-
-
Notifications
You must be signed in to change notification settings - Fork 159
/
Context.cs
76 lines (54 loc) · 2.23 KB
/
Context.cs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
using System;
using System.Collections.Generic;
using System.Linq;
using System.Runtime.InteropServices;
using System.Text;
using System.Threading.Tasks;
namespace SharpBlock {
public enum ContextFlags {
All,
Debug
}
public abstract class Context : IDisposable {
IntPtr mem;
IntPtr memAligned;
public Context() {
//Get/SetThreadContext needs to be 16 byte aligned memory offset on x64
mem = Marshal.AllocHGlobal(Marshal.SizeOf(ContextStruct) + 1024);
memAligned = new IntPtr(mem.ToInt64() & ~0xF);
}
public void Dispose() {
if(mem != IntPtr.Zero) {
Marshal.FreeHGlobal(mem);
}
}
public bool GetContext(IntPtr thread) {
Marshal.StructureToPtr(ContextStruct, memAligned, false);
bool result = GetContext(thread, memAligned);
ContextStruct = Marshal.PtrToStructure(memAligned, ContextStruct.GetType());
return result;
}
public bool SetContext(IntPtr thread){
Marshal.StructureToPtr(ContextStruct, memAligned, false);
return SetContext(thread, memAligned);
}
public ulong SetBits(ulong dw, int lowBit, int bits, ulong newValue) {
ulong mask = (1UL << bits) - 1UL;
dw = (dw & ~(mask << lowBit)) | (newValue << lowBit);
return dw;
}
protected abstract object ContextStruct { get; set; }
protected abstract bool SetContext(IntPtr thread, IntPtr context);
protected abstract bool GetContext(IntPtr thread, IntPtr context);
public abstract ulong Ip { get; set; }
public abstract void SetResultRegister(ulong result);
public abstract ulong GetCurrentReturnAddress(IntPtr hProcess);
public abstract void PopStackPointer();
public abstract void EnableBreakpoint(IntPtr address, int index);
public abstract void ClearBreakpoint(int index);
public abstract void EnableSingleStep();
public abstract void SetRegister(int index, long value);
public abstract long GetRegister(int index);
public abstract long GetParameter(int index, IntPtr hProcess);
}
}