您好我试图在Windows中使用c / c ++构建外部调试器。到目前为止,我现在的目标是将调试器附加到进程,然后捕获一些断点。到目前为止,我设法使用CreateProcessA从代码运行进程,并成功捕获断点。但我想附加到外部流程。这是我的代码:
void attachProcess(DWORD pid) {
errCheck("before obtaining handle");
/*
* if I uncomment those 2 lines I also succeed to obtain the handle but the pid changes(it finds the proper process, tested it)
*
HWND wnd = FindWindowA(NULL, "Kalkulator");
GetWindowThreadProcessId(wnd, &pid);
*/
HANDLE handle = OpenProcess(PROCESS_ALL_ACCESS, 0, pid);
if(handle == 0) {
log("no process hanle obtained - process not found", ERR);
return;
}
log("handler obtained", POSITIVE);
log<void*>(handle, POSITIVE);
errCheck("after obtaining handle");
if(DebugActiveProcess(pid)) {
log("attached to process, pid:",POSITIVE);
log<DWORD>(pid,POSITIVE);
DEBUG_EVENT debug_event = {0};
while(WaitForDebugEvent(&debug_event, INFINITE)) {
handleDebugEvent(&debug_event);
ContinueDebugEvent(debug_event.dwProcessId, debug_event.dwThreadId, DBG_CONTINUE);
}
} else {
log("unable to attach to process, pid:", ERR);
log<DWORD>(pid,ERR);
errCheck("attaching");
}
CloseHandle(&handle);
}
此代码成功获取句柄,但它在DebugActiveProcess上崩溃,但错误为50 ERROR_NOT_SUPPORTED。我的Windows是64位,所以是计算过程(我假设因为在任务管理器中没有注意它是32位)。有什么想法我做错了什么?谢谢!
这是示例输出btw:
[+] handler obtained
[+] 0xe8
[!] unable to attach to process, pid:
[!] 7212
[!] attaching | error occured
[!] 50