8 months ago)

bugfixes for the heaplist and memory dissect

Line 
1unit plugin;
2
3interface
4
5uses sysutils,windows,checklst,menus,dialogs,cefuncproc,newkernelhandler, graphics;
6
7const CurrentPluginVersion=3;
8
9//structures
10type TPluginVersion = record
11  version: dword; //version number of ce plugin it is developed for (compatibility for the future)
12  pluginname: pchar; //pointer to a 0-terminated string in the dll
13end;
14type PPluginVersion=^TPluginVersion;
15
16type TExportedFunctions3 = record
17  sizeofExportedFunctions: integer;
18  showmessage: pointer;
19  registerfunction: pointer;
20  unregisterfunction: pointer;
21  OpenedProcessID: ^dword;
22  OpenedProcessHandle: ^thandle;
23
24  GetMainWindowHandle: pointer;
25  AutoAssemble: pointer;
26  assembler: pointer;
27  disassembler: pointer;
28  ChangeRegistersAtAddress: pointer;
29  InjectDLL: pointer;
30  freezemem: pointer;
31  unfreezemem: pointer;
32  fixmem: pointer;
33  processlist: pointer;
34  reloadsettings: pointer;
35  getaddressfrompointer: pointer;
36
37  //pointers to the address that contains the pointers to the functions
38  ReadProcessMemory     :pointer;
39  WriteProcessMemory    :pointer;
40  GetThreadContext      :pointer;
41  SetThreadContext      :pointer;
42  SuspendThread         :pointer;
43  ResumeThread          :pointer;
44  OpenProcess           :pointer;
45  WaitForDebugEvent     :pointer;
46  ContinueDebugEvent    :pointer;
47  DebugActiveProcess    :pointer;
48  StopDebugging         :pointer;
49  StopRegisterChange    :pointer;
50  VirtualProtect        :pointer;
51  VirtualProtectEx      :pointer;
52  VirtualQueryEx        :pointer;
53  VirtualAllocEx        :pointer;
54  CreateRemoteThread    :pointer;
55  OpenThread            :pointer;
56  GetPEProcess          :pointer;
57  GetPEThread           :pointer;
58  GetThreadsProcessOffset:pointer;
59  GetThreadListEntryOffset:pointer;
60  GetProcessnameOffset  :pointer;
61  GetDebugportOffset    :pointer;
62  GetPhysicalAddress    :pointer;
63  ProtectMe             :pointer;
64  GetCR4                :pointer;
65  GetCR3                :pointer;
66  SetCR3                :pointer;
67  GetSDT                :pointer;
68  GetSDTShadow          :pointer;
69  setAlternateDebugMethod: pointer;
70  getAlternateDebugMethod: pointer;
71  DebugProcess          :pointer;
72  ChangeRegOnBP         :pointer;
73  RetrieveDebugData     :pointer;
74  StartProcessWatch     :pointer;
75  WaitForProcessListData:pointer;
76  GetProcessNameFromID  :pointer;
77  GetProcessNameFromPEProcess:pointer;
78  KernelOpenProcess       :pointer;
79  KernelReadProcessMemory :pointer;
80  KernelWriteProcessMemory:pointer;
81  KernelVirtualAllocEx    :pointer;
82  IsValidHandle           :pointer;
83  GetIDTCurrentThread     :pointer;
84  GetIDTs                 :pointer;
85  MakeWritable            :pointer;
86  GetLoadedState          :pointer;
87  DBKSuspendThread        :pointer;
88  DBKResumeThread         :pointer;
89  DBKSuspendProcess       :pointer;
90  DBKResumeProcess        :pointer;
91  KernelAlloc             :pointer;
92  GetKProcAddress         :pointer;
93  CreateToolhelp32Snapshot:pointer;
94  Process32First          :pointer;
95  Process32Next           :pointer;
96  Thread32First           :pointer;
97  Thread32Next            :pointer;
98  Module32First           :pointer;
99  Module32Next            :pointer;
100  Heap32ListFirst         :pointer;
101  Heap32ListNext          :pointer;
102
103  //advanced for delphi 7 enterprise dll programmers only
104  mainform                :pointer;
105  memorybrowser           :pointer;
106
107  //version 2 extension:
108  sym_nameToAddress         : pointer;
109  sym_addressToName         : pointer;
110  sym_generateAPIHookScript : pointer;
111
112  //version 3 extension
113  loadDBK32         : pointer;
114  loaddbvmifneeded  : pointer;
115  previousOpcode    : pointer;
116  nextOpcode        : pointer;
117  disassembleEx     : pointer;
118  loadModule        : pointer;
119  aa_AddExtraCommand: pointer;
120  aa_RemoveExtraCommand: pointer;
121end;
122type PExportedFunctions3 = ^TExportedFunctions3;
123
124type TExportedFunctions2 = record
125  sizeofExportedFunctions: integer;
126  showmessage: pointer;
127  registerfunction: pointer;
128  unregisterfunction: pointer;
129  OpenedProcessID: ^dword;
130  OpenedProcessHandle: ^thandle;
131
132  GetMainWindowHandle: pointer;
133  AutoAssemble: pointer;
134  assembler: pointer;
135  disassembler: pointer;
136  ChangeRegistersAtAddress: pointer;
137  InjectDLL: pointer;
138  freezemem: pointer;
139  unfreezemem: pointer;
140  fixmem: pointer;
141  processlist: pointer;
142  reloadsettings: pointer;
143  getaddressfrompointer: pointer;
144
145  //pointers to the address that contains the pointers to the functions
146  ReadProcessMemory     :pointer;
147  WriteProcessMemory    :pointer;
148  GetThreadContext      :pointer;
149  SetThreadContext      :pointer;
150  SuspendThread         :pointer;
151  ResumeThread          :pointer;
152  OpenProcess           :pointer;
153  WaitForDebugEvent     :pointer;
154  ContinueDebugEvent    :pointer;
155  DebugActiveProcess    :pointer;
156  StopDebugging         :pointer;
157  StopRegisterChange    :pointer;
158  VirtualProtect        :pointer;
159  VirtualProtectEx      :pointer;
160  VirtualQueryEx        :pointer;
161  VirtualAllocEx        :pointer;
162  CreateRemoteThread    :pointer;
163  OpenThread            :pointer;
164  GetPEProcess          :pointer;
165  GetPEThread           :pointer;
166  GetThreadsProcessOffset:pointer;
167  GetThreadListEntryOffset:pointer;
168  GetProcessnameOffset  :pointer;
169  GetDebugportOffset    :pointer;
170  GetPhysicalAddress    :pointer;
171  ProtectMe             :pointer;
172  GetCR4                :pointer;
173  GetCR3                :pointer;
174  SetCR3                :pointer;
175  GetSDT                :pointer;
176  GetSDTShadow          :pointer;
177  setAlternateDebugMethod: pointer;
178  getAlternateDebugMethod: pointer;
179  DebugProcess          :pointer;
180  ChangeRegOnBP         :pointer;
181  RetrieveDebugData     :pointer;
182  StartProcessWatch     :pointer;
183  WaitForProcessListData:pointer;
184  GetProcessNameFromID  :pointer;
185  GetProcessNameFromPEProcess:pointer;
186  KernelOpenProcess       :pointer;
187  KernelReadProcessMemory :pointer;
188  KernelWriteProcessMemory:pointer;
189  KernelVirtualAllocEx    :pointer;
190  IsValidHandle           :pointer;
191  GetIDTCurrentThread     :pointer;
192  GetIDTs                 :pointer;
193  MakeWritable            :pointer;
194  GetLoadedState          :pointer;
195  DBKSuspendThread        :pointer;
196  DBKResumeThread         :pointer;
197  DBKSuspendProcess       :pointer;
198  DBKResumeProcess        :pointer;
199  KernelAlloc             :pointer;
200  GetKProcAddress         :pointer;
201  CreateToolhelp32Snapshot:pointer;
202  Process32First          :pointer;
203  Process32Next           :pointer;
204  Thread32First           :pointer;
205  Thread32Next            :pointer;
206  Module32First           :pointer;
207  Module32Next            :pointer;
208  Heap32ListFirst         :pointer;
209  Heap32ListNext          :pointer;
210
211  //advanced for delphi 7 enterprise dll programmers only
212  mainform                :pointer;
213  memorybrowser           :pointer;
214
215  //version 2 extension:
216  sym_nameToAddress         : pointer;
217  sym_addressToName         : pointer;
218  sym_generateAPIHookScript : pointer;
219end;
220type PExportedFunctions2 = ^TExportedFunctions2;
221
222type TExportedFunctions1 = record
223  sizeofExportedFunctions: integer;
224  showmessage: pointer;
225  registerfunction: pointer;
226  unregisterfunction: pointer;
227  OpenedProcessID: ^dword;
228  OpenedProcessHandle: ^thandle;
229
230  GetMainWindowHandle: pointer;
231  AutoAssemble: pointer;
232  assembler: pointer;
233  disassembler: pointer;
234  ChangeRegistersAtAddress: pointer;
235  InjectDLL: pointer;
236  freezemem: pointer;
237  unfreezemem: pointer;
238  fixmem: pointer;
239  processlist: pointer;
240  reloadsettings: pointer;
241  getaddressfrompointer: pointer;
242
243  //pointers to the address that contains the pointers to the functions
244  ReadProcessMemory     :pointer;
245  WriteProcessMemory    :pointer;
246  GetThreadContext      :pointer;
247  SetThreadContext      :pointer;
248  SuspendThread         :pointer;
249  ResumeThread          :pointer;
250  OpenProcess           :pointer;
251  WaitForDebugEvent     :pointer;
252  ContinueDebugEvent    :pointer;
253  DebugActiveProcess    :pointer;
254  StopDebugging         :pointer;
255  StopRegisterChange    :pointer;
256  VirtualProtect        :pointer;
257  VirtualProtectEx      :pointer;
258  VirtualQueryEx        :pointer;
259  VirtualAllocEx        :pointer;
260  CreateRemoteThread    :pointer;
261  OpenThread            :pointer;
262  GetPEProcess          :pointer;
263  GetPEThread           :pointer;
264  GetThreadsProcessOffset:pointer;
265  GetThreadListEntryOffset:pointer;
266  GetProcessnameOffset  :pointer;
267  GetDebugportOffset    :pointer;
268  GetPhysicalAddress    :pointer;
269  ProtectMe             :pointer;
270  GetCR4                :pointer;
271  GetCR3                :pointer;
272  SetCR3                :pointer;
273  GetSDT                :pointer;
274  GetSDTShadow          :pointer;
275  setAlternateDebugMethod: pointer;
276  getAlternateDebugMethod: pointer;
277  DebugProcess          :pointer;
278  ChangeRegOnBP         :pointer;
279  RetrieveDebugData     :pointer;
280  StartProcessWatch     :pointer;
281  WaitForProcessListData:pointer;
282  GetProcessNameFromID  :pointer;
283  GetProcessNameFromPEProcess:pointer;
284  KernelOpenProcess       :pointer;
285  KernelReadProcessMemory :pointer;
286  KernelWriteProcessMemory:pointer;
287  KernelVirtualAllocEx    :pointer;
288  IsValidHandle           :pointer;
289  GetIDTCurrentThread     :pointer;
290  GetIDTs                 :pointer;
291  MakeWritable            :pointer;
292  GetLoadedState          :pointer;
293  DBKSuspendThread        :pointer;
294  DBKResumeThread         :pointer;
295  DBKSuspendProcess       :pointer;
296  DBKResumeProcess        :pointer;
297  KernelAlloc             :pointer;
298  GetKProcAddress         :pointer;
299  CreateToolhelp32Snapshot:pointer;
300  Process32First          :pointer;
301  Process32Next           :pointer;
302  Thread32First           :pointer;
303  Thread32Next            :pointer;
304  Module32First           :pointer;
305  Module32Next            :pointer;
306  Heap32ListFirst         :pointer;
307  Heap32ListNext          :pointer;
308
309  //advanced for delphi 7 enterprise dll programmers only
310  mainform                :pointer;
311  memorybrowser           :pointer;
312  previousOpcode          :pointer;
313end;
314type PExportedFunctions1 = ^TExportedFunctions1; 
315
316//exported functions of the plugin
317type TGetVersion=function(var PluginVersion:TPluginVersion; TPluginVersionSize: integer):BOOL; stdcall;
318type TInitializePlugin=function(var ExportedFunctions: TExportedFunctions3; pluginid: dword):BOOL; stdcall;
319type TDisablePlugin=function:BOOL; stdcall;
320
321
322//plugin type 0:
323//where: rightclick on the address list in the menu plugin, user activated
324type TPlugin0_SelectedRecord=record
325  interpretedaddress: pchar; //pointer to a 255 bytes long string (0 terminated)
326  address: dword; //this is a read-only representaion of the address. Change interpretedaddress if you want to change this
327  ispointer: BOOL; //readonly
328  countoffsets: integer; //readonly
329  offsets: PDWordArray; //pointer to a array of dwords randing from 0 to countoffsets-1 (readonly)
330  description: pchar; //pointer to a 255 bytes long string
331  valuetype: byte;
332  size: byte; //stringlenth or bitlength (max 255);
333end;
334type PPlugin0_SelectedRecord=^TPlugin0_SelectedRecord;
335type TPluginfunction0=function(selectedrecord: PPlugin0_SelectedRecord):bool; stdcall;
336
337//private plugin data
338type TPluginfunctionType0=class
339  public
340    pluginid: integer;
341    functionid: integer;
342    name:string;
343    callback: TPluginfunction0;
344    menuitem: TMenuItem;
345end;
346
347//plugin type 1:
348//where: menu bar under plugins in memory view, user activated
349type TPluginfunction1=function(disassembleraddress: pdword; selected_disassembler_address: pdword; hexviewaddress:pdword ):bool; stdcall;
350
351//private plugin data
352type TPluginfunctionType1=class
353  public
354    pluginid: integer;
355    functionid: integer;
356    name:string;
357    callback: TPluginfunction1;
358    menuitem: TMenuItem;
359end;
360
361
362//plugin type 2:
363//where: when a debug event happens
364type TPluginFunction2=function(debugevent: PDebugEvent):integer; stdcall; //return 0 if you want to let ce handle it as well, 1 if you don't want to let ce handle it as well  (in case of not handling, do ContinueDebugEvent yourself)
365type TPluginfunctionType2=class
366  public
367    pluginid: integer;
368    functionid: integer;
369    callback: TPluginFunction2;
370end;
371
372//plugin type 3:
373//where: a new process created according to the processwatcher
374type TPluginFunction3=function(processid: dword; peprocess:dword; created: BOOL):integer; stdcall;
375type TPluginFunction3Version1=function(processid: dword; peprocess:dword):integer; stdcall;
376type TPluginfunctionType3=class
377  public
378    pluginid: integer;
379    functionid: integer;
380    callback: TPluginfunction3;
381end;
382
383//plugin type 4:
384//where: Functionpointerchange notification
385type TPluginFunction4=function(section: integer):boolean; stdcall;
386type TPluginfunctionType4=class
387  public
388    pluginid: integer;
389    functionid: integer;
390    callback: TPluginFunction4;
391end;
392
393//plugin type 5:
394//where: Main form's menu, plugin
395type TPluginfunction5=procedure; stdcall;
396
397//private plugin data
398type TPluginfunctionType5=class
399  public
400    pluginid: integer;
401    functionid: integer;
402    name:string;
403    callback: TPluginfunction5;
404    menuitem: TMenuItem;
405end;
406
407
408//plugin type 6:
409//where: rightclick context of the disassembler
410type TPluginfunction6=function(selectedAddress: pdword):bool; stdcall;
411type Tpluginfuntion6OnContext=function(selectedAddress: dword; addressofname: pointer):bool; stdcall;
412
413//private plugin data
414type TPluginfunctionType6=class
415  public
416    pluginid: integer;
417    functionid: integer;
418    name:string;
419    callback: TPluginfunction6;
420    callbackOnContext: Tpluginfuntion6OnContext;
421    menuitem: TMenuItem;
422end;
423
424//plugin type 7:
425//where: when a disassembler line is being rendered
426type TPluginFunction7=procedure(address: dword; addressStringPointer: pointer; bytestringpointer: pointer; opcodestringpointer: pointer; specialstringpointer: pointer; textcolor: PColor); stdcall;
427type TPluginfunctionType7=class
428  public
429    pluginid: integer;
430    functionid: integer;
431    callback: TPluginFunction7;
432end;
433
434//plugin type 8
435//where: when the autoassembler is used in the first and 2nd stage
436type TPluginFunction8=procedure(line: ppchar; phase: integer); stdcall;
437type TPluginfunctionType8=class
438  public
439    pluginid: integer;
440    functionid: integer;
441    callback: TPluginFunction8;
442end;
443
444
445
446
447type TPlugin = record
448  dllname: string;
449  filepath: string;
450  hmodule: thandle;
451  name: string;
452  pluginversion: integer;
453  enabled: boolean;
454  GetVersion: TGetVersion;
455  EnablePlugin: TInitializePlugin;
456  DisablePlugin: TDisablePlugin;
457  nextid: integer;
458  RegisteredFunctions0: array of TPluginfunctionType0;
459  RegisteredFunctions1: array of TPluginfunctionType1;
460  RegisteredFunctions2: array of TPluginfunctionType2;
461  RegisteredFunctions3: array of TPluginfunctionType3;
462  RegisteredFunctions4: array of TPluginfunctionType4;
463  RegisteredFunctions5: array of TPluginfunctionType5;
464  RegisteredFunctions6: array of TPluginfunctionType6;
465  RegisteredFunctions7: array of TPluginfunctionType7;
466  RegisteredFunctions8: array of TPluginfunctionType8;
467end;
468
469
470type TPluginHandler=class
471  private
472    pluginMREW: TMultiReadExclusiveWriteSynchronizer;
473    plugins: array of TPlugin;
474    function GetDLLFilePath(pluginid: integer):string;
475  public
476    function GetPluginID(dllname:string):integer;
477    function GetPluginName(dllname:string):string;
478    function LoadPlugin(dllname: string):integer;
479    procedure FillCheckListBox(clb: TCheckListbox);
480    procedure EnablePlugin(pluginid: integer);
481    procedure DisablePlugin(pluginid: integer);
482    procedure handleAutoAssemblerPlugin(line: ppchar; phase: integer);
483    procedure handledisassemblerContextPopup(address: dword);
484    procedure handledisassemblerplugins(address: dword; addressStringPointer: pointer; bytestringpointer: pointer; opcodestringpointer: pointer; specialstringpointer: pointer; textcolor: PColor);
485    function handledebuggerplugins(devent:PDebugEvent):integer;
486    function handlenewprocessplugins(processid: dword; peprocess:dword; created: boolean):boolean;
487    function handlechangedpointers(section: integer):boolean;
488    function registerfunction(pluginid,functiontype:integer; init: pointer):integer;
489    function unregisterfunction(pluginid,functionid: integer): boolean;
490    property dllfilepath[pluginid: integer]: string read getdllfilepath;
491    constructor create;
492end;
493
494var pluginhandler: TPluginhandler;
495    exportedfunctions: TExportedFunctions3;
496
497implementation
498
499uses mainunit,memorybrowserformunit,formsettingsunit, pluginexports, SynHighlighterAA;
500
501function TPluginHandler.GetDLLFilePath(pluginid: integer):string;
502begin
503  pluginMREW.BeginRead;
504  result:=plugins[pluginid].filepath;
505  pluginMREW.EndRead;
506end;
507
508function TPluginHandler.registerfunction(pluginid,functiontype:integer; init: pointer):integer;
509type Tfunction0=record
510  name: pchar;
511  callbackroutine: pointer;
512end;
513type Tfunction1=record
514  name: pchar;
515  callbackroutine: pointer;
516  shortcut: pchar;
517end;
518type TFunction2=record
519  callbackroutine: pointer;
520end;
521type Tfunction6=record
522  name: pchar;
523  callbackroutine: pointer;
524  callbackroutineOnContext: pointer;
525  shortcut: pchar;
526end;
527type PFunction0=^TFunction0;
528type Pfunction1=^TFunction1;   //same
529type Pfunction2=^TFunction2;
530type PFunction3=^TFunction2;
531type PFunction4=^TFunction2;
532type PFunction5=^TFunction1;
533type PFunction6=^TFunction6;
534type PFunction7=^TFunction2;
535type PFunction8=^TFunction2;
536
537var i: integer;
538    newmenuitem: TMenuItem;
539    f0: TPluginfunctionType0;
540    f1: TPluginfunctionType1;
541    f2: TPluginfunctionType2;
542    f3: TPluginfunctionType3;
543    f4: TPluginfunctionType4;
544    f5: TPluginfunctionType5;
545    f6: TPluginfunctionType6;
546    f7: TPluginfunctionType7;
547    f8: TPluginfunctionType8;
548begin
549  result:=-1;
550
551  pluginmrew.BeginWrite;
552  try
553    if pluginid>=length(plugins) then exit;
554
555    case functiontype of
556      0: begin
557           //plugin for the rightclick on the addresslist
558           f0:=TPluginfunctionType0.Create;
559           f0.pluginid:=pluginid;
560           f0.functionid:=plugins[pluginid].nextid;
561           f0.name:=PFunction0(init).name;
562           f0.callback:=PFunction0(init).callbackroutine;
563
564           if not mainform.Plugins1.Visible then
565             mainform.Plugins1.Visible:=true;
566
567           newmenuitem:=tmenuitem.Create(mainform);
568           newmenuitem.Caption:=f0.name;
569           newmenuitem.Tag:=dword(f0);
570           newmenuitem.onclick:=mainform.plugintype0click;
571           mainform.Plugins1.Add(newmenuitem);
572
573           f0.menuitem:=newmenuitem;
574
575           setlength(plugins[pluginid].RegisteredFunctions0,length(plugins[pluginid].RegisteredFunctions0)+1);
576           plugins[pluginid].RegisteredFunctions0[length(plugins[pluginid].RegisteredFunctions0)-1]:=f0;
577
578           result:=plugins[pluginid].nextid;
579         end;
580
581      1: begin
582           //plugin for the memorybrowser
583           f1:=TPluginfunctionType1.Create;
584           f1.pluginid:=pluginid;
585           f1.functionid:=plugins[pluginid].nextid;
586           f1.name:=Pfunction1(init).name;
587           f1.callback:=Pfunction1(init).callbackroutine;
588
589           if not memorybrowser.Plugins1.Visible then
590             memorybrowser.Plugins1.Visible:=true;
591
592           newmenuitem:=tmenuitem.Create(mainform);
593           newmenuitem.Caption:=f1.name;
594           newmenuitem.Tag:=dword(f1);
595           newmenuitem.onclick:=memorybrowser.plugintype1click;
596
597           if plugins[pluginid].pluginversion>1 then
598           begin
599             try
600               newmenuitem.ShortCut:=TextToShortCut(PFunction1(init).shortcut);
601             except
602
603             end;
604           end;           
605           memorybrowser.Plugins1.Add(newmenuitem);
606
607           f1.menuitem:=newmenuitem;
608
609           setlength(plugins[pluginid].Registeredfunctions1,length(plugins[pluginid].Registeredfunctions1)+1);
610           plugins[pluginid].Registeredfunctions1[length(plugins[pluginid].Registeredfunctions1)-1]:=f1;
611
612           result:=plugins[pluginid].nextid;
613         end;
614
615      2: begin
616           //debugger for the memorybrowser
617           f2:=TPluginfunctionType2.Create;
618           f2.pluginid:=pluginid;
619           f2.functionid:=plugins[pluginid].nextid;
620           f2.callback:=Pfunction2(init).callbackroutine;
621
622           setlength(plugins[pluginid].RegisteredFunctions2,length(plugins[pluginid].RegisteredFunctions2)+1);
623           plugins[pluginid].RegisteredFunctions2[length(plugins[pluginid].RegisteredFunctions2)-1]:=f2;
624
625           result:=plugins[pluginid].nextid;
626         end;
627
628      3: begin
629           //process created
630           f3:=TPluginfunctionType3.Create;
631           f3.pluginid:=pluginid;
632           f3.functionid:=plugins[pluginid].nextid;
633           f3.callback:=Pfunction2(init).callbackroutine;
634
635           setlength(plugins[pluginid].Registeredfunctions3, length(plugins[pluginid].Registeredfunctions3)+1);
636           plugins[pluginid].Registeredfunctions3[length(plugins[pluginid].Registeredfunctions3)-1]:=f3;
637
638           result:=plugins[pluginid].nextid;
639         end;
640
641      4: begin
642           //function pointers changed
643           f4:=TPluginfunctionType4.Create;
644           f4.pluginid:=pluginid;
645           f4.functionid:=plugins[pluginid].nextid;
646           f4.callback:=Pfunction2(init).callbackroutine;
647
648           setlength(plugins[pluginid].RegisteredFunctions4, length(plugins[pluginid].Registeredfunctions4)+1);
649           plugins[pluginid].Registeredfunctions4[length(plugins[pluginid].Registeredfunctions4)-1]:=f4;
650
651           result:=plugins[pluginid].nextid;
652         end;
653
654      5: begin
655           //main menu
656           f5:=TPluginfunctionType5.Create;
657           f5.pluginid:=pluginid;
658           f5.functionid:=plugins[pluginid].nextid;
659           f5.name:=Pfunction5(init).name;
660           f5.callback:=Pfunction5(init).callbackroutine;
661
662           if not mainform.Plugins2.Visible then
663             mainform.Plugins2.Visible:=true;
664
665           newmenuitem:=tmenuitem.Create(mainform);
666           newmenuitem.Caption:=f5.name;
667           newmenuitem.Tag:=dword(f5);
668           newmenuitem.onclick:=mainform.plugintype5click;
669
670           try
671             newmenuitem.ShortCut:=TextToShortCut(PFunction5(init).shortcut);
672           except
673
674           end;
675           mainform.Plugins2.Add(newmenuitem);
676
677           f5.menuitem:=newmenuitem;
678
679           setlength(plugins[pluginid].Registeredfunctions5,length(plugins[pluginid].Registeredfunctions5)+1);
680           plugins[pluginid].Registeredfunctions5[length(plugins[pluginid].Registeredfunctions5)-1]:=f5;
681
682           result:=plugins[pluginid].nextid;
683
684         end;
685
686      6: begin
687           //memorybrowser rightclick on disassembler
688           f6:=TPluginfunctionType6.Create;
689           f6.pluginid:=pluginid;
690           f6.functionid:=plugins[pluginid].nextid;
691           f6.name:=Pfunction6(init).name;
692           f6.callback:=Pfunction6(init).callbackroutine;
693           f6.callbackOnContext:=Pfunction6(init).callbackroutineOnContext;
694
695           newmenuitem:=tmenuitem.Create(memorybrowser);
696           newmenuitem.Caption:=f6.name;
697           newmenuitem.Tag:=dword(f6);
698           newmenuitem.onclick:=memorybrowser.plugintype6click;
699
700           memorybrowser.debuggerpopup.Items.Add(newmenuitem);
701           try
702             newmenuitem.ShortCut:=TextToShortCut(PFunction6(init).shortcut);
703           except
704
705           end;
706
707           f6.menuitem:=newmenuitem;
708
709           setlength(plugins[pluginid].Registeredfunctions6,length(plugins[pluginid].Registeredfunctions6)+1);
710           plugins[pluginid].Registeredfunctions6[length(plugins[pluginid].Registeredfunctions6)-1]:=f6;
711
712           result:=plugins[pluginid].nextid;
713
714
715         end;
716
717      7: begin
718           //disassemblerlines render
719           f7:=TPluginfunctionType7.Create;
720           f7.pluginid:=pluginid;
721           f7.functionid:=plugins[pluginid].nextid;
722           f7.callback:=Pfunction7(init).callbackroutine;
723
724           setlength(plugins[pluginid].RegisteredFunctions7,length(plugins[pluginid].RegisteredFunctions7)+1);
725           plugins[pluginid].RegisteredFunctions7[length(plugins[pluginid].RegisteredFunctions7)-1]:=f7;
726
727           result:=plugins[pluginid].nextid;
728         end;
729
730      8: begin
731           //autoassembler
732           f8:=TPluginfunctionType8.Create;
733           f8.pluginid:=pluginid;
734           f8.functionid:=plugins[pluginid].nextid;
735           f8.callback:=Pfunction8(init).callbackroutine;
736
737           setlength(plugins[pluginid].RegisteredFunctions8,length(plugins[pluginid].RegisteredFunctions8)+1);
738           plugins[pluginid].RegisteredFunctions8[length(plugins[pluginid].RegisteredFunctions8)-1]:=f8;
739
740           result:=plugins[pluginid].nextid;
741         end;
742
743
744    end;
745
746    inc(plugins[pluginid].nextid);
747  finally
748    pluginmrew.EndWrite;
749  end;
750end;
751
752function TPluginHandler.unregisterfunction(pluginid,functionid: integer): boolean;
753var i,j: integer;
754    f: ^TPluginfunctionType0;
755begin
756  //remove it
757  result:=false;
758  pluginmrew.BeginWrite;
759  try
760    if pluginid>=length(plugins) then exit;
761
762    //function0 check
763    for i:=0 to length(plugins[pluginid].RegisteredFunctions0)-1 do
764      if plugins[pluginid].RegisteredFunctions0[i].functionid=functionid then
765      begin
766        if plugins[pluginid].RegisteredFunctions0[i].menuitem.Parent<>nil then
767        begin
768          if plugins[pluginid].RegisteredFunctions0[i].menuitem.Parent.Count=1 then
769            plugins[pluginid].RegisteredFunctions0[i].menuitem.Parent.Visible:=false;
770        end;
771        plugins[pluginid].RegisteredFunctions0[i].menuitem.Free;
772        plugins[pluginid].RegisteredFunctions0[i].Free;
773
774        for j:=i to length(plugins[pluginid].RegisteredFunctions0)-2 do
775          plugins[pluginid].RegisteredFunctions0[j]:=plugins[pluginid].RegisteredFunctions0[j+1];
776
777        setlength(plugins[pluginid].RegisteredFunctions0,length(plugins[pluginid].RegisteredFunctions0)-1);
778
779        result:=true;
780        exit;
781      end;
782
783    //function1 check
784    for i:=0 to length(plugins[pluginid].RegisteredFunctions1)-1 do
785      if plugins[pluginid].RegisteredFunctions1[i].functionid=functionid then
786      begin
787        if plugins[pluginid].RegisteredFunctions1[i].menuitem.Parent<>nil then
788        begin
789          if plugins[pluginid].RegisteredFunctions1[i].menuitem.Parent.Count=1 then
790            plugins[pluginid].RegisteredFunctions1[i].menuitem.Parent.Visible:=false;
791        end;
792        plugins[pluginid].RegisteredFunctions1[i].menuitem.Free;
793        plugins[pluginid].RegisteredFunctions1[i].Free;
794
795        for j:=i to length(plugins[pluginid].RegisteredFunctions1)-2 do
796          plugins[pluginid].RegisteredFunctions1[j]:=plugins[pluginid].RegisteredFunctions1[j+1];
797
798        setlength(plugins[pluginid].RegisteredFunctions1,length(plugins[pluginid].RegisteredFunctions1)-1);
799
800        result:=true;
801        exit;
802      end;
803
804    //function2 check
805    for i:=0 to length(plugins[pluginid].RegisteredFunctions2)-1 do
806      if plugins[pluginid].RegisteredFunctions2[i].functionid=functionid then
807      begin
808        plugins[pluginid].RegisteredFunctions2[i].Free;
809
810        for j:=i to length(plugins[pluginid].RegisteredFunctions2)-2 do
811          plugins[pluginid].RegisteredFunctions2[j]:=plugins[pluginid].RegisteredFunctions2[j+1];
812
813        setlength(plugins[pluginid].RegisteredFunctions2,length(plugins[pluginid].RegisteredFunctions2)-1);
814
815        result:=true;
816        exit;
817      end;
818
819    //function3 check (processwatcher)
820    for i:=0 to length(plugins[pluginid].Registeredfunctions3)-1 do
821      if plugins[pluginid].Registeredfunctions3[i].functionid=functionid then
822      begin
823        plugins[pluginid].Registeredfunctions3[i].Free;
824
825        for j:=i to length(plugins[pluginid].Registeredfunctions3)-2 do
826          plugins[pluginid].Registeredfunctions3[j]:=plugins[pluginid].Registeredfunctions3[j+1];
827
828        setlength(plugins[pluginid].Registeredfunctions3,length(plugins[pluginid].Registeredfunctions3)-1);
829
830        result:=true;
831        exit;
832      end;
833
834    //function4 check (changed pointers)
835    for i:=0 to length(plugins[pluginid].RegisteredFunctions4)-1 do
836      if plugins[pluginid].RegisteredFunctions4[i].functionid=functionid then
837      begin
838        plugins[pluginid].RegisteredFunctions4[i].Free;
839
840        for j:=i to length(plugins[pluginid].RegisteredFunctions4)-2 do
841          plugins[pluginid].RegisteredFunctions4[j]:=plugins[pluginid].RegisteredFunctions4[j+1];
842
843        setlength(plugins[pluginid].RegisteredFunctions4,length(plugins[pluginid].RegisteredFunctions4)-1);
844
845        result:=true;
846        exit;
847      end;
848
849    //function5 check
850    for i:=0 to length(plugins[pluginid].RegisteredFunctions5)-1 do
851      if plugins[pluginid].RegisteredFunctions5[i].functionid=functionid then
852      begin
853        if plugins[pluginid].RegisteredFunctions5[i].menuitem.Parent<>nil then
854        begin
855          if plugins[pluginid].RegisteredFunctions5[i].menuitem.Parent.Count=1 then
856            plugins[pluginid].RegisteredFunctions5[i].menuitem.Parent.Visible:=false;
857        end;
858        plugins[pluginid].RegisteredFunctions5[i].menuitem.Free;
859        plugins[pluginid].RegisteredFunctions5[i].Free;
860
861        for j:=i to length(plugins[pluginid].RegisteredFunctions5)-2 do
862          plugins[pluginid].RegisteredFunctions5[j]:=plugins[pluginid].RegisteredFunctions5[j+1];
863
864        setlength(plugins[pluginid].RegisteredFunctions5,length(plugins[pluginid].RegisteredFunctions5)-1);
865
866        result:=true;
867        exit;
868      end;
869
870    //function6 check
871    for i:=0 to length(plugins[pluginid].RegisteredFunctions6)-1 do
872      if plugins[pluginid].RegisteredFunctions6[i].functionid=functionid then
873      begin
874        if plugins[pluginid].RegisteredFunctions6[i].menuitem.Parent<>nil then
875        begin
876          if plugins[pluginid].RegisteredFunctions6[i].menuitem.Parent.Count=1 then
877            plugins[pluginid].RegisteredFunctions6[i].menuitem.Parent.Visible:=false;
878        end;
879        plugins[pluginid].RegisteredFunctions6[i].menuitem.Free;
880        plugins[pluginid].RegisteredFunctions6[i].Free;
881
882        for j:=i to length(plugins[pluginid].RegisteredFunctions6)-2 do
883          plugins[pluginid].RegisteredFunctions6[j]:=plugins[pluginid].RegisteredFunctions6[j+1];
884
885        setlength(plugins[pluginid].RegisteredFunctions6,length(plugins[pluginid].RegisteredFunctions6)-1);
886
887        result:=true;
888        exit;
889      end;
890
891    //function7 check
892    for i:=0 to length(plugins[pluginid].RegisteredFunctions7)-1 do
893      if plugins[pluginid].RegisteredFunctions7[i].functionid=functionid then
894      begin
895        plugins[pluginid].RegisteredFunctions7[i].Free;
896
897        for j:=i to length(plugins[pluginid].RegisteredFunctions7)-2 do
898          plugins[pluginid].RegisteredFunctions7[j]:=plugins[pluginid].RegisteredFunctions7[j+1];
899
900        setlength(plugins[pluginid].RegisteredFunctions7,length(plugins[pluginid].RegisteredFunctions7)-1);
901
902        result:=true;
903        exit;
904      end;
905
906    //function8 check
907    for i:=0 to length(plugins[pluginid].RegisteredFunctions8)-1 do
908      if plugins[pluginid].RegisteredFunctions8[i].functionid=functionid then
909      begin
910        plugins[pluginid].RegisteredFunctions8[i].Free;
911
912        for j:=i to length(plugins[pluginid].RegisteredFunctions8)-2 do
913          plugins[pluginid].RegisteredFunctions8[j]:=plugins[pluginid].RegisteredFunctions8[j+1];
914
915        setlength(plugins[pluginid].RegisteredFunctions8,length(plugins[pluginid].RegisteredFunctions8)-1);
916
917        result:=true;
918        exit;
919      end;
920
921
922  finally
923    pluginmrew.EndWrite;
924  end;
925end;
926
927procedure TPluginHandler.EnablePlugin(pluginid: integer);
928var e: texportedfunctions3;
929    x: boolean;
930begin
931  e:=exportedfunctions;  //save it to prevent plugins from fucking it up
932
933  if plugins[pluginid].pluginversion=1 then
934    e.sizeofExportedFunctions:=sizeof(Texportedfunctions1); //Just say it's smaller (order stays the same)
935
936  if plugins[pluginid].pluginversion=2 then
937    e.sizeofExportedFunctions:=sizeof(Texportedfunctions2);
938
939  pluginMREW.BeginRead;
940  if pluginid>=length(plugins) then exit;
941 
942  try
943    if not plugins[pluginid].enabled then
944    begin
945      x:=plugins[pluginid].EnablePlugin(e,pluginid);
946      if not x then raise exception.Create('Error enabling '+plugins[pluginid].dllname);
947      plugins[pluginid].enabled:=true;
948    end;
949  finally
950    pluginMREW.EndRead;
951  end;
952end;
953
954procedure TPluginHandler.DisablePlugin(pluginid: integer);
955var i: integer;
956begin
957  pluginMREW.BeginRead;
958  try
959    if plugins[pluginid].enabled then
960    begin
961      if not plugins[pluginid].DisablePlugin() then raise exception.Create('Error disabling '+plugins[pluginid].dllname);
962      plugins[pluginid].enabled:=false;
963
964      //unregister all functions
965//      for i:=0 to
966
967      while length(plugins[pluginid].Registeredfunctions0)>0 do
968        unregisterfunction(pluginid,plugins[pluginid].Registeredfunctions0[0].functionid);
969
970      while length(plugins[pluginid].Registeredfunctions1)>0 do
971        unregisterfunction(pluginid,plugins[pluginid].Registeredfunctions1[0].functionid);
972
973      while length(plugins[pluginid].Registeredfunctions2)>0 do
974        unregisterfunction(pluginid,plugins[pluginid].Registeredfunctions2[0].functionid);
975
976      while length(plugins[pluginid].Registeredfunctions3)>0 do
977        unregisterfunction(pluginid,plugins[pluginid].Registeredfunctions3[0].functionid);
978
979      while length(plugins[pluginid].Registeredfunctions4)>0 do
980        unregisterfunction(pluginid,plugins[pluginid].Registeredfunctions4[0].functionid);
981
982      while length(plugins[pluginid].Registeredfunctions5)>0 do
983        unregisterfunction(pluginid,plugins[pluginid].Registeredfunctions5[0].functionid);
984
985      while length(plugins[pluginid].Registeredfunctions6)>0 do
986        unregisterfunction(pluginid,plugins[pluginid].Registeredfunctions6[0].functionid);
987
988      while length(plugins[pluginid].Registeredfunctions7)>0 do
989        unregisterfunction(pluginid,plugins[pluginid].Registeredfunctions7[0].functionid);
990
991      while length(plugins[pluginid].Registeredfunctions8)>0 do
992        unregisterfunction(pluginid,plugins[pluginid].Registeredfunctions8[0].functionid);
993
994    end;
995  finally
996    pluginMREW.EndRead;
997  end;
998end;
999
1000function TPluginHandler.GetPluginName(dllname:string):string;
1001var hmodule: thandle;
1002    GetVersion: TGetVersion;
1003    PluginVersion: TPluginVersion;
1004begin
1005  result:='';
1006  if uppercase(extractfileext(dllname))<>'.DLL' then raise exception.Create('Error loading '+dllname+'. Only DLL files are allowed');
1007  hmodule:=loadlibrary(pchar(dllname));
1008  GetVersion:=getprocaddress(hmodule,'GetVersion');
1009
1010  if getprocaddress(hmodule,'InitializePlugin')=nil then raise exception.Create(dllname+' is missing the InitializePlugin export');
1011  if getprocaddress(hmodule,'DisablePlugin')=nil then raise exception.Create(dllname+' is missing the DisablePlugin export');
1012
1013  if @GetVersion=nil then raise exception.Create('Error loading '+dllname+'. The dll is missing the GetVersion function');
1014  if GetVersion(PluginVersion,sizeof(TPluginVersion)) then
1015    result:=PluginVersion.pluginname;
1016
1017  freelibrary(hmodule);
1018end;
1019
1020function TPluginHandler.GetPluginID(dllname:string):integer;
1021var dname: string;
1022    i: integer;
1023begin
1024  result:=-1;
1025  dname:=uppercase(extractfilename(dllname));
1026  pluginMREW.BeginRead;
1027  for i:=0 to length(plugins)-1 do
1028  begin
1029    if uppercase(plugins[i].dllname)=dname then
1030    begin
1031      result:=i;
1032      exit;
1033    end;
1034  end;
1035
1036  pluginMREW.EndRead;
1037end;
1038
1039
1040function TPluginHandler.LoadPlugin(dllname:string):integer;
1041var hmodule: thandle;
1042    GetVersion: TGetVersion;
1043    PluginVersion: TPluginVersion;
1044    s: string;
1045    i: integer;
1046begin
1047  result:=0;
1048  if uppercase(extractfileext(dllname))<>'.DLL' then raise exception.Create('Error loading '+dllname+'. Only DLL files are allowed');
1049
1050  s:=uppercase(extractfilename(dllname));
1051  pluginMREW.BeginRead;
1052  try
1053    for i:=0 to length(plugins)-1 do
1054    begin
1055      //check if it was loaded already or not
1056      if s=uppercase(plugins[length(plugins)-1].dllname) then
1057      begin
1058        result:=i;
1059        exit; //already in the list so no need to load again
1060      end;
1061    end;
1062  finally
1063    pluginMREW.EndRead;
1064  end;
1065
1066  hmodule:=loadlibrary(pchar(dllname));
1067  GetVersion:=getprocaddress(hmodule,'GetVersion');
1068
1069  if @GetVersion=nil then raise exception.Create('Error loading '+dllname+'. The dll is missing the GetVersion function');
1070  if GetVersion(PluginVersion,sizeof(TPluginVersion)) then
1071  begin
1072    if PluginVersion.version>currentpluginversion then
1073      raise exception.Create('Error loading '+dllname+'. This dll requires a newer version of ce to function properly');
1074
1075    pluginMREW.BeginWrite;
1076    try
1077      try
1078        setlength(plugins,length(plugins)+1);
1079        plugins[length(plugins)-1].pluginversion:=PluginVersion.version;
1080        plugins[length(plugins)-1].dllname:=extractfilename(dllname);
1081        plugins[length(plugins)-1].filepath:=GetRelativeFilePath(dllname);
1082        plugins[length(plugins)-1].hmodule:=hmodule;
1083        plugins[length(plugins)-1].name:=PluginVersion.pluginname;
1084        plugins[length(plugins)-1].GetVersion:=getprocaddress(hmodule,'GetVersion');
1085        plugins[length(plugins)-1].EnablePlugin:=getprocaddress(hmodule,'InitializePlugin');
1086        plugins[length(plugins)-1].DisablePlugin:=getprocaddress(hmodule,'DisablePlugin');
1087        plugins[length(plugins)-1].nextid:=1;
1088
1089        if @plugins[length(plugins)-1].EnablePlugin=nil then raise exception.Create(dllname+' is missing the InitializePlugin export');
1090        if @plugins[length(plugins)-1].DisablePlugin=nil then raise exception.Create(dllname+' is missing the DisablePlugin export');
1091        result:=length(plugins)-1;
1092      except
1093        on e: exception do
1094        begin
1095          setlength(plugins,length(plugins)-1);
1096          raise e;
1097        end;
1098      end;
1099    finally
1100      pluginMREW.EndWrite;
1101    end;
1102
1103  end else raise exception.Create('Error loading '+dllname+'. The GetVersion function returned FALSE');
1104end;
1105
1106
1107procedure TPluginHandler.FillCheckListBox(clb: TCheckListbox);
1108var i,j: integer;
1109    x:Tpathspecifier;
1110begin
1111  for i:=0 to clb.Count-1 do
1112    Tpathspecifier(clb.Items.Objects[i]).Free;
1113
1114  clb.Clear;
1115  pluginMREW.BeginRead;
1116  for i:=0 to length(plugins)-1 do
1117  begin
1118    x:=TPathSpecifier.Create;
1119    x.path:=plugins[i].filepath;
1120    j:=clb.Items.AddObject(plugins[i].dllname+':'+plugins[i].name,x);
1121    clb.Checked[j]:=plugins[i].enabled;
1122  end;
1123  pluginMREW.EndRead;
1124end;
1125
1126procedure TPluginHandler.handleAutoAssemblerPlugin(line: ppchar; phase: integer);
1127var i,j: integer;
1128begin
1129  pluginMREW.BeginRead;
1130  try
1131    for i:=0 to length(plugins)-1 do
1132      for j:=0 to length(plugins[i].RegisteredFunctions8)-1 do
1133        plugins[i].RegisteredFunctions8[j].callback(line,phase);
1134  finally
1135    pluginMREW.EndRead;
1136  end;
1137end;
1138
1139procedure TPluginHandler.handledisassemblerContextPopup(address: dword);
1140var i,j: integer;
1141    addressofmenuitemstring: pchar;
1142    s: string;
1143begin
1144  pluginMREW.BeginRead;
1145  try
1146    for i:=0 to length(plugins)-1 do
1147      for j:=0 to length(plugins[i].RegisteredFunctions6)-1 do
1148      begin
1149        s:=plugins[i].RegisteredFunctions6[j].menuitem.Caption;
1150        addressofmenuitemstring:=@s[1];
1151        plugins[i].RegisteredFunctions6[j].callbackOnContext(address, @addressofmenuitemstring);
1152        plugins[i].RegisteredFunctions6[j].menuitem.Caption:=addressofmenuitemstring;
1153      end;
1154  finally
1155    pluginMREW.EndRead;
1156  end;
1157end;
1158
1159procedure TPluginHandler.handledisassemblerplugins(address: dword; addressStringPointer: pointer; bytestringpointer: pointer; opcodestringpointer: pointer; specialstringpointer: pointer; textcolor: PColor);
1160var i,j: integer;
1161begin
1162  pluginMREW.BeginRead;
1163  try
1164    for i:=0 to length(plugins)-1 do
1165      for j:=0 to length(plugins[i].RegisteredFunctions7)-1 do
1166        plugins[i].RegisteredFunctions7[j].callback(address, addressStringPointer, bytestringpointer, opcodestringpointer, specialstringpointer, textcolor);
1167  finally
1168    pluginMREW.EndRead;
1169  end;
1170end;
1171
1172function TPluginHandler.handledebuggerplugins(devent: PDebugEvent):integer;
1173var i,j: integer;
1174begin
1175  result:=0;
1176  pluginMREW.BeginRead;
1177  try
1178    for i:=0 to length(plugins)-1 do
1179      for j:=0 to length(plugins[i].RegisteredFunctions2)-1 do
1180        if plugins[i].RegisteredFunctions2[j].callback(devent)=1 then result:=1;
1181  finally
1182    pluginMREW.EndRead;
1183  end;
1184end;
1185
1186function TPluginHandler.handlenewprocessplugins(processid: dword; peprocess:dword; created: boolean):boolean;
1187var i,j: integer;
1188begin
1189  result:=true;
1190  pluginMREW.BeginRead;
1191  try
1192    for i:=0 to length(plugins)-1 do
1193      for j:=0 to length(plugins[i].Registeredfunctions3)-1 do
1194      begin
1195        if plugins[i].pluginversion=1 then
1196          TPluginFunction3Version1(plugins[i].Registeredfunctions3[j].callback)(processid,peprocess)
1197        else
1198          plugins[i].Registeredfunctions3[j].callback(processid,peprocess, created);
1199      end;
1200  finally
1201    pluginMREW.EndRead;
1202  end;
1203end;
1204
1205function TPluginHandler.handlechangedpointers(section: integer):boolean;
1206var i,j: integer;
1207begin
1208  result:=true;
1209  pluginMREW.BeginRead;
1210  try
1211    for i:=0 to length(plugins)-1 do
1212      for j:=0 to length(plugins[i].RegisteredFunctions4)-1 do
1213        plugins[i].RegisteredFunctions4[j].callback(section);
1214  finally
1215    pluginMREW.EndRead;
1216  end;
1217end;
1218
1219
1220constructor TPluginHandler.create;
1221var test: pchar;
1222begin
1223  pluginMREW:=TMultiReadExclusiveWriteSynchronizer.Create;
1224  exportedfunctions.sizeofExportedFunctions:=sizeof(TExportedFunctions3);
1225  exportedfunctions.showmessage:=@ce_showmessage;
1226  exportedfunctions.registerfunction:=@ce_registerfunction;
1227  exportedfunctions.unregisterfunction:=@ce_unregisterfunction;
1228  exportedfunctions.OpenedProcessID:=@processhandler.processid;
1229  exportedfunctions.OpenedProcessHandle:=@processhandler.processhandle;
1230
1231
1232  exportedfunctions.GetMainWindowHandle:=@ce_GetMainWindowHandle;
1233  exportedfunctions.AutoAssemble:=@ce_autoassemble;
1234  exportedfunctions.assembler:=@ce_assembler;
1235  exportedfunctions.disassembler:=@ce_disassembler;
1236  exportedfunctions.ChangeRegistersAtAddress:=@ce_ChangeRegistersAtAddress;
1237  exportedfunctions.InjectDLL:=@ce_injectdll;
1238  exportedfunctions.freezemem:=@ce_freezemem;
1239  exportedfunctions.unfreezemem:=@ce_unfreezemem;
1240  exportedfunctions.fixmem:=nil; //obsolete
1241  exportedfunctions.processlist:=@ce_processlist;
1242  exportedfunctions.reloadsettings:=@ce_reloadsettings;
1243  exportedfunctions.getaddressfrompointer:=@ce_getaddressfrompointer;
1244
1245
1246  //pointers to the address that contains the pointers to the functions
1247  exportedfunctions.ReadProcessMemory:=@@ReadProcessMemory;
1248  exportedfunctions.WriteProcessMemory:=@@WriteProcessMemory;
1249  exportedfunctions.GetThreadContext:=@@GetThreadContext;
1250  exportedfunctions.SetThreadContext:=@@SetThreadContext;
1251  exportedfunctions.SuspendThread:=@@SuspendThread;
1252  exportedfunctions.ResumeThread:=@@ResumeThread;
1253  exportedfunctions.OpenProcess:=@@OpenProcess;
1254  exportedfunctions.WaitForDebugEvent:=@@WaitForDebugEvent;
1255  exportedfunctions.ContinueDebugEvent:=@@ContinueDebugEvent;
1256  exportedfunctions.DebugActiveProcess:=@@DebugActiveProcess;
1257  exportedfunctions.StopDebugging:=nil;
1258  exportedfunctions.StopRegisterChange:=nil; //@@StopRegisterChange;
1259  exportedfunctions.VirtualProtect:=@@VirtualProtect;
1260  exportedfunctions.VirtualProtectEx:=@@VirtualProtectEx;
1261  exportedfunctions.VirtualQueryEx:=@@VirtualQueryEx;
1262  exportedfunctions.VirtualAllocEx:=@@VirtualAllocEx;
1263  exportedfunctions.CreateRemoteThread:=@@CreateRemoteThread;
1264  exportedfunctions.OpenThread:=@@OpenThread;
1265  exportedfunctions.GetPEProcess:=@@GetPEProcess;
1266  exportedfunctions.GetPEThread:=@@GetPEThread;
1267  exportedfunctions.GetThreadsProcessOffset:=@@GetThreadsProcessOffset;
1268  exportedfunctions.GetThreadListEntryOffset:=@@GetThreadListEntryOffset;
1269  exportedfunctions.GetProcessnameOffset:=@@GetProcessnameOffset;
1270  exportedfunctions.GetDebugportOffset:=@@GetDebugportOffset;
1271  exportedfunctions.GetPhysicalAddress:=@@GetPhysicalAddress;
1272  exportedfunctions.ProtectMe:=nil;
1273  exportedfunctions.GetCR4:=@@GetCR4;
1274  exportedfunctions.GetCR3:=@@GetCR3;
1275  exportedfunctions.SetCR3:=@@SetCR3;
1276  exportedfunctions.GetSDT:=@@GetSDT;
1277  exportedfunctions.GetSDTShadow:=@@GetSDTShadow;
1278  exportedfunctions.setAlternateDebugMethod:=nil; //@@setAlternateDebugMethod;
1279  exportedfunctions.getAlternateDebugMethod:=nil; //@@getAlternateDebugMethod;
1280  exportedfunctions.DebugProcess:=nil; //@@DebugProcess;
1281  exportedfunctions.ChangeRegOnBP:=nil; //@@ChangeRegOnBP;
1282  exportedfunctions.RetrieveDebugData:=nil; //@@RetrieveDebugData;
1283  exportedfunctions.StartProcessWatch:=@@StartProcessWatch;
1284  exportedfunctions.WaitForProcessListData:=@@WaitForProcessListData;
1285  exportedfunctions.GetProcessNameFromID:=@@GetProcessNameFromID;
1286  exportedfunctions.GetProcessNameFromPEProcess:=@@GetProcessNameFromPEProcess;
1287  exportedfunctions.KernelOpenProcess:=@@KernelOpenProcess;
1288  exportedfunctions.KernelReadProcessMemory:=@@KernelReadProcessMemory;
1289  exportedfunctions.KernelWriteProcessMemory:=@@KernelWriteProcessMemory;
1290  exportedfunctions.KernelVirtualAllocEx:=@@KernelVirtualAllocEx;
1291  exportedfunctions.IsValidHandle:=@@IsValidHandle;
1292  exportedfunctions.GetIDTCurrentThread:=@@GetIDTCurrentThread;
1293  exportedfunctions.GetIDTs:=@@GetIDTs;
1294  exportedfunctions.MakeWritable:=@@MakeWritable;
1295  exportedfunctions.GetLoadedState:=@@GetLoadedState;
1296  exportedfunctions.DBKSuspendThread:=@@DBKSuspendThread;
1297  exportedfunctions.DBKResumeThread:=@@DBKResumeThread;
1298  exportedfunctions.DBKSuspendProcess:=@@DBKSuspendProcess;
1299  exportedfunctions.DBKResumeProcess:=@@DBKResumeProcess;
1300  exportedfunctions.KernelAlloc:=@@KernelAlloc;
1301  exportedfunctions.GetKProcAddress:=@@GetKProcAddress;
1302
1303  exportedfunctions.CreateToolhelp32Snapshot:=@@CreateToolhelp32Snapshot;
1304  exportedfunctions.Process32First:=@@Process32First;
1305  exportedfunctions.Process32Next:=@@Process32Next;
1306  exportedfunctions.Thread32First:=@@Thread32First;
1307  exportedfunctions.Thread32Next:=@@Thread32Next;
1308  exportedfunctions.Module32First:=@@Module32First;
1309  exportedfunctions.Module32Next:=@@Module32Next;
1310  exportedfunctions.Heap32ListFirst:=@@Heap32ListFirst;
1311  exportedfunctions.Heap32ListNext:=@@Heap32ListNext;
1312
1313
1314
1315  //give the address of the variable since there is a change they arn't initialized just yet...
1316  exportedfunctions.mainform:=@mainform;
1317  exportedfunctions.memorybrowser:=@memorybrowser;
1318
1319  //version2 init:
1320  exportedfunctions.sym_nameToAddress:=@ce_sym_nameToAddress;
1321  exportedfunctions.sym_addressToName:=@ce_sym_addressToName;
1322  exportedfunctions.sym_generateAPIHookScript:=@ce_generateAPIHookScript;
1323
1324  //version3 init
1325  exportedfunctions.loadDBK32:=@LoadDBK32;
1326  exportedfunctions.loaddbvmifneeded:=@loaddbvmifneeded;
1327  exportedfunctions.previousOpcode:=@ce_previousOpcode;
1328  exportedfunctions.nextOpcode:=@ce_nextOpcode;
1329  exportedfunctions.disassembleEx:=@ce_disassemble;
1330  exportedfunctions.loadModule:=@ce_loadModule;
1331
1332  exportedfunctions.aa_AddExtraCommand:=@aa_AddExtraCommand;
1333  exportedfunctions.aa_RemoveExtraCommand:=@aa_RemoveExtraCommand;
1334
1335end;
1336
1337end.
1338
Note: See TracBrowser for help on using the browser.