使用Delphi进行X86操作系统内核的开发实践

----- 老鳃 --------   

    Delphi作为WINDOWS平台下的RAD工具,其开发的高效性吸引了众多软件公司用来开发应用层软件,除了一般RAD所具备的高效性外,Delphi的开放性(开放源代码、方便深入底层)确实让众多的开发人员爱不释手,Delphi作为优秀的WINDOWS平台下的32位编译器,其用途是非常之广的,国外已经有不少组织利用Delphi来开发高级编译器、驱动程序,甚至操作系统,笔者有心做了一番尝试,感受到Delphi的另一片广阔天地。

    本文将带领读者来领略一下Delphi在开发X86的操作系统内核方面的应用,旨在起个抛砖引玉的作用,启迪广大开发人员对优秀的编译器进行更深入的研究。

首先介绍一下本文中简单OS雏形的Image文件(软盘映像文件)的大致框架(有兴趣的读者可以自行重新安排和扩展):

[OS大致运行框架]:
   启动代码负责进行必要的保护模式初始化,加载OS核心代码,进行段寄存器初始化化直接跳到OS核心代码处执行。    
   启动代码用汇编编写、Nasm编译,OS核心代码用Delphi实现。

第一步: 生成启动代码
   启动代码主要功能是构建GDT(含代码段和数据段,平坦内存设置),读取内核代码到0x8000处,然后切换到保护模式,跳转到内核,内容如下:

[BITS 16]
[ORG 0x7C00] 

jmp  BootBegin

; GDT数据
gdtBegin:

       ; 空描述符

              dd    0

              dd    0           

       codeSel equ $ - gdtBegin  ;代码段选择子

; 代码段描述符

              dw   0xffff            

              dw   0          

              dw   0x9A00

              dw   0x00CF

       dataSel equ $ - gdtBegin  ;数据段选择子

; 数据段描述符

              dw   0xffff

              dw   0x0000

              dw   0x9200

              dw   0x00CF

       gdtend:

       gdtInfo:

              dw    gdtend - gdtBegin - 1    ; GDT 大小

              dd     gdtBegin               ; GDT 地址

BootBegin:

       Mov ax,cs

       Mov ds,ax

 

; 从第二扇区开始读内核到内存中 0000:0x8000 (es:bx)处

;(读17个扇区,读者可以自行扩展)

readKernel:              

       mov ax , 0x0000            

       mov es , ax

       mov bx , 0x8000

       mov ah , 2                

       mov dl , 0       

       mov ch , 0              

       mov cl , 2               

       mov al , 17                

       int 13h          

       jc readKernel    

 

 

; 关中断

       cli             

       ; 载入 GDT          

       lgdt [gdtInfo]              

 

;进入保护模式

       mov eax , cr0               

       or eax , 1                                                              

       mov cr0 , eax                

 

; 跳入32位的代码段中

       jmp codeSel: code32Begin        

[BITS 32]

code32Begin:

;设置 DS,ES,SS,FS,GS

       mov ax , dataSel

       mov ds , ax

       mov es , ax

       mov ss , ax

       mov fs , ax

       mov gs , ax

       mov esp , 0x30000  ;堆栈初始设置

 

       ; 跳入内核                          

       jmp codeSel:0x8000        

;---------------------------------------------------------------------------

times 510-($-$$) db 0

;启动盘标志

dw  0xAA55

利用Nasm编译成COM文件,写入Image文件第一扇区(0-0x01ff).完成启动代码设置(注:Image原始文件生成最简单的方式是用Ultraedit生成一个0x167fff大小的二进制文件。启动代码写入也同样可以用Ultraedit16进制编辑功能实现)。

第二步: 开发核心代码

下面着重介绍如何通过DELPHI开发OS核心代码。

首先了解一下DELPHI生成的PE代码段结构,对不显式引用任何系统单元的工程,DELPHI会默认在代码段前部加入System.Pas和SysInit.Pas这两个Delphi核心运行期库RTL, RTL之后是我们自己的单元,最后才是Program中begin…end之间的代码,为了简化从PE文件中加载内核代码的烦琐操作,我们可以只用到代码段,并在SysInit单元之后(即OS核心代码之前)和Program代码结束处加上标记,这两个标记之间的代码就是我们想要OS代码,读者可以自行变换思路,也可以使用多段,只要能方便地从PE中加载出内核即可。

为了简化开发,本文涉及的利用DELPHI编写操作系统代码有几个要点:

  1.不依赖于RTL,不调用任何DELPHI的RTL函数。
  2.在代码中定义数据(使用嵌入汇编),只用代码段,对内部定义的数据访问使用相对
     寻址,保证代码可以加载到内存任何位置执行。
  3.因为是OS内核,内存规划好可以随意使用,不需要申请。

OK,现在打开Delphi,创建一个空工程(不引用任何单元),然后添加一个空的单元Kernel.pas(即OS内核单元),然后在该单元中添加一个过程KernelBegin,作为内核的入口过程,并在单元开始处和工程结束处打上内核起始和结束标志,先实现简单的内核操作,调用showTest过程在屏幕上显示两个字符’OS’然后进入死循环,代码内容如下:

program OsKernel;

uses

  Kernel in 'Kernel.pas';

begin

  //显式调用的代码才会被DELPHI编译进EXE,所以有用的代码要调用一下

  KernelBeginFlag;

  //内核结束标记

  asm

    db 'KernelEnd'

  end;

end.

 

unit Kernel;

interface

  //内核起始标记过程

  procedure KernelBeginFlag;

  //内核入口

  procedure KernelBegin; stdcall;

  //显示字符:在屏幕第11行第1列显示’OS’

  procedure showTest; stdcall;

implementation

 

//内核起始标记过程,

//扩展单元数目时要注意调整单元引用次序确保该过程编译在内核代码的头部(可以通过DELPHI反汇编察看)

procedure KernelBeginFlag;

begin

  asm

    db 'KernelBegin'

  end;

  KernelBegin;

end;

 

procedure KernelBegin; stdcall;

begin 

  //开始内核操作

  showTest;

end;

procedure showTest; stdcall;

var p: PChar;

begin

  p := PChar($b8000 + (80 * 10 + 0) * 2);   //计算行列对应的显存地址

  p[0] := 'O';

  p[1] := #$0c; //显示属性 黑底红字

  p[2] := 'S';

  p[3] := #$0c;

 

  while true do;

end;

end.

 

编译生成OsKernel.exe,现在需要一个工具把内核代码抓取到IMAGE文件第二扇区开始处,下面的程序实现此功能(同样用DELPHI编写):

program WriteOSToImg;

uses

  dialogs,classes,SysUtils;

var f1,f2:TFilestream;

b:char;

p:pointer;

begin

  f1 := nil;

  f2 := nil;

  try

    try

      f1 := TFileStream.Create('OsKernel.exe',fmOpenRead);

      f2 := TFileStream.Create('MyOS.IMG',fmOpenwrite);

      f2.Position := $200;

      while true do

      begin

        f1.Read(b,1);

        if b <> 'K' then continue;

        f1.Read(b,1);

        if b <> 'e' then continue;

        f1.Read(b,1);

        if b <> 'r' then continue;

        f1.Read(b,1);

        if b <> 'n' then continue;

        f1.Read(b,1);

        if b <> 'e' then continue;

        f1.Read(b,1);

        if b <> 'l' then continue;

        f1.Read(b,1);

        if b <> 'B' then continue;

        f1.Read(b,1);

        if b <> 'e' then continue;

        f1.Read(b,1);

        if b <> 'g' then continue;

        f1.Read(b,1);

        if b <> 'i' then continue;

        f1.Read(b,1);

        if b <> 'n' then continue;

        break;

      end;

      //复制内核:简单起见,暂时只复制10K

      getmem(p,1024*10);

      try

        f1.Read(p^,1024*10);

        f2.Write(p^,1024*10);

      finally

        freemem(p,1024*10);

      end;

      showmessage('写内核完毕!');

    finally

      f1.Free;

      f2.Free;

    end;

  except

    showmessage('写内核出错!');

  end;

end.

现在确保软盘映像文件MyOS.IMG、内核PE文件OsKernel.exe、写内核程序WriteOSToImg.exe在同一目录下,然后运行WriteOSToImg.exe,完成内核的写入,可以利用VirtualPC(因为VirtualPC运行结果更接近实际机器)运行我们的软盘映像文件MyOS.IMG了,运行结果如下:

 

OK,虽然只是很简单的两个字符,但意义重大,我们成功地实现了OS跳转到Delphi开发的内核,这意味着我们可以利用Delphi进行高效便捷的OS开发了,可以方便地在DELPHI下进行OS各无特权操作模块的独立测试,有进行特权/直接写内存等核心操作的模块需要在BOCHS下进行调试,因为篇幅所限制,在此就不对BOCHS调试方法做介绍,有兴趣的朋友可以在互联网查阅相关资料。

为了启发读者的扩展思路,下面讲解一下如何访问代码段中定义的数据,保证代码可以在内存任意位置运行,如我们在Kernel.pas中增加了一个在特定行列开始显示一个字符串过程 DispStr(字符串以/0结束),代码如下:

procedure DispStr(RowId,ColId: Integer; p:PChar); stdcall;

var h:PChar;

i: Integer;

begin

  h := PChar($b8000 + (80 * RowId + ColId) * 2);

  i := 0;

  while true do

  begin

    if p[i] = #0 then break;

    h[i*2] := p[i];

    h[i*2+1] := #$0c;

    inc(i);

  end;

end;

     现在要把KernelBegin过程中定义的一个字符串显示出来,代码如下:

procedure KernelBegin; stdcall;

label Dispdat1,kBegin;

var p1: PChar;

begin

  //取欲显示字符串首地址

  asm

    push esi

    call @BB

  @BB:

    //运行期间获取该处实际运行地址到esi 保证代码可以在内存任何位置运行

    pop esi

 

    //计算出Dispdat1在实际运行时的地址

    mov ebx,offset Dispdat1

    sub ebx,offset @BB

    add ebx,esi

    mov p1,ebx

 

    pop esi

    jmp kBegin

 

    Dispdat1:  db 'My OS 2006 is Loading..............',0 //待显示的字符串

  kBegin:

  end;

  DispStr(11,22,p1);

  while true do;

end;

     注意到call指令的妙用,利用CALL指令原理(将下一条指令地址压栈,然后跳转目的地址),让call指令直接调用下条指令,在下条指令处即可从堆栈中取出当前地址,这样就可以利用偏移地址差值获取出周围各处的运行期地址了,这样编译好的模块就实现了无需重定位无首地址限制正常运行的目的。

    特别说明一点,对于特权指令,可以利用Delphi的嵌入汇编技术直接使用,均能编译通过,各种X86数据结构利用DELPHI的结构体定义取代汇编的直接字节级定义,大大方便了内核的组织。

     到此为止,读者应该对利用DELPHI进行X86的OS开发有个基本的感性认识了,有兴趣的读者可以自行从KernelBegin开始进行OS内核的扩展,如设置开启分页、设置开启中断、简单的进程调度控制等,OS技术是软件技术的基础,能用象DELPHI这样的便捷开发工具进行OS技术的亲身实践,相信对广大软件爱好者来说是很有吸引力的,对广大长期在WINDOWS平台下工作的开发人员来说是便捷的,抛开烦琐的LINUX环境下的OS开发,天地就开阔多了,对OS技术有兴趣的朋友们,可以马上动手亲身体验一下,还等什么呢!

......老鳃...采菊东篱下.悠然见南山...2007.02......

  • 0
    点赞
  • 1
    收藏
    觉得还不错? 一键收藏
  • 1
    评论
启点CE过NP中文December 24 2018:Cheat Engine 6.8.2 Released: Here's a new version for the hollidays. Mainly minor improvements and some small bugfixes, but also a new 'ultimap like' feature called Code Filter for which you don't need any special hardware for. (Just an extensive list of addresses) Download: Cheat Engine 6.8.2 Fixes: Disassembler: Several disassembler instructions had a comma too many or too few ,fixed those Disassembler: Fixed the description for ret # Disassembler/Debug: Fixed the address that is being edited when a breakpoint hits while editing an instruction Assembler: Fixed assembling reg*2/4/8+unquotedsymbol Plugin: Fixed the SDK for C plugins that use the disassembler callback Hotkeys: Fixed the attach to foreground hotkey Memory Scan: Fixed the percentage scan Memory Scan: Fixed a rare situation that could cause an error Memory Scan: Simple values now works with groupscan Memory Scan Lua: Scanfiles now also get deleted if the memory scan object is freed before the scan is fully done Fill Memory: Now allows 64-bit addresses Structure Dissect: Fixed the popupmenu "change type" so it now affects all selected entries instead of just the first PointerOrPointee window: Fix the debug pointer or pointee window button text when using access instead of writes GUI: Fixed and restored the DPI Aware option in setting GUI: Some DPI fixes/adjustments here and there Graphical Memory view: Fixed DPI issues Symbolhandler: When the symbolhandler now waits till it's done, it won't wait for the structures to be parsed anymore Additions and Changes: Lua Engine: Added autocomplete DLL injection: On DLL injection failure CE tries to fall back on forced injection methods Assembler: Added multibyte NOP Plugins: Plugins can now have side dll's that are statically linked in their own folder (Windows 7 with updates and later) Debugging: Improved the FPU window editing when single stepping, allowing you to change the FPU registers Debugging: Threadview now updates when single stepping and cnanges made there will affect the currently debugged thread (before it didn't) Debugging: Added Code Filter. This lets you filter out code based on if it has been executed or not (Uses software breakpoints) Debugging: Added an option to chose if you wish to break on unexpected breakpoints, and if CE should break on unexpected breakpoints, or only on specified regions (like AA scripts) Disassembler: The comments now show multiple parameters Pointerscan: Add option to allow negative offset scanning Pointerscan: Add extra types to the display Advanced Options/CodeList: Now uses symbolnames Tutorial Game: Added a levelskip option when you've solved a step Tutorial Game: Added a secondary test Compare memory: Added a limit to the number of address values shown per row (can be changed) Address List: When the option to deactivate children is set, the children will get deactivated first Memory Scan: Add a lua script in autorun that lets you specify which module to scan Lua: ExecuteCodeEx(Let's you execute code in the target and pass parameters) Added 2 new parameters to getNameFromAddress (ModuleNames and Symbols) Added addModule and deleteModule to the symbollist class Added the ModuleLoader class which can force load dll's Fixed endUpdate for the listview Thanks go out to SER[G]ANT for updating the russion translation files already June 23 2018:Cheat Engine 6.8.1 Released: Apparently 6.8 contained a couple of annoying bugs, so here's an update that should hopefully resolve most issues. Also a few new features that can come handy Download: Cheat Engine 6.8.1 Fixes: Fixed several issues with the structure compare Fixed the commonality scanner from picking up unrelated registers for comparison Fixed speedhack hotkeys Fixed ultimap 1 Fixed a bunch of random access violations Fixed Lua dissectCode.getStringReferences now also returns the string Fixed Lua breakpoints that specify a specific function Fixed Lua toAddress when the 2nd parameter is an address Fixed assembling xmm,m32 Fixed issue when disassembling AVX instructions Fixed rightclicking r8-r9 in the registers window Fixed the plugin system for DBVM Fixed DBVM memory allocations when smaller than 4KB Additions and changes: Added translation strings for the all type settings You can now drop files into the auto assembler auto assembler commands allocnx (allocate no execute) and allocxo (allocate execute only) The memoryview windows's hexadecimalview now shows the allocationbase as well, and can be doubleclicked to go there Added support for mono dll's that do not export g_free Changed "make page writable" to multiple options Improved DBVM speed slightly Lua: added RemoteThread class object June 8 2018:Cheat Engine 6.8 Released: Cheat Engine 6.8 has been released. Lots of new features like structure compare, AVX disassembling support, lua functions, etc... Download: If you encounter bugs or have suggestions, please do not hesitate to report them in the forum, bugtracker or by e-mail. And if you have questions, don't hesitate to ask them in the forum Fixes: Fixed some more high dpi issues Fixed issues with the dropdown list in memory records Fixed pointer offset symbols not calculating properly Fixed registered binutils Fixed graphical issues with the tablist Fixed issue where memory blocks would get cut of before the page end Fixed some memory leaks Fixed some graphical issues in the addresslist Fixed rightclick on r8 and r9 in memoryview Fixed disassembling some instructions Fixed DBVM so it works on windows 1709 and later (tested on 1803) Fixed several DBVM offload crashes Fixed freeze with allow increase/decrease for 8 byte long values Fixed several issues where minimizing a window and then close it would hang CE Fixed file scanning Fixed crashes when editing memory in some some emulators Additions and changes: Text editor improvements Added hundreds of new cpu instructions Mono now has some new features like instancing of objects Mono instances window is now a treeview where you can see the fields and values "find what addresses this code accesses" can also be used on RET instructions now (useful to find callers) The graphical memory view now has a lot more options to set it just the way you need Codepage support in hexview structure data from PDB files can now be used, and are stored in a database for lookup later dissect structures form can now show a list of known structures (pdb, mono, ...) Added a "revert to saved scan" option (lets you undo changes) Added a "forgot scan" option (in case you forgot what you're doing) Pointerscan limit nodes is default on in a new ce install (remembers your choice when you disable it) Autoattach now happens using a thread instead of a gui blocking timer Some colorscheme enhancements Added a DBVM based "Find what writes/accesses" feature. (For pro users, enable kernelmode options for it to show) Changed the dissect data setup from seperate yes/no/value dialogs to a single window Added a bypass option for ultimap2 on windows 1709. When using ranges, do not use interrupts, or use DBVM Added find what writes/access to the foundlist Autoassembler scriptblocks are now grouped when written to memory Added {$try}/{$except} to auto assembler scripts Added an extra tutorial/practice target Added cut/copy/paste context menu items to pointer offset fields in add/change address, and added a context menu to the pointer destination Added an automated structure compare for two groups of addresses to find ways to distinguish between them lua: added automatic garbage collection and settings to configure it added new functions: gc_setPassive gc_setActive reinitializeSelfSymbolhandler registerStructureAndElementListCallback showSelectionList changed the getWindowlist output MainForm.OnProcessOpened (better use this instead of onOpenProcess) enumStructureForms cpuid getHotkeyHandlerThread bunch of dbvm_ functions (needs dbvm capable cpu, and intel only atm) and more, including class methods and fields (read celua.txt) Minor patches: 06/08/2018: 6.8.0.4 - Fixed speedhack hotkey speed asignments and some commonalityscanner issues 06/09/2018: 6.8.0.5 - Fixed only when down speedhack option 06/10/2018: 6.8.0.6 - Fixed ultimap1 - Fixed ultimap2 on some systems - Fixed enableDRM() from crashing - Fixed one disassembler instruction Russian translation has been updated November 13 2017:Can't run Cheat Engine There is apparently some malware going around that blocks execution of Cheat Engine (Saying file missing, check filename, etc...) If you have been a victim of this then try this windows repair tool to fix your windows install: Download Repair Tool November 9 2017:Spanish(Latin) translation added Manuel Ibacache M. from Chile has provided us with spanish(Latin) translation files for Cheat Engine. They can be downloaded from the download section where you can find the other translation files, or right here June 7 2017:Cheat Engine 6.7 Released: Cheat Engine 6.7 has been released. New lua functions, GUI improvements, codepage scanning, several bugfixes and more(See below). Download: Cheat Engine 6.7 If you encounter bugs or have suggestions, please do not hesitate to report them in the forum, bugtracker, irc or by e-mail. And if you have questions, don't hesitate to ask them in the forum , irc Fixes: Fixed some DPI issues at some spots Fixed the "Not" scan for ALL "simple values" now also applies to the All type Fixed not adding the 0-terminator to strings when the option was set to add it Fixed ultimap hotkeys Fixed ultimap2 filtering Changing pointers in the change address dialog won't set/override global memrec and address anymore (local now) Fixed show as signed not working for custom types Fixed several issues with the structure spider Fixed 64-bit registers in the tracer getting truncated on doubleclick, and fix r8 to r15 Fixed copy/paste in the scanvalue Fixed kernelmode QueryMemoryRegions for windows build 1607 Fixed some disassembler errors Fixed lua command fullAccess Fixed text to speech if launched from a different thread Fixed clicking on checkboxes when the dpi is different Fixed the found code dialog count size Fixed mono freezing Cheat Engine when it crashes/freezes Additions and changes: Changed the processlist and added an Applications view similar to the taskmanager Small change to the tutorial first step wording Structure Dissect: Added RLE compression (by mgr.inz.player) and other things to improve filesize Structure Dissect: If setting a name, it will also be shown in the header The symbolhandler can now deal with complex pointer notations Added support for single-ToPA systems for ultimap2 Added some more spots where the history will be remebered in memoryview Memoryrecords with auto assembler scripts can now execute their code asynchronous (rightclick and set "Execute asynchronous") Kernelmode memory reading/writing is safer now Added an option to filter out readable paths in the pointerscan rescan Added "codePage" support Added font/display options to several places in CE Added a search/replace to the script editors You can now delete addresses and reset the count from "Find what addresses this code accesses" Added a statusbar to the hexview in memoryview Pointerscan for value scans now add the results to the overflow queue Opening a file and changing bytes do not change them to the file anymore (you need to explicitly save now) Added an option to the processlist to filter out system processes Added a system to let users sign their tables so you know you can trust their tables. Memory record dropdown lists can now reference those of others. USe as entry text: (memoryrecorddescription) Added an option to notify users of new versions of Cheat Engine lua: Custom Types can now be referenced from Lua Auto assembler lua sections now have access to "memrec" which is the memory record they get executed from. Can be nil stringToMD5String now support strings with a 0 byte in them autoAssemble() now also returns a disableInfo object as 2nd parameter. You can use this to disable a script added Action and Value properties to MemoryRecordHotkey objects added screenToClient and clientToScreen for Control objects added readSmallInteger and writeSmallInteger added enableDRM() added openFileAsProcess/saveOpenedFile added saveCurrentStateAsDesign for CEForm objects added disableWithoutExecute and disableAllWithoutExecute added OnCustomDraw* events to the listview added being/endUpdate for the Strings class added SQL support added color overrides to the disassembler text added OnPaint to the CustomControl class added autoAssembleCheck to syntax check an AA script fixed the addresslist returning nil for PopupMenu (while popupMenu did work) added an timeout option for pipes added some graphical options added some low level system functions Russian translation has been updated Chinese translation has been updated May 15 2017:Korean language files Thanks to Petrus Kim there are now Korean language files for Cheat Engine. You can get them here Just extract it to the language folder in the Cheat Engine installation folder and you'll be able to use it April 13 2017:Cheat Engine for Macintosh download For the Mac users under us there is now a mac version available for download. It's based on Cheat engine 6.2 but I will be upgrading it to 6.6 and later based on the feedback I get. Tip:if you have trouble opening processes: Reboot your Mac and hold CMD+R during boot to enter the recovery console. There open the terminal (using the top menu) and enter "csrutil disable" . Then reboot and you'll be able to open most processes (Youtube video by NewAgeSoldier in case it's not clear) October 6 2016:Cheat Engine 6.6 Released: Cheat Engine 6.6 has been released. It has several fixes, new scan functionality, gui changes/improvements, Ultimap 2, better hotkeys, more programming options, and more(See below). Download: Cheat Engine 6.6 If you encounter bugs or have suggestions, please do not hesitate to report them in the forum, bugtracker, irc or by e-mail. And if you have questions, don't hesitate to ask them in the forum or irc Fixes: Fixed saving of hotkey sounds Fixed the CF flag in the disassembler stepping mode Fixed Kernelmode VirtualQueryEx for Windows 10 build 14393 Fixed DBVM for Windows 10 build 14393 Fixed the shortest assembler instruction picking for some instructions Fixed a few bugs in the break and trace routine when you'd stop it while the thread still had a single step set Fixed several ansi to UTF8 incompatbilities that poped up between 6.5 and 6.5.1 Fixed the stackview not properly setting the color, and giving an error when trying to change a color Fixed the exe generator not adding both .sys files or the .sig files when using kernel functions Fixed some places of the disassembler where it helps guessing if something is a float or not When using the code finder, it won't show the previous instruction anymore if it's on a REP MOVS* instruction Fixed an issue when editing memoryrecords with strings, where wordwrap would add newline characters Fixed D3D alpha channel for textures and fontmaps Fixed the helpfile not being searchable The installer will now mark the CE destination folder as accessible by APPS. (fixes speedhack for some APPS) Fixed the form designed crashing is resized 'wrong' Additions and changes: Ultimap 2 for Intel CPU's of generation 6 and later (no DBVM needed for those) Language select if you have multiple language files for CE Memoryrecord pointer offsets can use calculations, symbols and lua code now While stepping in the debugger you can now easily change the EIP/RIP register by pressing ctrl+f4 changed the way CE is brought to front when a hotkey is pressed Made the GUI more adaptive to different fontsizes and DPI Several font and minor GUI changes Added DPIAware and a font override to the settings window. (DPI aware is on by default, but can be turned of if experiencing issues) Added option to enable pause by default Disassembling mega jumps/calls now show the code in one line The standalone auto assembler window will now give an option to go to the first allocated memory address Changed the point where the settings are loaded in CE's startup sequence The formdesigner now allows copy and paste of multiple objects, and uses text Added scrollbox and radiogroup to the formdesigner Added Middle, MB4 and MB5 as allowable hotkeys Added controller keys as hotkeys Single stepping now shows an indication if an condition jump will be taken Added a watchlist to the debugger Added the 'align' assembler pseudo command (allocates memory so the next line is aligned on a block of the required size) Added the 'Not' option for scans, which causes all addresses that match the given entry as invalid Changed the Unicode text to UTF-16. Text scans are now UTF8/UTF16 (no codepage) Hexview can now show and edit values in 3 different textencodings. (Ascii, UTF-8 and UTF-16) Rescan pointerscans on pointerscans that where done on a range can now change the offset lua: speak(): Text to speech hookWndProc: a function that lets you hook the windows message handler of a window registerEXETrainerFeature: Lets you add extra files to the exe trainer file packer getFileVersion(): A function to get version information from a file mouse_event() : Lets you send mouse events to windows. (move, click, etc...) loadFontFromStream() : Lets you load a font from a memory stream. (Useful for trainers that use a custom font) added several thread synchronization objects control class: added bringToFront and sendToBack lua changes: dbk_writesIgnoreWriteProtection() now also disables virtualprotectex calls from CE loadTable() can now also load from a Stream object. the addresslist has some Color properties published for better customization the LUA server has had some new commands added so hooked code can do more efficient calls. (LUAClient dll has been updated to use them in a basic way) Russian translation has been updated French tutorial only translation has been updated as well 10/10/2016:6.6.0.1: Fixed align May 19 2016:Cheat Engine 6.5.1 Released: 6.5.1 has been released. It's mainly a bugfix version to replace 6.5 which had a few minor bugs that needed solving. Download: Cheat Engine 6.5.1 Fixes: Fixed increased value by/decreased value by for float values Fixed disassembling/assembling some instructions (64-bit) Fixed the autoassembler tokenizing wrong words Fixed several bugs related to the structure dissect window (mainly shown when autodestroy was on) Fixed a small saving issue Groupscans now deal with alignment issues better Fixed java support for 32-bit Additions and changes: Signed with a sha256 signature as well (for OS'es that support it) Changed Ultimap to use an official way to get the perfmon interrupt instead of IDT hooking (less BSOD on win10 and 8) Individual hotkeys can now play sounds Now compiled with fpc 3.0/lazarus 1.6 (Previously 2.7/1.1) You can now search in the string list PEInfo now has a copy to clipboard Some places can now deal better with mistakes Lazarus .LFM files can now be loaded and saved lua: Fixed several incompatibilities between lua that popped up in 6.5 (due to the lua 5.1 to 5.3 change) Fixed the OnSelectionChange callback property in the memoryview object MemoryRecords now have an Collapsed property Added TCanResizeEvent to the splitter Fixed setBreakpoint not setting a proper trigger if not provided Fixed executeCode* parameter passing Fixed several memory leaks where unregistering hooks/addons didn't free the internal call object Some tableFile additions Fixed registerAssemble assembler commands Added kernelmode alloc and (un)mapping functionality Added an easy way to add auto assembler templates Added window related functions including sendMessage Added Xbox360 controller support functions Added more thread functions Post release fixes: Dealt with several gui issues like the mainform to front on modal dialogs, header resizing stuck with the cursor, treeview item selection/deletion being weird, etc... Added a disconnect to the client in pointerscans Fixed pointerscan issue with 32-bit aligned pointers in a 64-bit process Fixed a deadlock in threads when lua custom types where used Post release fixes: Dealt with several gui issues like the mainform to front on modal dialogs, header resizing stuck with the cursor, treeview item selection/deletion being weird, etc... Added a disconnect to the client in pointerscans fixed pointerscan issue with 32-bit aligned pointers in a 64-bit process Fixed a deadlock in threads when lua custom types where used Fixed pointerscan resume 6/1/2016: (major bugfix) properly fixed resume of pointerscans and alignment fix December 31 2015:Cheat Engine 6.5 Released: I'd like to announce the release of Cheat Engine 6.5 If you encounter bugs or have suggestions, please do not hesitate to report them in the forum, bugtracker, irc or by e-mail. And if you have questions, don't hesitate to ask them in the forum or irc Fixes: Fixed page exception breakpoints from not working Fixed the save as button in the lua script assigned to the table Fixed the dotnetdatacollector from not fetching parent fields Fixed disassembling of some instructions Fixed assembling some instructions Fixed assembling instructions that referenced address 80000000 to ffffffff in 64-bit targets Fixed dealing with unexpected breakpoints Fixed several issues with the network scanner. (symbols, scanspeed, threads, etc...) Fixed "going to" 64-bit registers. Fixed pointerstrings for 64-bit Fixed the addressparser in memview's hexview not handing static 64-bit addresses Fixed r8 and r9 looking broken in the memoryview window Fixed hotkeys that set a value as hexadecimal and the value is smaller than 0x10 Fixed multiline string editing for memory records Fixed dragging cheat tables into CE Fixed VEH debug for 'Modern' apps Fixed several translation issues lua: fixed getStructureCount, writeRegionToFile, readRegionFromFile, readInteger, ListColum.GetCount fixed memoryleak in MemoryStream Several fixes to DBVM: added support for Windows 10 support for more than 8 cpu's support for newer cpu's fixed issue where calling CPUID right after setting the TF flag wouldn't trigger a breakpoint after it Additions and changes: Array of Byte's can now deal with nibble's. (e.g: 9* *0 90 is now a valid input- and scanstring) The auto assembler can now deal with some mistakes like forgetting to declare a label Added support to use binutils as assembler and disassembler, and a special scripting language for it Added support for 64-bit mono, and script support for cases where mono.dll isn't called mono.dll Added an option to get a list of all recently accessed memory regions. This is useful for the pointerscanner The pointerscanner can now use multiple snapshots (pointermaps) to do a scan. This basically lets you do a rescan during the first scan, saving your harddisk Made the pointerscan network scanner a bit easier to use. You can now join and leave a pointerscan session You can now stop pointerscans and resume them at a later time Pointerscan files can get converted to and from sqlite database files The pointerscan configuration window now has an advanced and basic mode display The all type now has a setting that lets you define what under "all" falls Custom types now also have access to the address they're being used on Split up the "(de)activating this (de)activates children" into two seperate options (one for activate, one for deactivate) Added some basic Thumb disassembling The xmplayer has been replaced with mikmod which supports many different module types (in lua you still call it xmplayer) Rightlicking on "your system supports dbvm" will let you manually load DBVM for each cpu. This is usefull if for some reason your system crashes when it's done too quickly In "Find what addresses this instruction accesses" you can now open the structure dissect window of your choice in case there are others. It will also fill in the base address, so no need to recalculate yourself AA command GlobalAlloc now has an optional 3th parameter that lets you specify the prefered region Added an option to record and undo writes. (Off by default, can be enabled in settings. Memview ctrl+z will undo the last edit) Added aobscanregion(name,startaddress,stopaddress,aob) lua: switched from Lua 5.1 to 5.3 debug_setBreakpoint can now take an OnBreakpoint parameter that lets you set a specific function just for that breakpoint added dbk_getPhysicalAddress(int) added dbk_writesIgnoreWriteProtection(bool) added getWindowList() And a bunch of other lua functions. (check out main.lua) Post release fixes (max 7 days after initial release *or 30 if a HUGE bug): 1/6/2016:Fixed structure dissect from crashing when autodestroy is on 1/6/2016:Fixed window position loading on multi monitor systems 1/6/2016:Fixed the lua customtype and 1/6/2016:Several minor gui fixe

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论 1
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值