I want to create my own debugger, like OllyDBG but as a injected DLL-file.
I have all functionality I want except for one; I don't know how to set/place breakpoints in the code..
My google-fu has failed me in this, if anyone could help me, please do! :)
Name:
Anonymous2007-07-08 19:39 ID:za+oo9tZ
Software breakpoints:
write an int 3 instruction (0xCC) at the desired location. The interrupt will (should) be trapped by your own debugger (EXCEPTION_DEBUG_EVENT). Be sure to check it was a breakpoint (EXCEPTION_BREAKPOINT) and it occured at the location you set it at.
Hardware breakpoints:
Use SetThreadContext and set the appropriate fields in the CONTEXT structure. You can do your own research here (I highly recommend the ``Intel 80386 Programmer's reference manual 1986''
Name:
Anonymous2007-07-08 19:44 ID:za+oo9tZ
BTW, just so you know, when you press F2 in olly to set a breakpoint at a memory address, all it does is it write an 0xCC byte at the address.
Name:
Anonymous2007-07-08 20:40 ID:v9KXSASW
Thank you for your advice, I will look into hardware breakpoints more :)
There's already such a ``stealth/non-intrusive'' debugger as OP's proposal, it's called Obsidian ( http://deneke.biz/obsidian ), problem is that it's alpha-quality, not nearly as usable as OllyDBG. Oh and OP, don't forget about memory breakpoints(NO ACCESS on the page) and guard breakpoints(GUARD access on the page, generates one exception when it hits, then flag is magically unset), you can set both via VirtualProtectEx, the other questions have been answered by >>3
Name:
Anonymous2009-03-06 6:41
About the input style This would be ready in x 1 if i mouse over a nice hot cup.