From 52d048cf5b4d36830da6ffe5f6245871a8565d8a Mon Sep 17 00:00:00 2001 From: "gergely.erdelyi" Date: Sun, 4 May 2008 09:43:57 +0000 Subject: [PATCH] Added small test script for debug event notification hooks --- build.py | 1 + examples/debughook.py | 69 +++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 70 insertions(+) create mode 100644 examples/debughook.py diff --git a/build.py b/build.py index e6a9881..314782a 100644 --- a/build.py +++ b/build.py @@ -61,6 +61,7 @@ BINDIST_MANIFEST = [ ("idaapi.py", "python"), "docs/notes.txt", "examples/chooser.py", + "examples/debughook.py", "examples/ex1.idc", "examples/ex1_idaapi.py", "examples/ex1_idautils.py" ] diff --git a/examples/debughook.py b/examples/debughook.py new file mode 100644 index 0000000..c5be3b6 --- /dev/null +++ b/examples/debughook.py @@ -0,0 +1,69 @@ +#--------------------------------------------------------------------- +# Debug notification hook test +# +# This script start the executable and steps through the first five +# instructions. Each instruction is disassembled after execution. +# +# Author: Gergely Erdelyi +#--------------------------------------------------------------------- +from idaapi import * + +class MyDbgHook(DBG_Hooks): + """ Own debug hook class that implementd the callback functions """ + + def dbg_process_start(self, pid, tid, ea, name, base, size): + print "Process started, pid=%d tid=%d name=%s" % (pid, tid, name) + return 0 + + def dbg_process_exit(self, pid, tid, ea, code): + print "Process exited pid=%d tid=%d ea=0x%x code=%d" % (pid, tid, ea, code) + return 0 + + def dbg_library_load(self, pid, tid, ea, name, base, size): + print "Library loaded: pid=%d tid=%d name=%s base=%x" % (pid, tid, name, base) + + def dbg_bpt(self, tid, ea): + print "Break point at 0x%x pid=%d" % (ea, tid) + return 0 + + def dbg_trace(self, tid, ea): + print tid, ea + return 0 + + def dbg_step_into(self): + print "Step into" + return self.dbg_step_over() + + def dbg_step_over(self): + eip = GetRegValue("EIP") + print "0x%x %s" % (eip, GetDisasm(eip)) + + self.steps += 1 + if self.steps >= 5: + request_exit_process() + else: + request_step_over() + return 0 + +# Remove an existing debug hook +try: + if debughook: + print "Removing previous hook ..." + debughook.unhook() +except: + pass + +# Install the debug hook +debughook = MyDbgHook() +debughook.hook() +debughook.steps = 0 + +# Stop at the entry point +ep = GetLongPrm(INF_START_IP) +request_run_to(ep) + +# Step one instruction +request_step_over() + +# Start debugging +run_requests()