1
0
mirror of synced 2025-01-12 06:12:15 +01:00

33 Commits

Author SHA1 Message Date
WerWolv
91f6aae9ef impr: Make Win32 API properly use unicode support 2024-06-28 11:12:17 +02:00
Truman Kilen
5c84ef5f72
feat: Added Linux support to the Process Memory Provider (#1331)
<!--
Please provide as much information as possible about what your PR aims
to do.
PRs with no description will most likely be closed until more
information is provided.
If you're planing on changing fundamental behaviour or add big new
features, please open a GitHub Issue first before starting to work on
it.
If it's not something big and you still want to contact us about it,
feel free to do so !
-->

### Problem description
<!-- Describe the bug that you fixed/feature request that you
implemented, or link to an existing issue describing it -->
Implement a Linux backend for the ProcessMemoryProvider plugin.

### Implementation description
<!-- Explain what you did to correct the problem -->
Most of the provider code is the same between Windows and Linux. The
primary differences are:
- enumerate PIDs in `/proc/` to get the process list
- use `/proc/<PID>/cmdline` as the process name
- parse `/proc/<PID>/maps` to get the module list
- reading/writing from memory is done using
`process_vm_readv`/`process_vm_writev`

NOTE: `sudo setcap CAP_SYS_PTRACE=+eip build/imhex` must be run to give
the binary permission to read another process' memory. Running as root
user should also work but I would not recommend it.

### Additional things
The existing translations keys no longer match since I moved the plugin
from `windows` to `builtin`.

I'm not well versed in C++ so I attempted to keep my changes rather
simple. Feedback is very welcome.

---------

Co-authored-by: WerWolv <werwolv98@gmail.com>
2023-12-07 23:33:15 +01:00
WerWolv
3a016da549 impr: Make providers return a 64 bit size on all platforms 2023-12-07 12:06:26 +01:00
WerWolv
e6ad54b53b fix: Overlays not being applied properly 2023-12-02 18:42:57 +01:00
WerWolv
a50bb39978 impr: Further improve compile times 2023-11-30 14:40:07 +01:00
WerWolv
e370fdb0fc build: Add support for unity builds 2023-11-30 10:22:15 +01:00
WerWolv
494223fff6 fix: Provider load interface not opening 2023-11-27 15:34:05 +01:00
WerWolv
909f4b7fe8 refactor: Rename and update localization system 2023-11-21 14:38:01 +01:00
WerWolv
c89a870fe9 refactor: Streamline entire view system 2023-11-21 13:47:50 +01:00
WerWolv
1249eb3261 impr: Optimize includes in often used header files 2023-11-18 14:34:33 +01:00
iTrooz
39252dfe48
refactor: Move custom ImGui functions to ImGuiExt namespace (#1427)
Co-authored-by: Nik <werwolv98@gmail.com>
2023-11-16 22:24:06 +01:00
WerWolv
498d8c1d65 impr: General code cleanup 2023-11-10 20:47:08 +01:00
WerWolv
407ec1ceb6 build: Use custom jthread implementation if standard one is not available 2023-11-02 20:21:38 +01:00
iTrooz
e3ae169833
impr: Separate the behaviour of being savable and being dumpable for provider (#1183)
### Problem description

Currently, the providers use the method `isSavable()` to determine both
if they can use "Save" or "Save as".
This behaviour is problematic because some providers may need to be
saveable but not saveable as: for example the view provider. The
original provider may not allow to be saved.

### Implementation description
I separate these two behaviour by creating another function:
`isDumpable()`, that return true by default but can be overridden by the
provider to return false, if the provider should not be dumped in any
way.

### Additional things

While I was at it, I also marked "export" operations as needing the
"dumpable" flag. That way, we can't accidentally export the whole
address space of a process as base64.

I also added documentation for these some functions in Provider
2023-07-05 20:49:57 +02:00
WerWolv
07aabe8efa impr: Improved types used in provider functions 2023-06-04 10:42:11 +02:00
WerWolv
5097a223e3 impr: Added default saveAs implementation for all providers 2023-03-17 08:15:43 +01:00
WerWolv
7cdba75bef fix: Crash when not making a valid selection in provider load interfaces 2023-03-16 16:48:15 +01:00
WerWolv
9b80486285 fix: Process Memory provider search not being case insensitive 2023-01-28 11:41:09 +01:00
WerWolv
cf9df6e36d feat: Added ability to query provider information from pattern language 2023-01-24 09:07:11 +01:00
WerWolv
763196f0cc feat: Added filtering to Process Memory Provider 2023-01-05 09:30:15 +01:00
WerWolv
80f3bbb0af feat: Added DLL injection option, fixed memory region addresses 2023-01-04 10:02:17 +01:00
WerWolv
3a117b3bed feat: Display process icons in process memory provider 2023-01-03 16:34:22 +01:00
WerWolv
d7d19d7594 feat: Further improve process memory provider 2023-01-01 12:26:27 +01:00
WerWolv
90df4413c3 feat: Added basic windows process memory provider 2023-01-01 02:29:38 +01:00
WerWolv
327e904dbc sys: Fixed many clang tidy warnings and typos 2022-03-04 20:52:39 +01:00
WerWolv
ce59226909 sys: Reformat all 2022-02-01 22:09:44 +01:00
WerWolv
1991afb87b
sys: Get rid of SharedData struct and cleanup code structure (#411)
* sys: Initial refactoring of the SharedData class

* sys/pattern: More refactoring, make every provider have its own patterns

* sys: Finished up refactoring. No more SharedData!

* sys: Fixed compile on Unix

* tests: Fixed unit tests

* sys: Moved view and lang files

* pattern: Added assignment operator support to for loops

* tests: Fixed compile issue
2022-02-01 18:09:40 +01:00
WerWolv
0e08b0226b sys: Added clang-format file, formatted entire project 2022-01-24 20:53:17 +01:00
WerWolv
714d421334 api: Moved menu item adding to a new registry-type API 2022-01-23 11:54:21 +01:00
WerWolv
eaacb4d102 ui: Added proper localization for TTY Console 2021-06-06 18:19:17 +02:00
WerWolv
53c8f6ec74 sys: Fix crashes with TTY console, add sending of signals 2021-06-05 22:39:47 +02:00
WerWolv
d1b942cea5 plugin/windows: Fixed scrolling and last line displaying in TTY console 2021-05-29 23:47:08 +02:00
WerWolv
c22d1033eb plugin/windows: Added TTY Console view 2021-05-29 21:52:52 +02:00