Welcome to the new platform of Programmer's Heaven! We apologize for the inconvenience caused, if you visited us from a broken link of the previous version. The main reason to move to a new platform is to provide more effective and collaborative experience to you all. Please feel free to experience the new platform and use its exciting features. Contact us for any issue that you need to get clarified. We are more than happy to help you.
I'm working on a debugger. The idea is to get the running processes, modules used by them and so on. To obtain this information I'm using "CreateToolhelp32Snapshot" API + "Process32First".
So far so good. Now the question(s). How can I find :
-where the program starts in memory ("the entry point" )-for "ReadProcessMemory"
-more info about "base address"
-how to set breakpoints and single step (are int1 & modyfing the trap flag the only options?)
And the last one would be:
- how can I get the source code of an exe? I know : disassembling. But I'm trying to get it from the process's memory when it's running. I know the codification of the inst. (ex "ret" is 55h) but how are the codifications made?
I'm new with debugging & I want to know more.
0 · ·