def dbg_run_to(self, pid, tid=0, ea=0):
# print("dbg_run_to 0x%x pid=%d" % (ea, pid))
if self.line_trace:
ida_dbg.enable_insn_trace(True)
ida_dbg.enable_step_trace(True)
ida_dbg.request_continue_process()
ida_dbg.run_requests()
def dbg_run_to(self, pid, tid=0, ea=0):
# this hook is called once execution reaches temporary breakpoint set by run_to(ep) below
if not self.epReached:
ida_dbg.refresh_debugger_memory()
self._log("reached entry point at 0x%X" % ida_dbg.get_reg_val("EIP"))
self._log("current step trace options: %x" % ida_dbg.get_step_trace_options())
self.epReached = True
# enable step tracing (single-step the program and generate dbg_trace events)
ida_dbg.request_enable_step_trace(1)
# change options to only "over debugger segments" (i.e. library functions will be traced)
ida_dbg.request_set_step_trace_options(ida_dbg.ST_OVER_DEBUG_SEG)
ida_dbg.request_continue_process()
ida_dbg.run_requests()
def dbg_bpt(self, tid, ea):
print("Break point at 0x%x tid=%d" % (ea, tid))
if (ea == self.start_ea):
print("auto suspend_other_thread")
suspend_other_thread()
ida_dbg.request_clear_trace()
ida_dbg.run_requests()
ida_dbg.enable_insn_trace(True)
ida_dbg.enable_step_trace(True)
#
if ea in self.end_ea:
ida_dbg.enable_insn_trace(False)
ida_dbg.enable_step_trace(False)
#ida_dbg.suspend_process()
print("auto resume_other_thread")
resume_other_thread()
#
return 0
def dbg_trace(self, tid, ea):
# print("Trace tid=%d ea=0x%x" % (tid, ea))
# return values:
# 1 - do not log this trace event;
# 0 - log it
if self.line_trace:
# if ((base <= ea) and (ea <= (base + size)) ):
if base <= ea <= (base + size):
in_mine_so = True
else:
in_mine_so = False
self.trace_size += 1
if (not in_mine_so) or (ea in self.skip_functions):
if (self.trace_lr != 0) and (self.trace_step_into_count <
self.trace_step_into_size):
self.trace_step_into_count += 1
return 0
if (self.trace_lr != 0) and (self.trace_step_into_count
== self.trace_step_into_size):
ida_dbg.enable_insn_trace(False)
ida_dbg.enable_step_trace(False)
ida_dbg.suspend_process()
if self.trace_size > self.trace_total_size:
self.trace_size = 0
ida_dbg.request_clear_trace()
ida_dbg.run_requests()
ida_dbg.request_run_to(self.trace_lr)
ida_dbg.run_requests()
self.trace_lr = 0
self.trace_step_into_count = 0
return 0
if self.trace_lr == 0:
self.trace_lr = my_get_reg_value(
"X30") # arm thumb LR arm64 X30
return 0
def dbg_trace(self, tid, ea):
#print("Trace tid=%d ea=0x%x" % (tid, ea))
# return values:
# 1 - do not log this trace event;
# 0 - log it
if self.line_trace:
in_mine_so = False
for module_info in self.modules_info:
# print (module_info)
so_base = module_info["base"]
so_size = module_info["size"]
if so_base <= ea <= (so_base + so_size):
in_mine_so = True
break
self.trace_size += 1
if (not in_mine_so) or (ea in self.skip_functions):
if (self.trace_lr != 0) and (self.trace_step_into_count < self.trace_step_into_size):
self.trace_step_into_count += 1
return 0
if (self.trace_lr != 0) and (self.trace_step_into_count == self.trace_step_into_size):
ida_dbg.enable_insn_trace(False)
ida_dbg.enable_step_trace(False)
ida_dbg.suspend_process()
if self.trace_size > self.trace_total_size:
self.trace_size = 0
ida_dbg.request_clear_trace()
ida_dbg.run_requests()
ida_dbg.request_run_to(self.trace_lr & 0xFFFFFFFE)
ida_dbg.run_requests()
self.trace_lr = 0
self.trace_step_into_count = 0
return 0
if self.trace_lr == 0:
self.trace_lr = my_get_reg_value("LR")
return 0
eip = ida_dbg.get_reg_val("EIP")
disasm = ida_lines.tag_remove(
ida_lines.generate_disasm_line(
eip))
self.log("Step over: EIP=0x%x, disassembly=%s" % (eip, disasm))
self.steps += 1
if self.steps >= 5:
ida_dbg.request_exit_process()
else:
ida_dbg.request_step_over()
# Remove an existing debug hook
try:
if debughook:
print("Removing previous hook ...")
debughook.unhook()
except:
pass
# Install the debug hook
debughook = MyDbgHook()
debughook.hook()
ep = ida_ida.inf_get_start_ip()
if ida_dbg.request_run_to(ep): # Request stop at entry point
ida_dbg.run_requests() # Launch process
else:
print("Impossible to prepare debugger requests. Is a debugger selected?")