GithubHelp home page GithubHelp logo

x64dbg / titanengine Goto Github PK

View Code? Open in Web Editor NEW
352.0 25.0 78.0 13.12 MB

TitanEngine Community Edition. Debug engine used by x64dbg.

Home Page: https://x64dbg.com

License: GNU Lesser General Public License v3.0

C 22.36% C++ 77.59% Shell 0.05% Batchfile 0.01%

titanengine's Introduction

This is a bugfixed & enhanced version of TitanEngine v2.0.3

The following things have been fixed/added (list might be incomplete):
- fixed memory breakpoints in general
- fixed harware breakpoints in general
- only report exceptions that are unhandled by the debugger
- working on x64 (previously there was a structure alignment problem)
- some code commenting
- fixed DumpProcessExW (found/fix provided by Aguila)
- added a callback on the system breakpoint
- added memory breakpoints on execute
- added QWORD hardware breakpoints
- smaller and faster DLL loaders
- supports multiple calling conventions (including the callbacks)
- MinGW import libraries
- fixed exception handling
- Importer functions use Scyllas business logic now, much more accurate
- updated distorm lib to v3, was v1
- countless code improvements

NOTE: LUA, Python, MASM and Delphi might not work correctly
      Mainly because their headers havent been adjusted 
      to these changes. However this is easy. Compare with 
      C/C++ headers, fix it up and send us.
      
      
If you are good with these kinda codes, please help review, do pull-requests, 
and criticize what you think can be be improved !

You can discuss with us here 
http://forum.tuts4you.com/forum/138-titanengine-community-edition/

titanengine's People

Contributors

herz3h avatar m417z avatar mattiwatti avatar mrexodia avatar ntquery avatar philicious avatar shocoman avatar therealdreg avatar zehmatt avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Forkers

hateregistry fcccode nevinhappy damen0909 mattiwatti kimchangyoun attackgithub snemes eminsight gitmesam asdlei99 zanzo420 zk2013 fxdchzd levanvn sjhgithub 751620780 layerfsd raimundojimenez toriany zhangyugu elpuma hackr617 comfanter spritutu wenkai-y asll666 mrdellis pmarkive 5433d-r32433 sovey668 rdbo shhoya sxyhack randydom classicvalues kycgni xe24vc ahmedzero inno157 darkprof83 heguoxing98 xu7103224 1002753959 magicalsun xykyo c0rtado amesianx gmh5225 newmsk my1forks awggg shonker beyoungv tienhuyvonguyen sneaky-amxx mensong aapcer peakster2 jjzhang166 hanbim520 fengjixuchui webstorage119 shzhbook shocoman wohengbangbang zehmatt ethicalsecurity-agency assarbad reanimatedmanx austinti yugrff sysfce2 x-ecutionner 2254649642 omar-hesham arry-eng

titanengine's Issues

Why library loaded uses file mappings for name

I'd like to spend some time to improve the library loader in x64dbg, to call exports and such like olly allows. When i was browsing the source i noticed that the dll name is communicated by a 'weird' usage of file mappings between titan engine and the loader exe. It creates a file mapping in titan engine side

TitanEngine/TitanEngine/TitanEngine.Debugger.cpp

Line 505 in 7976be4

wchar_t* szLibraryPathMapping = (wchar_t*)MapViewOfFile(DebugDLLFileMapping, FILE_MAP_ALL_ACCESS, 0, 0, 512 * sizeof(wchar_t));
and writes dll name, then opens this mapping on the loader side

TitanEngine/TitanEngineLoaders/LibraryLoader/LibraryLoader.cpp

Line 13 in 7976be4

const wchar_t* szLibraryPathMapping = (const wchar_t*)MapViewOfFile(hMapFile, FILE_MAP_READ, 0, 0, sizeof(szLibraryPath));
. Why not just pass the arguments via command line?

Additionally since i will be spending time on a new loader, are there any specific desires about how this should be implemented or features to be added?

File handle remains open after call to MapFileEx()

When loading a new executable file for debugging, MapFileEx() is used to map it to memory after opening a handle to the file. The resulting handle is not closed afterwards and left open during further execution.

TitanEngine/TitanEngine/TitanEngine.Static.cpp

Lines 13 to 16 in 7976be4

if(MapFileEx(szFileName, DesiredAccess, FileHandle, LoadedSize, FileMap, FileMapVA, NULL))
{
return true;
}

This enables an anti-debugging technique where the process can attempt to open its own executable file for exclusive access, but will fail receiving an INVALID_HANDLE_VALUE instead of a valid handle.

My suggestion would be to close the handle before returning. But since I am not familiar with the code base, I decided to open an issue first.

Windows on ARM build

It would be nice if x64dbg could be used in Windows on ARM machines natively. This can be approached in two phases:

  • Phase 1: Compile x64dbg for ARM64, but only with support for debugging x86 and x64 binaries
  • Phase 2: Add support for debugging ARM64 binaries

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.