We are running a survey to help us improve the experience for all of our members. If you see the survey appear, please take the time to tell us about your experience if you can.
AgsiRegisterExecCallBackEx in DP51.dll
Agsi.RegisterExecCallBackEx = (AgsiRegisterExecCallBackEx_t) GetProcAddress(AgsiConfig.m_hInstance, "AgsiRegisterExecCallBackEx");
Agsi.RegisterExecCallBackEx(Execution);
How to make it work?
typedef AGSIEXPORT BOOL (*AgsiRegisterExecCallBackEx_t)(DWORD callerid, unsigned char codebyte, DWORD option, void(*fp)(DWORD pc, DWORD Ypc)); //callerid = 2,4
//can set 2 and 4 to callerid to callback//codebyte mean assembly hex bin code, when hit hex code will go to callbackstatic void Execution1(DWORD pc, DWORD Ypc){ BOOL ret = true; MessageBox(NULL, NULL, "AAA", MB_OK);}static BOOL DefineAllWatches(void){ ret &= Agsi.RegisterExecCallBackEx(0x00000002, hexcode, option, Execution1); ret &= Agsi.RegisterExecCallBackEx(0x00000004, hexcode, option, Execution2);}
//////////////////////////not sure about callerid =1ret &= Agsi.RegisterExecCallBackEx(0x00000001, hexcode, option, Execution1);~option=0x00000~0x0ffff and Execution1 address save to dynamic memory
ex: ret &= Agsi.RegisterExecCallBackEx(1, 0x7a, 0x00005E5E, Execution);I use windows sdk 10 - windbg trace DP51.dll S8051.dll
when caller id = 1 DP51.dll.text:08E129F1 010 jz short loc_8E12A0E.text:08E129F3 010 push esi.text:08E129F4 014 push [ebp+arg_8].text:08E129F7 018 push ebx.text:08E129F8 01C call ecx //goto S8051.dllS8051.dll....text:1000C5CA 018 call dword_1048BEB0 //result in eax....text:1000C609 010 mov [eax+8], edi //put 0x00005E5E in [eax+8].text:1000C60C 010 mov [eax+0Ch], ecx //put Execution address in [eax+0Ch]
then I set hardware r/w breakpoint at eax+8 and eax+0Chthere is no one read write at [eax+8] and [eax+0Ch]its mean no useful for callerid = 1