Heya.
This application is nothing new.
Can someone please take a look at it and tell me why the following happens:
if I try to bind the debugger to a running process (by class and/or window title), after I get a "dll load" debug message (and attempt to continue debugging in stepmode) why does the debuggee exit?
Basically, my debugger is KILLING the debuggee if it is late-bound to it.
This doesn't happen if I load the target from the debugger itself.
The Rodeo Method works fine, but the Bondage and Discipline method doesn't.
I'm a Rebel Without A Clue. Anyone got a spare?
I tried debugging my debugger while it is debugging, but Olly didn't like that at all lol - and I don't have SI anymore...
Posted on 2003-08-04 03:21:10 by Homer
Never mind, I fixed it.
I wasn't Opening the Process.
Posted on 2003-08-04 09:07:19 by Homer
Just a question,

How come you only processed the 1 byte displacement conditional jmp and did not include the 4 byte displacement?
Posted on 2003-08-04 09:22:44 by roticv
There's a whole heap of missing CJ opcodes in that early source.
Example is JECX.

It's moved along a fair way now - I'm implementing LL to database the traced program flow, and am treating all opcodes between CJ's in terms of the registers, flags and memory they alter, and calling that a node too.
This allows us to note the net effect of a code section preceding a CJ without getting caught up in what exact opcodes were used to do it. Useful for identifying code trends and in terms of heuristics, allows us to guesstimate unknown data types based on the types of operations performed, registers used and patterns of memory usage and contents of all of the above. The idea is to make the debugger/tracer smarter by applying fuzzy tests to it and keeping the database in a weighted neural network (glorified linkedlist).

I'm not bald, I'm just drawn that way.
Posted on 2003-08-08 10:52:26 by Homer