Skip to content

Commit

Permalink
Merge pull request #236 from thejoelpatrol/x64dbg-dbgchild
Browse files Browse the repository at this point in the history
Add x64dbg DbgChild
  • Loading branch information
Ana06 authored Apr 9, 2024
2 parents f75d0df + f3fdfcf commit 3162c8a
Show file tree
Hide file tree
Showing 4 changed files with 91 additions and 0 deletions.
62 changes: 62 additions & 0 deletions packages/x64dbg.dbgchild.vm/tools/chocolateyinstall.ps1
Original file line number Diff line number Diff line change
@@ -0,0 +1,62 @@
$ErrorActionPreference = 'Stop'
Import-Module vm.common -Force -DisableNameChecking

try {
$tempDownloadDir = Join-Path ${Env:chocolateyPackageFolder} "temp_$([guid]::NewGuid())"
$toolDir = Join-Path ${Env:RAW_TOOLS_DIR} 'x64dbg\release' -Resolve
$packageArgs = @{
packageName = ${Env:ChocolateyPackageName}
unzipLocation = $tempDownloadDir
url = 'https://github.com/therealdreg/DbgChild/releases/download/beta10/DbgChild.Beta.10.zip'
checksum = 'f17f588795d8f5f94d71335a8acfa58946bb03a94a5637be7f3e804c652ea2b4'
checksumType = 'sha256'
}

VM-Remove-PreviousZipPackage ${Env:chocolateyPackageFolder}
Install-ChocolateyZipPackage @packageArgs
$unzippedDir = (Get-ChildItem -Directory $tempDownloadDir | Where-Object {$_.PSIsContainer} | Select-Object -f 1).FullName
VM-Assert-Path $unzippedDir

$archs = @("x32", "x64")
foreach ($arch in $archs) {
$archDstDir = Join-Path $toolDir "${arch}" -Resolve
$pluginDstDir = Join-Path $archDstDir 'plugins'
if (-Not (Test-Path $pluginDstDir -PathType Container)) {
New-Item -ItemType directory $pluginDstDir -Force -ea 0 | Out-Null
}
VM-Assert-Path $pluginDstDir

# Move 32/64-bit plugin DLL itself into the arch directory
$pluginSrcPath = Join-Path $unzippedDir "release\${arch}\plugins" -Resolve
Get-ChildItem -Path $pluginSrcPath -File | Move-Item -Destination $pluginDstDir -Force

# Note that we don't simply move all children including directories, because we don't want to overwrite plugins

# Move all the other arch-specific files
$archSrcPath = Join-Path $unzippedDir "release\${arch}" -Resolve
Get-ChildItem -Path $archSrcPath -File | Move-Item -Destination $archDstDir -Force
if (-Not(Test-Path "${archDstDir}\CPIDS" -PathType Container)) {
New-Item -ItemType directory "${archDstDir}\CPIDS" -Force -ea 0 | Out-Null
}
}

# Move the NewProcessWatcher and text files into the main x64dbg directory
$releaseSrcDir = Join-Path $unzippedDir 'release'

Get-ChildItem -Path $releaseSrcDir -File | Move-Item -Destination $toolDir -Force
if (-Not(Test-Path "${toolDir}\dbgchildlogs" -PathType Container)) {
Move-Item -Path "${releaseSrcDir}\dbgchildlogs" -Destination $toolDir
}

# Make sure at least one of the files in each dir ended up in the right place
VM-Assert-Path "${toolDir}\NewProcessWatcher.exe"
VM-Assert-Path "${toolDir}\x32\CreateProcessPatch.exe"
VM-Assert-Path "${toolDir}\x64\CreateProcessPatch.exe"
VM-Assert-Path "${toolDir}\x32\plugins\dbgchild.dp32"
VM-Assert-Path "${toolDir}\x64\plugins\dbgchild.dp64"

# $unzippedDir is in $tempDownloadDir, so this should clean up both of them
Remove-Item $tempDownloadDir -Recurse -Force -ea 0
} catch {
VM-Write-Log-Exception $_
}
15 changes: 15 additions & 0 deletions packages/x64dbg.dbgchild.vm/tools/chocolateyuninstall.ps1
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
$ErrorActionPreference = 'Continue'

$toolDir = Join-Path ${Env:RAW_TOOLS_DIR} 'x64dbg\release'
foreach ($file in $("NewProcessWatcher.exe", "readme_dbgchild.txt", "x64_post.unicode.txt", "x64_pre.unicode.txt", "x86_post.unicode.txt", "x86_pre.unicode.txt", "dbgchildlogs")) {
Remove-Item "${toolDir}\${file}" -Recurse -Force
}

$archFiles = @("CreateProcessPatch.exe", "DbgChildHookDLL.dll", "NTDLLEntryPatch.exe", "CPIDS")
foreach ($arch in @("32", "64")) {
$toolDir = Join-Path ${Env:RAW_TOOLS_DIR} "x64dbg\release\x${arch}"
foreach ($file in $archFiles) {
Remove-Item "${toolDir}\${file}" -Recurse -Force
}
Remove-Item "${toolDir}\plugins\dbgchild.dp${arch}" -Force
}
13 changes: 13 additions & 0 deletions packages/x64dbg.dbgchild.vm/x64dbg.dbgchild.vm.nuspec
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
<?xml version="1.0" encoding="utf-8"?>
<package xmlns="http://schemas.microsoft.com/packaging/2015/06/nuspec.xsd">
<metadata>
<id>x64dbg.dbgchild.vm</id>
<version>10</version>
<description>DbgChild is an x64dbg plugin to automatically attach to spawned child processes.</description>
<authors>Dreg (David Reguera Garcia)</authors>
<dependencies>
<dependency id="common.vm" />
<dependency id="x64dbg.vm" />
</dependencies>
</metadata>
</package>
1 change: 1 addition & 0 deletions scripts/test/lint.py
Original file line number Diff line number Diff line change
Expand Up @@ -304,6 +304,7 @@ class UsesInvalidCategory(Lint):
EXCLUSIONS = [
".ollydumpex.vm",
".scyllahide.vm",
".dbgchild.vm",
"common.vm",
"debloat.vm",
"dokan.vm",
Expand Down

0 comments on commit 3162c8a

Please sign in to comment.