no memory r/w access breakpoint api

x64dbg / x64dbgpy

Automating x64dbg using Python, Snapshots:

https://ci.appveyor.com/project/mrexodia/x64dbg-python/build/artifacts

MIT License

1.47k stars 70 forks source link

no memory r/w access breakpoint api #19

Closed kismp123 closed 6 years ago

kismp123 commented 6 years ago

Hi! first of all, I want to say thank you. it's really helpful for unpacking programs. ( unpacking really fun !)

is exist memory r/w access breakpoint api? memory r/w access breakpoint means breakpoint on one section.

SCRIPT_EXPORT bool SetBreakpoint(duint address);
SCRIPT_EXPORT bool DeleteBreakpoint(duint address);
SCRIPT_EXPORT bool DisableBreakpoint(duint address);
SCRIPT_EXPORT bool SetHardwareBreakpoint(duint address, HardwareType type = HardwareExecute);
SCRIPT_EXPORT bool DeleteHardwareBreakpoint(duint address);

SetBreakpoint api looks like software breakpoint. and SetHardwareBreakpoint is Hardwarebreakpoint.

if you add script api about r/w access, I'm really thankful Best regards.

mrexodia commented 6 years ago

You can use the SetMemoryBPX command for now.

kismp123 commented 6 years ago

Thank you! I've noticed document now ! but how can I use SetMemoryBPX? NameError : name "SetMemoryBPX" is not defined :(

mrexodia commented 6 years ago

You have to execute it as an x64dbg command so DbgCmdExecDirect("SetMemoryBPX ...")

kismp123 commented 6 years ago

Thank you!

kismp123 commented 6 years ago

sorry again. I couldn't found DbgCmdExecDirect function.

I've found in bridgemain.h

BRIDGE_IMPEXP bool DbgCmdExecDirect(const char* cmd);

but I couldn't found python function

Help on module x64dbgpy.pluginsdk.bridgemain in x64dbgpy.pluginsdk:

NAME
    x64dbgpy.pluginsdk.bridgemain

FILE
    c:\x64dbg\release\x32\plugins\x64dbgpy\x64dbgpy\pluginsdk\bridgemain.py

FUNCTIONS
    DbgIsDebugging()

    GuiGetLineWindow(title='')

    GuiGetWindowHandle()

    GuiLogClear()

    GuiUpdateAllViews()

DATA
    GUI_MAX_LINE_SIZE = 65536

I've typed command "x64dbgpy.pluginsdk.bridgemain.DbgCmdExecDirect" couldn't found.

Traceback (most recent call last):
  File "<string>", line 1, in <module>
AttributeError: 'module' object has no attribute 'DbgCmdExecDirect'

or is exists to disassemble address? and is exists to get instruction size ? Thank you

techbliss commented 6 years ago

@kismp123

DbgCmdExecDirect("") Uses the command system from c++ to set the memory breakpoint with the command "SetMemoryBPX", that is why you wont find it in the python API.

mrexodia commented 6 years ago

It should be in the python api somewhere, I used it multiple times... On Tue, 21 Nov 2017 at 15:15, Storm Shadow notifications@github.com wrote:

@kismp123 https://github.com/kismp123

DbgCmdExecDirect("") Means its uses the command system from c++ to set the memory breakpoint, that is why you wont find it in the python API.

— You are receiving this because you commented.

Reply to this email directly, view it on GitHub https://github.com/x64dbg/x64dbgpy/issues/19#issuecomment-346038490, or mute the thread https://github.com/notifications/unsubscribe-auth/ACWCmXdRviv-nM-IYx7TSdpmDGiSY_POks5s4tqegaJpZM4QcoHQ .

mrexodia commented 6 years ago

@kismp123 See https://github.com/x64dbg/Scripts/blob/master/UpxUnpacker.py for an example of DbgCmdExecDirect

kismp123 commented 6 years ago

Thank you again! 👍