Merge pull request #1 from mrexodia/master

break on entry point if asked by user
therealdreg · Mar 31, 2017 · f74433c · f74433c
2 parents 201584f + 83f9338
commit f74433c
Showing 1 changed file with 15 additions and 0 deletions.
diff --git a/x64dbgplugin/PluginTemplate/plugin.cpp b/x64dbgplugin/PluginTemplate/plugin.cpp
@@ -1,5 +1,7 @@
 #include "plugin.h"
 
+static duint processEntry;
+
 enum
 {
     MENU_HOOK,
@@ -29,6 +31,11 @@ PLUG_EXPORT void CBDEBUGEVENT(CBTYPE cbType, PLUG_CB_DEBUGEVENT* info)
 {
 }
 
+PLUG_EXPORT void CBCREATEPROCESS(CBTYPE cbType, PLUG_CB_CREATEPROCESS* info)
+{
+    processEntry = Script::Module::EntryFromAddr(duint(info->CreateProcessInfo->lpBaseOfImage));
+}
+
 void ExecuteNewProcessLauncher(BOOL old_process, wchar_t* path)
 {
     int result = IDCANCEL;
@@ -104,6 +111,7 @@ PLUG_EXPORT void CBMENUENTRY(CBTYPE cbType, PLUG_CB_MENUENTRY* info)
     wchar_t* op_type = L"runas";
 
     char* dis_cmd = NULL;
+    duint breakEntry = 0;
 
     _itow_s(DbgGetProcessId(), actual_pid, 10);
 
@@ -131,6 +139,13 @@ PLUG_EXPORT void CBMENUENTRY(CBTYPE cbType, PLUG_CB_MENUENTRY* info)
             wcscpy_s(args, actual_pid);
             wcscat_s(args, L" u");
             dis_cmd = "dis LdrInitializeThunk";
+
+            if(BridgeSettingGetUint("Events", "EntryBreakpoint", &breakEntry) && breakEntry)
+            {
+                char cmd[32] = "";
+                sprintf_s(cmd, "bp %p, ss", processEntry);
+                DbgCmdExecDirect(cmd);
+            }
             break;
 
         case MENU_NEW_PROCESS_WATCHER: