[ext_x64dbg] add syncmodauto command

bootleg · Feb 13, 2021 · b1b7be1 · b1b7be1
1 parent fbd15e2
commit b1b7be1
Show file tree

Hide file tree

Showing 4 changed files with 73 additions and 8 deletions.
diff --git a/README.md b/README.md
@@ -948,6 +948,7 @@ Due to the beta status of OllyDbg2 API, only the following features have been im
 [sync] extension commands help:
  > !sync                          = synchronize with <host from conf> or the default value
  > !syncoff                       = stop synchronization
+ > !syncmodauto <on | off>        = enable / disable idb auto switch based on module name
  > !synchelp                      = display this help
  > !cmt <string>                  = add comment at current eip in IDA
  > !rcmt <string>                 = reset comments at current eip in IDA

diff --git a/ext_ida/retsync/dispatcher.py b/ext_ida/retsync/dispatcher.py
@@ -1,5 +1,5 @@
 #
-# Copyright (C) 2016-2020, Alexandre Gazet.
+# Copyright (C) 2016-2021, Alexandre Gazet.
 #
 # Copyright (C) 2012-2015, Quarkslab.
 #
@@ -445,8 +445,11 @@ def req_dbg_err(self, s, hash):
     # sync mode tells if idb switch is automatic or manual
     def req_sync_mode(self, s, hash):
         mode = hash['auto']
-        self.broadcast("sync mode auto set to %s" % mode)
-        self.sync_mode_auto = (mode == 'on')
+        if mode in ['on', 'off']:
+            self.broadcast("sync mode auto set to %s" % mode)
+            self.sync_mode_auto = (mode == 'on')
+        else:
+            self.broadcast("sync mode auto invalid param %s" % mode)
 
     # bc request should be forwarded to all idbs
     def req_bc(self, s, hash):

diff --git a/ext_x64dbg/x64dbg_sync/core.cpp b/ext_x64dbg/x64dbg_sync/core.cpp
@@ -1,5 +1,5 @@
 /*
-Copyright (C) 2016-2020, Alexandre Gazet.
+Copyright (C) 2016-2021, Alexandre Gazet.
 
 Copyright (C) 2014-2015, Quarkslab.
 
@@ -153,7 +153,7 @@ UpdateState()
 #endif
 
 	// Check if we are in a new module
-	if ((g_Base != PrevBase) & g_SyncAuto)
+	if ((g_Base != PrevBase) && g_SyncAuto)
 	{
 		hProcess = DbgGetProcessHandle();
 
@@ -202,7 +202,7 @@ PollCmd()
 
 	hRes = TunnelPoll(&NbBytesRecvd, &msg);
 
-	if (SUCCEEDED(hRes) & (NbBytesRecvd > 0) & (msg != NULL))
+	if (SUCCEEDED(hRes) && (NbBytesRecvd > 0) && (msg != NULL))
 	{
 		orig = msg;
 
@@ -457,6 +457,7 @@ HRESULT synchelp()
 	_plugin_logputs("[sync] extension commands help:\n"
 		" > !sync                          = synchronize with <host from conf> or the default value\n"
 		" > !syncoff                       = stop synchronization\n"
+		" > !syncmodauto <on | off>        = enable / disable idb auto switch based on module name\n"
 		" > !synchelp                      = display this help\n"
 		" > !cmt <string>                  = add comment at current eip in IDA\n"
 		" > !rcmt <string>                 = reset comments at current eip in IDA\n"
@@ -469,6 +470,44 @@ HRESULT synchelp()
 }
 
 
+HRESULT syncmodauto(PSTR Args)
+{
+	HRESULT hRes = S_OK;
+	char* param = NULL;
+	char* context = NULL;
+
+	// strip command and trailing whitespaces
+	strtok_s(Args, " ", &param);
+	strtok_s(param, " ", &context);
+
+	if (param != NULL)
+	{
+		if (strcmp("on", param) == 0)
+		{
+			g_SyncAuto = true;
+			goto LBL_NOTICE;
+		}
+		else if (strcmp("off", param) == 0)
+		{
+			g_SyncAuto = false;
+			goto LBL_NOTICE;
+		}
+	}
+
+	_plugin_logputs("[sync] !syncmodauto parameter should be in <on|off> \n");
+	return E_FAIL;
+
+LBL_NOTICE:
+	hRes = TunnelSend("[notice]{\"type\":\"sync_mode\",\"auto\":\"%s\"}\n", param);
+	if (FAILED(hRes)) {
+		_plugin_logputs("[sync] !syncmodauto failed to send notice\n");
+		return E_FAIL;
+	}
+
+	return hRes;
+}
+
+
 // idblist command implementation
 HRESULT idblist()
 {
@@ -485,7 +524,7 @@ HRESULT idblist()
 	}
 
 	hRes = TunnelReceive(&NbBytesRecvd, &msg);
-	if (SUCCEEDED(hRes) & (NbBytesRecvd > 0) & (msg != NULL)) {
+	if (SUCCEEDED(hRes) && (NbBytesRecvd > 0) && (msg != NULL)) {
 		_plugin_logputs(msg);
 		free(msg);
 	}
@@ -769,6 +808,23 @@ static bool cbSyncoffCommand(int argc, char* argv[])
 }
 
 
+static bool cbSyncmodautoCommand(int argc, char* argv[])
+{
+#if VERBOSE >= 2
+	_plugin_logputs("[sync] syncmodauto command!");
+#endif
+
+	if (strlen(argv[0]) < _countof("!syncmodauto")) {
+		_plugin_logputs("[sync] !syncmodauto missing parameter (<on|off>)\n");
+		return false;
+	}
+
+	_plugin_logputs("[sync] syncmodauto command!");
+	syncmodauto((PSTR)argv[0]);
+	return true;
+}
+
+
 static bool cbSynchelpCommand(int argc, char* argv[])
 {
 	_plugin_logputs("[sync] synchelp command!");
@@ -960,6 +1016,9 @@ void coreInit(PLUG_INITSTRUCT* initStruct)
 	if (!_plugin_registercommand(pluginHandle, "!syncoff", cbSyncoffCommand, true))
 		_plugin_logputs("[sync] error registering the \"!syncoff\" command!");
 
+	if (!_plugin_registercommand(pluginHandle, "!syncmodauto", cbSyncmodautoCommand, true))
+		_plugin_logputs("[sync] error registering the \"!syncmodauto\" command!");
+
 	if (!_plugin_registercommand(pluginHandle, "!synchelp", cbSynchelpCommand, false))
 		_plugin_logputs("[sync] error registering the \"!synchelp\" command!");
 
@@ -1011,6 +1070,7 @@ void coreStop()
 	_plugin_unregistercommand(pluginHandle, "!sync");
 	_plugin_unregistercommand(pluginHandle, "!syncoff");
 	_plugin_unregistercommand(pluginHandle, "!synchelp");
+	_plugin_unregistercommand(pluginHandle, "!syncmodauto");
 	_plugin_unregistercommand(pluginHandle, "!idblist");
 	_plugin_unregistercommand(pluginHandle, "!idbn");
 	_plugin_unregistercommand(pluginHandle, "!idb");

diff --git a/ext_x64dbg/x64dbg_sync/core.h b/ext_x64dbg/x64dbg_sync/core.h
@@ -1,5 +1,5 @@
 /*
-Copyright (C) 2016-2020, Alexandre Gazet.
+Copyright (C) 2016-2021, Alexandre Gazet.
 
 Copyright (C) 2014-2015, Quarkslab.
 
@@ -38,6 +38,7 @@ enum MENU_IDENTIFIERS {
 //functions
 HRESULT sync(PSTR Args);
 HRESULT syncoff();
+HRESULT syncmodauto(PSTR Args);
 HRESULT synchelp();
 HRESULT idblist();
 HRESULT cmt(PSTR Args);