Jump to content
Sign in to follow this  
Followers 0
CodeExplorer

AlocLog

By CodeExplorer, in Community Projects

Recommended Posts

CodeExplorer    880

CodeExplorer
Posted

AlocLog will log VirtualAlloc, GlobalAlloc, LocalAlloc and RtlAllocateHeap
and write information about these Api: parameters and returned allocated address.
On Dumping dialog both checkbox "Allocate memory" and "Redirect Allocated"
must be checked for Redirecting allocated memory;
rest of options from Dumping dialog are optional.

 

Please report back if it is working or not.

  • Upvote 2

Share this post

Link to post

CodeExplorer    880

CodeExplorer
Posted

New Dumping dialog:
On Dumping dialog both checkbox "Allocate memory" and "Redirect Allocated"
must be checked for Redirecting allocated memory;
rest of options from Dumping dialog are optional.

Only sure that VirtualAlloc redirection will work currently,
Once again will be great if someone test it.

 

Share this post

Link to post

CodeExplorer    880

CodeExplorer
Posted

New: GlobalFix checkbox on Dumping dialog for fixing: kernel32.GlobalFlags, kernel32.GlobalSize, kernel32.GlobalLock Apis.
They are also the fallowing Apis to fix: LocalLock, LocalSize, LocalFlags  will be hopefully fixed on next release.

 

Share this post

Link to post

CodeExplorer    880

CodeExplorer
Posted

New Beta 5 release:
- Ability to Attach to a running process: main dialog Attach button
- Now logs info like process id and thread id values
- On Dumping dialog: Added "Always redirect these return address containing string" to always redirect the returned memory allocated if return address contains strings
- On Dumping dialog: Added "Alloc memory in process" to allocate memory on process right before last section end: so this may fail since that memory may be occupied by other craps:  - So "Break on start" and then attaching to process using Olly is still the way to go!
- On Dumping dialog: Added "Memory destination" to manually specify the destination of re-directions
- Now also checks if re-directions overflows

Easy start to use guide Mark Api checkboxes: VirtualAlloc, GlobalAlloc, LocalAlloc and/or RtlAllocateHeap
the Apis you wanna log, select process (exe file name), click on Start button and watch for Api alocation log result.
"Dumping" (redirect returned address) is by default disabled so first thing to do is click "Dumping...." from main menu, there two check-boxes are not optional:  "Allocate memory" and "Redirect Allocated".

 

AlocLogBeta5.zip

  • Upvote 1

Share this post

Link to post

zhuk    9

zhuk
Posted

What  about Mac OS: XCode ?

Share this post

Link to post

CodeExplorer    880

CodeExplorer
Posted

What  about Mac OS: XCode ?

I got no knowledge about Mac OS!

 

Share this post

Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Sign in to follow this  
Followers 0
Go To Topic Listing
×
×
  • Create New...