Lightemerald/windows-user-space-emulator
2
0
Fork 0
mirror of https://github.com/momo5502/emulator.git synced 2026-01-22 21:21:03 +00:00
Code Issues Packages Projects Releases Wiki Activity

Slightly better logging

Browse Source
This commit is contained in:
momo5502
2024-09-22 12:46:12 +02:00
parent 88b01bd2b0
commit 9cba4cded6
3 changed files with 41 additions and 30 deletions
Download Patch File Download Diff File Expand all files Collapse all files

49
src/sample/main.cpp
View File

@@ -68,6 +68,7 @@ namespace
//watch_system_objects(win_emu);
win_emu.buffer_stdout = true;
//win_emu.verbose_calls = true;
const auto& exe = *win_emu.process().executable;
@@ -84,36 +85,32 @@ namespace
}
});
win_emu.add_syscall_hook([&]
/*win_emu.add_syscall_hook([&]
{
const auto rip = win_emu.emu().read_instruction_pointer();
if (rip >= text_start && rip < text_end)
const auto syscall_id = win_emu.emu().reg(x64_register::eax);
const auto syscall_name = win_emu.dispatcher().get_syscall_name(syscall_id);
if (syscall_name != "NtQueryInformationProcess")
{
const auto syscall_id = win_emu.emu().reg(x64_register::eax);
const auto syscall_name = win_emu.dispatcher().get_syscall_name(syscall_id);
win_emu.logger.print(color::blue, "Executing inline syscall: %s (0x%X) at 0x%llX\n",
syscall_name.c_str(),
syscall_id, rip);
/*if (syscall_name == "NtQueryInformationProcess")
{
const auto info_class = win_emu.emu().reg(x64_register::rdx);
if (info_class == ProcessImageFileNameWin32)
{
const auto data = win_emu.emu().reg(x64_register::r8);
emulator_allocator data_allocator{win_emu.emu(), data, 0x100};
data_allocator.make_unicode_string(
L"C:\\Users\\mauri\\source\\repos\\lul\\x64\\Release\\lul.exe");
win_emu.emu().reg(x64_register::rax, STATUS_SUCCESS);
return instruction_hook_continuation::skip_instruction;
}
}*/
return instruction_hook_continuation::run_instruction;
}
return instruction_hook_continuation::run_instruction;
});
const auto info_class = win_emu.emu().reg(x64_register::rdx);
if (info_class != ProcessImageFileNameWin32)
{
return instruction_hook_continuation::run_instruction;
}
win_emu.logger.print(color::pink, "Patching NtQueryInformationProcess...\n");
const auto data = win_emu.emu().reg(x64_register::r8);
emulator_allocator data_allocator{win_emu.emu(), data, 0x100};
data_allocator.make_unicode_string(
L"C:\\Users\\mauri\\source\\repos\\lul\\x64\\Release\\lul.exe");
win_emu.emu().reg(x64_register::rax, STATUS_SUCCESS);
return instruction_hook_continuation::skip_instruction;
});*/
run_emulation(win_emu);
}

20
src/windows_emulator/syscalls.cpp
View File

@@ -657,7 +657,7 @@ namespace
}
const auto region_info = c.emu.get_region_info(base_address);
if(!region_info.is_reserved)
if (!region_info.is_reserved)
{
return STATUS_INVALID_ADDRESS;
}
@@ -1961,8 +1961,22 @@ void syscall_dispatcher::dispatch(windows_emulator& win_emu)
return;
}
win_emu.logger.print(color::dark_gray, "Syscall: %s (0x%X) at 0x%llX\n", entry->second.name.c_str(), syscall_id,
address);
const auto* mod = context.module_manager.find_by_address(address);
if (mod != context.ntdll && mod != context.win32u)
{
win_emu.logger.print(color::blue, "Executing inline syscall: %s (0x%X) at 0x%llX (%s)\n",
entry->second.name.c_str(),
syscall_id,
address, mod ? mod->name.c_str() : "<N/A>");
}
else
{
win_emu.logger.print(color::dark_gray, "Executing syscall: %s (0x%X) at 0x%llX\n",
entry->second.name.c_str(),
syscall_id,
address);
}
entry->second.handler(c);
}
catch (std::exception& e)

2
src/windows_emulator/windows_emulator.cpp
View File

@@ -614,7 +614,7 @@ void windows_emulator::setup_hooks()
const auto export_entry = binary->address_names.find(address);
if (export_entry != binary->address_names.end())
{
logger.print(is_interesting_call ? color::yellow : color::gray,
logger.print(is_interesting_call ? color::yellow : color::dark_gray,
"Executing function: %s - %s (0x%llX)\n",
binary->name.c_str(),
export_entry->second.c_str(), address);