Untitled

avatar
unknown
plain_text
3 years ago
2.4 kB
7
Indexable
	
    // Loop indefinitel
    DEBUG_EVENT event;
    while (WaitForDebugEvent(&event, INFINITE)) {
        switch (event.dwDebugEventCode) {
            case EXCEPTION_DEBUG_EVENT:
                printf("Exception occurred with code 0x%08X at address 0x%p ", event.u.Exception.ExceptionRecord.ExceptionCode, event.u.Exception.ExceptionRecord.ExceptionAddress);
				HMODULE moduleToTheAddress;
				if (!GetModuleHandleEx(0x00000004, (LPCSTR)event.u.Exception.ExceptionRecord.ExceptionAddress, &moduleToTheAddress)) {
										
					printf("Error GetModuleHandleEx(0x00000004, ptr, &moduleToTheAddress) (error code %d)\n", GetLastError());
					
					/* Enumerating Modules Loaded */
					HANDLE processHandle = OpenProcess(PROCESS_QUERY_INFORMATION | PROCESS_VM_READ, FALSE, processId);
					if (processHandle == NULL) {
						printf("Failed to open process handle.\n");
						return 0;
					}
			
					HMODULE moduleTaken = RemoteAddressToModule( processHandle, (void*) event.u.Exception.ExceptionRecord.ExceptionAddress );
					
					char moduleName[MAX_PATH];
					GetModuleFileNameEx(processHandle, moduleTaken, moduleName, MAX_PATH);
					printf(" Module Name: %s", moduleName);
					
					CloseHandle(processHandle);
				}else{
					char moduleName[MAX_PATH];
					GetModuleFileName(moduleToTheAddress, moduleName, MAX_PATH);
					printf(" Module Name: %s", moduleName);
					
					
					/* Enumerating Modules Loaded */
					HANDLE processHandle = OpenProcess(PROCESS_QUERY_INFORMATION | PROCESS_VM_READ, FALSE, processId);
					if (processHandle == NULL) {
						printf("Failed to open process handle.\n");
						return 0;
					}
			
					HMODULE moduleTaken = RemoteAddressToModule( processHandle, (void*) event.u.Exception.ExceptionRecord.ExceptionAddress );
					
					char moduleName2[MAX_PATH];
					GetModuleFileNameEx(processHandle, moduleTaken, moduleName2, MAX_PATH);
					printf(" Module Name: %s", moduleName2);
					
					CloseHandle(processHandle);
				}
				printf("\n");
				ContinueDebugEvent(event.dwProcessId, event.dwThreadId, DBG_CONTINUE);
                break;
            default:
                ContinueDebugEvent(event.dwProcessId, event.dwThreadId, DBG_CONTINUE);
                break;
        }
    }
	
	DebugSetProcessKillOnExit(FALSE);

    // Detach from target process
    DebugActiveProcessStop(processId);
Editor is loading...