Implement minidump plugin

mrexodia · Nov 21, 2021 · 9a0d93b · 9a0d93b
1 parent fc410b3
commit 9a0d93b
Show file tree

Hide file tree

Showing 6 changed files with 102 additions and 31 deletions.
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -16,17 +16,17 @@ jobs:
 
     - name: Build (x64)
       run: |
-        mkdir package\plugins\x64
+        mkdir package\x64\plugins
         cmake -B build64 -A x64
         cmake --build build64 --config Release
-        copy build64\Release\*.dp64 package\plugins\x64\
+        copy build64\Release\*.dp64 package\x64\plugins\
 
     - name: Build (x32)
       run: |
-        mkdir package\plugins\x32
+        mkdir package\x32\plugins
         cmake -B build32 -A Win32
         cmake --build build32 --config Release
-        copy build32\Release\*.dp32 package\plugins\x32\
+        copy build32\Release\*.dp32 package\x32\plugins\
     
     - uses: actions/upload-artifact@v2
       with:

diff --git a/CMakeLists.txt b/CMakeLists.txt
@@ -37,34 +37,34 @@ set(CMAKE_SHARED_LINKER_FLAGS_RELEASE "/DEBUG:FULL /INCREMENTAL:NO" CACHE STRING
 set(CMAKE_BUILD_TYPE "Release" CACHE STRING "")
 set(CMAKE_MSVC_RUNTIME_LIBRARY "MultiThreaded$<$<CONFIG:Debug>:Debug>" CACHE STRING "")
 
-project(PluginTemplate)
+project(MiniDump)
 
 include("cmake/CPM.cmake")
 include("cmake/x64dbg.cmake")
 
-# Target PluginTemplate
-set(CMKR_TARGET PluginTemplate)
-set(PluginTemplate_SOURCES "")
+# Target MiniDump
+set(CMKR_TARGET MiniDump)
+set(MiniDump_SOURCES "")
 
-list(APPEND PluginTemplate_SOURCES
+list(APPEND MiniDump_SOURCES
 	"src/plugin.cpp"
 	"src/pluginmain.cpp"
 	"src/plugin.h"
 	"src/pluginmain.h"
 )
 
-list(APPEND PluginTemplate_SOURCES
+list(APPEND MiniDump_SOURCES
 	cmake.toml
 )
 
-set(CMKR_SOURCES ${PluginTemplate_SOURCES})
-add_library(PluginTemplate SHARED)
+set(CMKR_SOURCES ${MiniDump_SOURCES})
+add_library(MiniDump SHARED)
 
-if(PluginTemplate_SOURCES)
-	target_sources(PluginTemplate PRIVATE ${PluginTemplate_SOURCES})
+if(MiniDump_SOURCES)
+	target_sources(MiniDump PRIVATE ${MiniDump_SOURCES})
 endif()
 
-source_group(TREE ${CMAKE_CURRENT_SOURCE_DIR} FILES ${PluginTemplate_SOURCES})
+source_group(TREE ${CMAKE_CURRENT_SOURCE_DIR} FILES ${MiniDump_SOURCES})
 
 x64dbg_plugin(${CMKR_TARGET})
 

diff --git a/README.md b/README.md
@@ -1,13 +1,8 @@
-# PluginTemplate
+# MiniDumpPlugin
 
-Template CMake project for x64dbg plugins. This uses [cmkr](https://build-cpp.github.io/cmkr/), `cmake.toml` contains the project configuration.
+Simple [x64dbg](https://x64dbg.com) plugin to save the current state in a full minidump. Created for [dumpulator](https://github.com/mrexodia/dumpulator).
 
-## Using the template
-
-You can click the green *Use this template* button. See the article [*Creating a repository from a template*
-](https://docs.github.com/en/free-pro-team@latest/github/creating-cloning-and-archiving-repositories/creating-a-repository-from-a-template) by GitHub for more details.
-
-Alternatively you can download a ZIP of this repository and set up the template locally.
+**Download the latest binaries [here](https://github.com/mrexodia/MiniDumpPlugin/releases).**
 
 ## Building
 
@@ -18,7 +13,7 @@ cmake -B build64 -A x64
 cmake --build build64 --config Release
 ```
 
-You will get `build64\PluginTemplate.sln` that you can open in Visual Studio.
+You will get `build64\MiniDump.sln` that you can open in Visual Studio.
 
 To build a 32-bit plugin:
 
@@ -29,5 +24,3 @@ cmake --build build32 --config Release
 
 Alternatively you can open this folder in Visual Studio/CLion/Qt Creator.
 
-![building animation](https://github.com/x64dbg/PluginTemplate/blob/3951eb4b320b7a26164616ab5141414e8cd5b0a1/building.gif?raw=true)
-
diff --git a/cmake.toml b/cmake.toml
@@ -14,13 +14,13 @@ set(CMAKE_SHARED_LINKER_FLAGS_RELEASE "/DEBUG:FULL /INCREMENTAL:NO" CACHE STRING
 set(CMAKE_BUILD_TYPE "Release" CACHE STRING "")
 set(CMAKE_MSVC_RUNTIME_LIBRARY "MultiThreaded$<$<CONFIG:Debug>:Debug>" CACHE STRING "")
 """
-name = "PluginTemplate"
+name = "MiniDump"
 include-after = [
     "cmake/CPM.cmake",
     "cmake/x64dbg.cmake",
 ]
 
-[target.PluginTemplate]
+[target.MiniDump]
 type = "shared"
 sources = [
     "src/*.cpp",

diff --git a/cmake/x64dbg.cmake b/cmake/x64dbg.cmake
@@ -1,7 +1,7 @@
 CPMAddPackage(
     NAME x64dbg
-    URL https://downloads.sourceforge.net/project/x64dbg/snapshots/snapshot_2021-11-20_10-12.zip
-    URL_HASH SHA1=C75AC6BA7E7E5AB60632EED5648254E4BEF11465
+    URL https://downloads.sourceforge.net/project/x64dbg/snapshots/snapshot_2021-05-08_14-17.zip
+    URL_HASH SHA1=a46f3bf3f84fee3b1f7da8949e79d425d7294979
     DOWNLOAD_ONLY ON
 )
 

diff --git a/src/plugin.cpp b/src/plugin.cpp
@@ -1,9 +1,87 @@
 #include "plugin.h"
+#include <DbgHelp.h>
+
+#pragma comment(lib, "dbghelp.lib")
+
+static bool g_hasException = false;
+static EXCEPTION_DEBUG_INFO g_exception;
+
+PLUG_EXPORT void CBEXCEPTION(CBTYPE, PLUG_CB_EXCEPTION* exception)
+{
+	if (exception->Exception)
+	{
+		g_hasException = true;
+		memcpy(&g_exception, exception->Exception, sizeof(g_exception));
+	}
+}
+
+PLUG_EXPORT void CBSTOPDEBUG(CBTYPE, PLUG_CB_STOPDEBUG*)
+{
+	g_hasException = false;
+}
+
+static bool cbMiniDump(int argc, char* argv[])
+{
+	if (DbgIsRunning())
+	{
+		dputs("Cannot dump while running...");
+		return false;
+	}
+
+	if (argc < 2)
+	{
+		dputs("Usage: MiniDump my.dmp");
+		return false;
+	}
+
+	HANDLE hFile = CreateFileA(argv[1], GENERIC_WRITE, 0, nullptr, CREATE_ALWAYS, FILE_ATTRIBUTE_NORMAL, nullptr);
+	if (hFile == INVALID_HANDLE_VALUE)
+	{
+		dprintf("Failed to create '%s'\n", argv[1]);
+		return false;
+	}
+
+	CONTEXT context;
+	context.ContextFlags = CONTEXT_ALL;
+	GetThreadContext(DbgGetThreadHandle(), &context);
+
+	EXCEPTION_POINTERS exceptionPointers = {};
+	exceptionPointers.ContextRecord = &context;
+	exceptionPointers.ExceptionRecord = &g_exception.ExceptionRecord;
+	if (exceptionPointers.ExceptionRecord->ExceptionCode == 0)
+	{
+		auto& exceptionRecord = *exceptionPointers.ExceptionRecord;
+		exceptionRecord.ExceptionCode = 0xFFFFFFFF;
+#ifdef _WIN64
+		exceptionRecord.ExceptionAddress = PVOID(context.Rip);
+#else
+		exceptionRecord.ExceptionAddress = PVOID(context.Eip);
+#endif // _WIN64
+	}
+
+	MINIDUMP_EXCEPTION_INFORMATION exceptionInfo = {};
+	exceptionInfo.ThreadId = DbgGetThreadId();
+	exceptionInfo.ExceptionPointers = &exceptionPointers;
+	exceptionInfo.ClientPointers = FALSE;
+	auto dumpType = MINIDUMP_TYPE(MiniDumpWithFullMemory | MiniDumpWithFullMemoryInfo | MiniDumpIgnoreInaccessibleMemory);
+	if (MiniDumpWriteDump(DbgGetProcessHandle(), DbgGetProcessId(), hFile, dumpType, &exceptionInfo, nullptr, nullptr))
+	{
+		dputs("Dump saved!");
+	}
+	else
+	{
+		dprintf("MiniDumpWriteDump failed :( LastError = %d\n", GetLastError());
+	}
+
+	CloseHandle(hFile);
+	return true;
+}
 
 //Initialize your plugin data here.
 bool pluginInit(PLUG_INITSTRUCT* initStruct)
 {
-    return true; //Return false to cancel loading the plugin.
+	_plugin_registercommand(pluginHandle, "MiniDump", cbMiniDump, true);
+	return true; //Return false to cancel loading the plugin.
 }
 
 //Deinitialize your plugin data here.