Lightemerald/windows-user-space-emulator
2
0
Fork 0
mirror of https://github.com/momo5502/emulator.git synced 2026-01-20 20:23:57 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add the debugger_hide attribute to emulator_thread

Browse Source
This commit is contained in:
66hh
2025-12-29 00:52:59 +08:00
parent 12e96c8921
commit 3cd461e2ab
2 changed files with 10 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/windows-emulator/emulator_thread.hpp
View File

@@ -102,6 +102,8 @@ class emulator_thread : public ref_counted_object
std::vector<std::byte> last_registers{};
bool debugger_hide{false};
void mark_as_ready(NTSTATUS status);
bool is_await_time_over(utils::clock& clock) const
@@ -180,6 +182,8 @@ class emulator_thread : public ref_counted_object
buffer.write_optional(this->wow64_cpu_reserved);
buffer.write_vector(this->last_registers);
buffer.write(this->debugger_hide);
}
void deserialize_object(utils::buffer_deserializer& buffer) override
@@ -225,6 +229,8 @@ class emulator_thread : public ref_counted_object
buffer.read_optional(this->wow64_cpu_reserved, [this] { return emulator_object<WOW64_CPURESERVED>(*this->memory_ptr); });
buffer.read_vector(this->last_registers);
buffer.read(this->debugger_hide);
}
void leak_memory()

5
src/windows-emulator/syscalls/thread.cpp
View File

@@ -58,6 +58,7 @@ namespace syscalls
if (info_class == ThreadHideFromDebugger)
{
c.win_emu.current_thread().debugger_hide = true;
c.win_emu.callbacks.on_suspicious_activity("Hiding thread from debugger");
return STATUS_SUCCESS;
}
@@ -276,8 +277,10 @@ namespace syscalls
return STATUS_BUFFER_OVERFLOW;
}
emulator_thread& thread = c.win_emu.current_thread();
const emulator_object<BOOLEAN> info{c.emu, thread_information};
info.write(0);
info.write(thread.debugger_hide);
return STATUS_SUCCESS;
}