266{
269 vector<UINT64> ValuesToEdit;
280 vector<string> SplitCommandCaseSensitive {
Split(Command,
' ')};
281 UINT32 IndexInCommandCaseSensitive = 0;
283
284
285
286
287
289 {
291 }
292
293 if (SplitCommand.size() <= 2)
294 {
297 return;
298 }
299
300 for (auto Section : SplitCommand)
301 {
302 IndexInCommandCaseSensitive++;
303
304 if (IsFirstCommand)
305 {
306 if (!Section.compare("!eb"))
307 {
310 }
311 else if (!Section.compare("!ed"))
312 {
315 }
316 else if (!Section.compare("!eq"))
317 {
320 }
321 else if (!Section.compare("eb"))
322 {
325 }
326 else if (!Section.compare("ed"))
327 {
330 }
331 else if (!Section.compare("eq"))
332 {
335 }
336 else
337 {
338
339
340
343 return;
344 }
345
346 IsFirstCommand =
FALSE;
347
348 continue;
349 }
350
351 if (NextIsProcId)
352 {
353
354
355
356 NextIsProcId =
FALSE;
357
359 {
360 ShowMessages(
"please specify a correct hex process id\n\n");
362 return;
363 }
364 else
365 {
366
367
368
369 continue;
370 }
371 }
372
373
374
375
376 if (!SetProcId && !Section.compare("pid"))
377 {
379 continue;
380 }
381
382 if (!SetAddress)
383 {
386 {
388 SplitCommandCaseSensitive.at(IndexInCommandCaseSensitive - 1).c_str());
390 return;
391 }
392 else
393 {
394
395
396
398 continue;
399 }
400 }
401
402 if (SetAddress)
403 {
404
405
406
407 if (Section.rfind("0x", 0) == 0 || Section.rfind("0X", 0) == 0 ||
408 Section.rfind("\\x", 0) == 0 || Section.rfind("\\X", 0) == 0)
409 {
410 Section = Section.erase(0, 2);
411 }
412 else if (Section.rfind('x', 0) == 0 || Section.rfind('X', 0) == 0)
413 {
414 Section = Section.erase(0, 1);
415 }
416 Section.erase(remove(Section.begin(), Section.end(), '`'), Section.end());
417
418
419
420
421 if (ByteSize ==
EDIT_BYTE && Section.size() >= 3)
422 {
423 ShowMessages(
"please specify a byte (hex) value for 'eb' or '!eb'\n\n");
424 return;
425 }
426 if (ByteSize ==
EDIT_DWORD && Section.size() >= 9)
427 {
429 "please specify a dword (hex) value for 'ed' or '!ed'\n\n");
430 return;
431 }
432 if (ByteSize ==
EDIT_QWORD && Section.size() >= 17)
433 {
435 "please specify a qword (hex) value for 'eq' or '!eq'\n\n");
436 return;
437 }
438
439
440
441
442
443
445 {
446 ShowMessages(
"please specify a correct hex value to change the memory "
447 "content\n\n");
449 return;
450 }
451 else
452 {
453
454
455
456
457 ValuesToEdit.push_back(
Value);
458
459
460
461
462 CountOfValues++;
463
465 {
466
467
468
470 }
471 continue;
472 }
473 }
474 }
475
476
477
478
480 {
482 return;
483 }
484
485
486
487
488 if (ProcId == 0)
489 {
490 ProcId = GetCurrentProcessId();
491 }
492
493
494
495
496 if (!SetAddress)
497 {
498 ShowMessages(
"please specify a correct hex address\n\n");
500 return;
501 }
503 {
505 "please specify a correct hex value as the content to edit\n\n");
507 return;
508 }
509 if (NextIsProcId)
510 {
511 ShowMessages(
"please specify a correct hex value as the process id\n\n");
513 return;
514 }
515
516
517
518
519 FinalSize = (CountOfValues *
sizeof(
UINT64));
520
521
522
523
524 FinalBuffer = (
UINT64 *)malloc(FinalSize);
525
526 if (!FinalBuffer)
527 {
529 return;
530 }
531
532
533
534
535 ZeroMemory(FinalBuffer, FinalSize);
536
537
538
539
540 std::copy(ValuesToEdit.begin(), ValuesToEdit.end(), FinalBuffer);
541
542
543
544
546 MemoryType,
547 ByteSize,
548 ProcId,
549 CountOfValues,
550 FinalBuffer);
551
552
553
554
555 free(FinalBuffer);
556}
int BOOL
Definition BasicTypes.h:23
UCHAR BOOLEAN
Definition BasicTypes.h:39
#define TRUE
Definition BasicTypes.h:55
#define FALSE
Definition BasicTypes.h:54
unsigned __int64 UINT64
Definition BasicTypes.h:21
unsigned int UINT32
Definition BasicTypes.h:48
UINT64 Address
Definition HyperDbgScriptImports.h:67
@ EDIT_PHYSICAL_MEMORY
Definition RequestStructures.h:463
@ EDIT_VIRTUAL_MEMORY
Definition RequestStructures.h:462
enum _DEBUGGER_EDIT_MEMORY_TYPE DEBUGGER_EDIT_MEMORY_TYPE
different type of addresses for editing memory
@ EDIT_QWORD
Definition RequestStructures.h:474
@ EDIT_DWORD
Definition RequestStructures.h:473
@ EDIT_BYTE
Definition RequestStructures.h:472
enum _DEBUGGER_EDIT_MEMORY_BYTE_SIZE DEBUGGER_EDIT_MEMORY_BYTE_SIZE
size of editing memory
VOID SetValue(PGUEST_REGS GuestRegs, SCRIPT_ENGINE_VARIABLES_LIST *VariablesList, PSYMBOL Symbol, UINT64 Value, SYMBOL_BUFFER *StackBuffer, UINT64 *StackIndx, UINT64 *StackBaseIndx, UINT64 *ReturnValue)
Set the value.
Definition ScriptEngineEval.c:184
const vector< string > Split(const string &s, const char &c)
general split command
Definition common.cpp:117
BOOLEAN ConvertStringToUInt64(string TextToConvert, PUINT64 Result)
check and convert string to a 64 bit unsigned integer and also check for special notations like 0x,...
Definition common.cpp:240
BOOLEAN ConvertStringToUInt32(string TextToConvert, PUINT32 Result)
check and convert string to a 32 bit unsigned it and also check for special notations like 0x etc.
Definition common.cpp:347
VOID CommandEditMemoryHelp()
help of !e* and e* commands
Definition e.cpp:26
BOOLEAN WriteMemoryContent(UINT64 AddressToEdit, DEBUGGER_EDIT_MEMORY_TYPE MemoryType, DEBUGGER_EDIT_MEMORY_BYTE_SIZE ByteSize, UINT32 Pid, UINT32 CountOf64Chunks, UINT64 *BufferToEdit)
Perform writing the memory content.
Definition e.cpp:64
BOOLEAN g_IsSerialConnectedToRemoteDebuggee
Shows if the debugger was connected to remote debuggee over (A remote guest)
Definition globals.h:231
ACTIVE_DEBUGGING_PROCESS g_ActiveProcessDebuggingState
State of active debugging thread.
Definition globals.h:362
RequestedActionOfThePacket Value(0x1) 00000000
VOID ShowMessages(const char *Fmt,...)
Show messages.
Definition libhyperdbg.cpp:96
UINT32 ProcessId
Definition ud.h:51
BOOLEAN IsActive
Definition ud.h:49
BOOLEAN SymbolConvertNameOrExprToAddress(const string &TextToConvert, PUINT64 Result)
check and convert string to a 64 bit unsigned integer and also check for symbol object names and eval...
Definition symbol.cpp:360
1.11.0