New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Feature Request] Ultimap-like tool with limited software breakpoints #358
Comments
sounds interesting. I'll look into it |
https://www.youtube.com/watch?v=P0UXR861WYM |
I thought about making something very like this, just haven't had the time. I was thinking you select a region of code in the disassembler view and it could automatically write an injection that would duplicate each line win an 'inc' instruction to see how many times each line was executed, along with storing some registers possibly. I think it should be pretty reliable to change something like this:
Into something like this:
Since it's executing in the process it wouldn't slow down the game, it's only multiplying the number of times each instruction runs by 6. You could then do memscans on the |
The codefilter does this, but to save speed it does not keep a hit counter. It instantly removes breakpoints that are hit and leaves only those that are not hit (Still good to find code you're interested in) |
Just tried codefilter in a ctf challenge and it works perfectly, many thanks! |
I occasionally run into situations where I get a trace data with very long functions that I need to inspect each of them. For instance, I'm currently trying to get the loot function in Torchlight 2. I've got a trace data of the function that gets called when an enemy dies. So logically, the loot function should reside in that death managing function since enemies drop loots. But that function is way too long and has many checks about the monster that got killed. So, I thought of a tool that does this:
It sets breakpoints to every call in a level of trace data. The tool will make use of the hit counts of the breakpoints set to filter out the results like ultimap does. It'll also have options like "delete breakpoints that has been executed X times" to reduce the workload. Only one level of the tracer would store like 200 functions at max anyway. Btw, with this way, you could also read the calls like "call eax" thanks to the register data tracer provides, I guess dissect code misses this kind of feature.
This tool could also help people that doesn't have intel processor or have outdated intel processor. What do you think about this feature?
The text was updated successfully, but these errors were encountered: