Rock debugger
[ru]
Guest book
Downloads
Documents
Links
Contacts

Victor Fisyuk Victor_status


What do you think about Rock Debugger plugins system:

extremely useful feature
useful feature, but English documentation is not available
a good feature
useful, but not for me
who needs it?


Rock Debugger Tutorial

Copyright © 2004-2006 Fisyuk Victor

Rock Debugger is a 32-bit assembler-level analyzing Debugger. Works under Microsoft Windows 2000/XP/2003.


In current version (Rock Debugger 2.0.0.157) the following features have been added:

  • plugins (object-oriented);
  • scrolling of the disassembler window by keys and mouse wheel.

Debugger has the next features

  • assembler сode highlighting
  • breakpoints on code execution, API functions and memory access. (There is support of conditional breakpoints. To set a condition used binary operations <, >, ==, !=, &&, || with corresponding meaning register names eax, ebx, etc. and memory access operations like dword [addr], word[addr], byte [addr].)
  • expressions evaluation. Expression may consist of the binary operations like +, - , *, /, %, unary operations &, , |, >>, << and memory access operations [addr], byte[addr], word[addr], dword[addr].
  • API functions arguments viewing. Functions and types description placed in the FDL files.
  • support registers, stack and process dump view.


FDL Editor


 

FDL Editor it is a program are specially designed for editing FDL files. Types and functions arguments in FDL files described with 'C' - like syntax. For example API function 

	HANDLE CreateFile( LPCTSTR lpFileName, DWORD dwDesiredAccess,
		DWORD dwShareMode, LPSECURITY_ATTRIBUTES lpSecurityAttributes,   
		DWORD dwCreationDistribution, DWORD dwFlagsAndAttributes, 
		HANDLE hTemplateFile )
you have to describe by the next way 
	enum DESIRED_ACCESS
	{
		GENERIC_ALL = 0x10000000;
		GENERIC_EXECUTE = 0x20000000;
		GENERIC_READ = 0x80000000;
		GENERIC_WRITE = 0x40000000;
	}
	enum SHARE_MODE
	{
		FILE_SHARE_DELETE = 0x00000004;
		FILE_SHARE_READ = 0x00000001;
		FILE_SHARE_WRITE;
	}
	struct SECURITY_ATTRIBUTES
	{
		DWORD nLength;
		LPVOID lpSecurityDescriptor;
		BOOL bInheritHandle;
	}
	enum CREATION_DISTRIBUTION
	{
		CREATE_ALWAYS = 0x00000002;
		CREATE_NEW = 0x00000001;
		OPEN_ALWAYS = 0x00000004;
		OPEN_EXISTING = 0x00000003;
		TRUNCATE_EXISTING = 0x00000005;
	}
	enum FILE_FLAGS_AND_ATTRIBUTE
	{
		FILE_ATTRIBUTE_ARCHIVE = 0x00000020;
		FILE_ATTRIBUTE_COMPRESSED = 0x00000800;
		FILE_ATTRIBUTE_ENCRYPTED = 0x00004000;
		FILE_ATTRIBUTE_HIDDEN = 0x00000002;
		FILE_ATTRIBUTE_NORMAL = 0x00000080;
		FILE_ATTRIBUTE_NOT_CONTENT_INDEXED = 0x00002000;
		FILE_ATTRIBUTE_OFFLINE = 0x00001000;
		FILE_ATTRIBUTE_READONLY = 0x00000001;
		FILE_ATTRIBUTE_SYSTEM = 0x00000004;
		FILE_ATTRIBUTE_TEMPORARY = 0x00000100;
		FILE_FLAG_BACKUP_SEMANTICS = 0x02000000;
		FILE_FLAG_DELETE_ON_CLOSE = 0x04000000;
		FILE_FLAG_FIRST_PIPE_INSTANCE = 0x00080000;
		FILE_FLAG_NO_BUFFERING = 0x20000000;
		FILE_FLAG_OPEN_NO_RECALL = 0x00100000;
		FILE_FLAG_OPEN_REPARSE_POINT = 0x00200000;
		FILE_FLAG_OVERLAPPED = 0x40000000;
		FILE_FLAG_POSIX_SEMANTICS = 0x01000000;
		FILE_FLAG_RANDOM_ACCESS = 0x10000000;
		FILE_FLAG_SEQUENTIAL_SCAN = 0x08000000;
		FILE_FLAG_WRITE_THROUGH = 0x80000000;
	}
	
	CreateFileA(
	LPCSTR lpFileName,
	DWORD dwDesiredAccess < bit_flags = DESIRED_ACCESS >,
	DWORD dwShareMode < bit_flags = SHARE_MODE >,
	SECURITY_ATTRIBUTES* lpSecurityAttributes,
	DWORD dwCreationDisposition< sym_const = CREATION_DISTRIBUTION >,
	DWORD dwFlagsAndAttributes< bit_flags = FILE_FLAGS_AND_ATTRIBUTE >,
	HANDLE hTemplateFile )
sym_const means a variable is enumeration value, bit_flags means that a variable is combination of enumeration values.

FDL files can be uploaded to debugger and used for functions arguments viewing. For example

 
Page author Bebos.
2005.
[main]