Showing registers in real time is fully working

XaFF-XaFF · XaFF-XaFF · commit c6f382562b97 · 2021-12-17T13:16:43.000+01:00
diff --git a/Shellcodev/Core/AssemblyHandler.cs b/Shellcodev/Core/AssemblyHandler.cs
@@ -127,116 +127,133 @@ public string Assembler(string instructions)
         }
 
         #region Registers
-        private void AppendPointers(object[] pointers)
+
+        private void AppendRegisters(API.Registers registers)
         {
             List<string> list = new List<string>();
-            string[] registers = { "EIP: ", "ESP: ", "EBP: " };
+            string[] regs = { "EAX: ", "EBX: ", "ECX: ", "EDX: " };
+            object[] r = { registers.eax, registers.ebx, registers.ecx, registers.edx };
+
             var main = Main.ReturnInstance();
 
-            for (int i = 0; i < pointers.Length; i++)
+
+            for(int i = 0; i < regs.Length; i++)
             {
-                int toHex = Convert.ToInt32(pointers[i]);
+                int toHex = Convert.ToInt32(r[i]);
                 string hex = toHex.ToString("X8");
-                list.Add(registers[i] + hex);
+                list.Add(regs[i] + hex);
             }
 
             string str = string.Join(" ", list);
-            main.pointersBox.Text = str;
+            main.registersBox.Text = str;
         }
 
-        private void AppendIndexes(object[] indexes)
+        private void AppendIndexes(API.Registers registers)
         {
             List<string> list = new List<string>();
-            string[] registers = { "EDI: ", "ESI: " };
+            string[] indexes = { "EDI: ", "ESI: " };
+            object[] index = { registers.edi, registers.esi };
+
             var main = Main.ReturnInstance();
 
-            for (int i = 0; i < indexes.Length; i++)
+            for(int i = 0; i<indexes.Length; i++)
             {
-                int toHex = Convert.ToInt32(indexes[i]);
+                int toHex = Convert.ToInt32(index[i]);
                 string hex = toHex.ToString("X8");
-                list.Add(registers[i] + hex);
+                list.Add(indexes[i] + hex);
             }
 
             string str = string.Join(" ", list);
             main.indexesBox.Text = str;
         }
 
-        private void AppendRegisters(object[] registers, object[] pregs, string toClear)
+        private void AppendPointers(API.Registers registers)
         {
             List<string> list = new List<string>();
-            string[] regs = { "EAX: ", "EBX: ", "ECX: ", "EDX: " };
+            string[] pointers = { "EIP: ", "ESP: ", "EBP: " };
+            object[] pointer = {registers.eip, registers.esp, registers.ebp };
+
             var main = Main.ReturnInstance();
 
-            for (int i = 0; i < registers.Length; i++)
+            for(int i = 0; i<pointers.Length; i++)
             {
-                if ((int)registers[i] == 0 && (int)pregs[i] != 0)
-                {
-                    int toHex = Convert.ToInt32(pregs[i]);
-                    string hex = toHex.ToString("X8");
-                    list.Add(regs[i] + hex);
-                }
-                else if ((int)registers[i] != 0 && (int)pregs[i] != 0)
-                {
-                    if((int)registers[i] != 0)
-                    {
-                        int toHex = Convert.ToInt32(registers[i]);
-                        string hex = toHex.ToString("X8");
-                        list.Add(regs[i] + hex);
-                    }
-                    else
-                    {
-                        int toHex = Convert.ToInt32(pregs[i]);
-                        string hex = toHex.ToString("X8");
-                        list.Add(regs[i] + hex);
-                    }
-                }
-                else
-                {
-                    int toHex = Convert.ToInt32(registers[i]);
-                    string hex = toHex.ToString("X8");
-                    list.Add(regs[i] + hex);
-                }
+                int toHex = Convert.ToInt32(pointer[i]);
+                string hex = toHex.ToString("X8");
+                list.Add(pointers[i] + hex);
             }
 
             string str = string.Join(" ", list);
-            main.registersBox.Text = str;
+            main.pointersBox.Text = str;
         }
 
-        private void Appender(API.Registers registers, API.Registers prevRegs, string toClear)
+        private string Clear(string instruction)
         {
-            object[] pointers = { registers.eip, registers.esp, registers.ebp };
-            object[] indexes = { registers.edi, registers.esi };
+            string[] split = instruction.Split(new char[] { ',', ' ' });
 
-            object[] regs = { registers.eax, registers.ebx, registers.ecx, registers.edx };
-            object[] pregs = { prevRegs.eax, prevRegs.ebx, prevRegs.ecx, prevRegs.edx };
+            if (split[0] == "xor" && split[1] == split[2])
+                return split[1];
 
-            AppendPointers(pointers);
-            AppendIndexes(indexes);
-            AppendRegisters(regs, pregs, toClear);
+            return null;
         }
 
-        private string ClearCheck(string instruction)
+        // Absolute pain
+        private API.Registers Configure(API.Registers registers, API.Registers prevRegisters, string instruction)
         {
-            string[] split = instruction.Split(new char[] { ' ', ',' }, StringSplitOptions.RemoveEmptyEntries);
+            string reg = Clear(instruction);
+
+            if (registers.eax != 0) prevRegisters.eax = registers.eax;
+            else if(registers.ebx != 0) prevRegisters.ebx = registers.ebx;
+            else if(registers.ecx != 0) prevRegisters.ecx = registers.ecx;
+            else if(registers.edx != 0) prevRegisters.edx = registers.edx;
+            else if(registers.esi != 0) prevRegisters.esi = registers.esi;
+            else if(registers.edi != 0) prevRegisters.edi = registers.edi;
+            else if(registers.ebp != 0) prevRegisters.ebp = registers.ebp;
 
-            if (split[0] == "xor" && split[1] == split[2]) // Clearing register
+
+            prevRegisters.eip = registers.eip;
+            prevRegisters.esp = registers.esp;
+
+            switch (reg)
             {
-                return split[1];
+                case "eax":
+                    prevRegisters.eax = 0;
+                    break;
+                case "ebx":
+                    prevRegisters.ebx = 0;
+                    break;
+                case "ecx":
+                    prevRegisters.ecx = 0;
+                    break;
+                case "edx":
+                    prevRegisters.edx = 0;
+                    break;
+                case "edi":
+                    prevRegisters.edi = 0;
+                    break;
+                case "esi":
+                    prevRegisters.esi = 0;
+                    break;
+                case "ebp":
+                    prevRegisters.ebp = 0;
+                    break;
+
+                default:
+                    break;
             }
 
-            return null;
+            return prevRegisters;
         }
 
         public unsafe void SetRegisters(string instruction, API.PROCESS_INFORMATION pi)
         {
             IntPtr pointer = API.GetRegisters(instruction, &pi);
             API.Registers registers = Marshal.PtrToStructure<API.Registers>(pointer);
 
-            string toClear = ClearCheck(instruction);
-
-            Appender(registers, Main.prevRegs, toClear);
+            Main.registers = Configure(registers, Main.registers, instruction);
 
-            Main.prevRegs = registers;
+            AppendRegisters(Main.registers);
+            AppendIndexes(Main.registers);
+            AppendPointers(Main.registers);
         }
         #endregion
     }
diff --git a/Shellcodev/Core/Instruction.cs b/Shellcodev/Core/Instruction.cs
@@ -136,8 +136,6 @@ public Instruction(string instruction)
 
                 tempBytes = handler.Assembler(instruction);
                 main.ByteAppender(tempBytes);
-
-
             }
         }
     }
diff --git a/Shellcodev/Forms/Main.cs b/Shellcodev/Forms/Main.cs
@@ -9,8 +9,9 @@ namespace Shellcodev.Forms
     public partial class Main : Form
     {
         private static int previousIndex;
+
         public static API.PROCESS_INFORMATION pi;
-        public static API.Registers prevRegs;
+        public static API.Registers registers;
 
         private static Main instance;
         public static Main ReturnInstance()
@@ -21,7 +22,7 @@ public static Main ReturnInstance()
         //TODO: Show registers value at runtime (finished). Fix bugs
         //      https://github.com/asmjit/asmjit/issues/27
 
-        private API.PROCESS_INFORMATION InitProcess()
+        private void InitProcess() //API.PROCESS_INFORMATION I
         {
             API.STARTUPINFO si = new API.STARTUPINFO();
             pi = new API.PROCESS_INFORMATION();
@@ -42,7 +43,6 @@ private API.PROCESS_INFORMATION InitProcess()
                 MessageBox.Show("ERROR! CreateProcess Failed");
                 this.Close();
             }
-            return pi;
         }
 
         public Main()
@@ -57,7 +57,8 @@ public Main()
 
             // Stabilization of registers
             handler.SetRegisters("xor eax,eax", pi);
-            handler.SetRegisters("xor eax,eax", pi);
+            handler.SetRegisters("xor ebx,ebx", pi);
+            handler.SetRegisters("xor ecx,ecx", pi);
         }
 
         public void ByteAppender(string bytes)

Original file line number	Diff line number	Diff line change
`@@ -136,8 +136,6 @@ public Instruction(string instruction)`
`136`	`136`
`137`	`137`	`tempBytes = handler.Assembler(instruction);`
`138`	`138`	`main.ByteAppender(tempBytes);`
`139`		`-`
`140`		`-`
`141`	`139`	`}`
`142`	`140`	`}`
`143`	`141`	`}`