korcankaraokcu / pince Goto Github PK

linux-inject somehow crashes the target process at the first attach %80 of the time. But it works well after that. It's also very unstable, it fails to inject code to the process that it just injected successfully to 5 mins ago. I'll try to write a gdb script that does exactly the same job later on for stability.

OS: Debian 8 x64
Desktop environment: KDE 4

Traceback (most recent call last):
  File "PINCE.py", line 571, in pushbutton_open_onclick
    code_injection_status = GDB_Engine.attach(str(pid), initial_code_injection_method)
  File "/usr/share/PINCE/GDB_Engine.py", line 213, in attach
    SysUtils.create_PINCE_IPC_PATH(pid)
  File "/usr/share/PINCE/SysUtils.py", line 242, in create_PINCE_IPC_PATH
    is_path_valid(get_PINCE_IPC_directory(pid), "create")
  File "/usr/share/PINCE/SysUtils.py", line 208, in is_path_valid
    fix_path_permissions(dest_path)
  File "/usr/share/PINCE/SysUtils.py", line 221, in fix_path_permissions
    uid = int(os.environ.get('SUDO_UID'))
TypeError: int() argument must be a string or a number, not 'NoneType'

Clicking the "attach to process"-button causes the following error:

Traceback (most recent call last):
  File "PINCE.py", line 475, in pushButton_AttachProcess_clicked
    self.processwindow = ProcessForm(self)
  File "PINCE.py", line 605, in __init__
    self.refresh_process_table(self.tableWidget_ProcessTable, processlist)
  File "PINCE.py", line 629, in refresh_process_table
    tablewidget.setItem(i, 1, QTableWidgetItem(row.username()))
TypeError: 'str' object is not callable

My home location is not for randomly generated trash! :( This looks pretty ugly:

PINCE's shortcuts are currently application-wide. Implementing a system-wide shortcut would be good when attaching to full-screen games. I believe that this feature can be done by modifying this example. I think that this also can be done by injecting code to the inferior.

[Desktop Entry]
Encoding=UTF-8
Version=1.0
Type=Application
Name=pince
Exec=gksudo python3 /home/alex/Scrivania/Alex/PINCE/PINCE.py
StartupNotify=false
Terminal=false

This seems not to be the case. I'm only able to run the app from its directory by command line with gksudo python3 PINCE.py

As soon as memory scanning is implemented, an additional feature allowing to detect simple data structures would be great.

For example, one could hook all malloc calls using the LD_PRELOAD environment variable in order to detect allocated units and graphically outline this in the memory viewer. Furthermore, if a byte sequence within a block of allocated memory represents a valid heap or stack address, this could be graphically highlighted as a possible pointer.

Thank you for the efforts which you put into this great project.

Currently, if a complex evaluate-able expression (such as *(void**)0x123456) is entered as the address, it's converted into the evaluated value. While pointer is not available, this has the equivalent functionality.

(line 789~790 of PINCE.py do the conversion)

This is not useful if cheat tables can be saved/loaded (as the resulting address may change, while the base pointer usually doesn't)

So what should be done?

• Implement proper pointer type, and don't use this approach
• Remove the behavior, and use *(void**) instead of pointer

Hi. Just wondering if there is a deb or snap package for ubuntu on the roadmap.

Great project by the way!

This is a GDB bug.

GDB's -break-list can produce non MI compliant output. That can freeze pygdbmi.

-break-list is executed when delete_breakpoint is called inside pushButton_Stop_clicked of the trackpoint widget, which calls check_address_in_breakpoints which calls get_breakpoint_info.

I'll also try to get rid of the CONST_TIME.GDB_INPUT_SLEEP by using a condition/event instead

I used their handy GUI app bauh to simplify starting the installation but it spat these errors when I tried (btw on x64 OS)

==> ERROR: Could not resolve all dependencies.
sudo -S pacman -S python-distorm --noconfirm

resolving dependencies...
looking for conflicting packages...
Packages (1) python-distorm-3.4.1-1
Total Installed Size:  0.24 MiB
:: Proceed with installation? [Y/n]
checking keyring...
checking package integrity...
loading package files...
checking for file conflicts...
python-distorm: /usr/lib/python3.7/site-packages/distorm3-3.4.1-py3.7.egg-info/PKG-INFO exists in filesystem
python-distorm: /usr/lib/python3.7/site-packages/distorm3-3.4.1-py3.7.egg-info/SOURCES.txt exists in filesystem
python-distorm: /usr/lib/python3.7/site-packages/distorm3-3.4.1-py3.7.egg-info/dependency_links.txt exists in filesystem
python-distorm: /usr/lib/python3.7/site-packages/distorm3-3.4.1-py3.7.egg-info/top_level.txt exists in filesystem
python-distorm: /usr/lib/python3.7/site-packages/distorm3/__init__.py exists in filesystem
python-distorm: /usr/lib/python3.7/site-packages/distorm3/__pycache__/__init__.cpython-37.opt-1.pyc exists in filesystem
python-distorm: /usr/lib/python3.7/site-packages/distorm3/__pycache__/__init__.cpython-37.pyc exists in filesystem
python-distorm: /usr/lib/python3.7/site-packages/distorm3/libdistorm3.so exists in filesystem
Errors occurred, no packages were upgraded.
error: failed to commit transaction (conflicting files)
rm -rf /tmp/bauh/aur/build_1572811064

Installation logs can be found at "/tmp/bauh/logs/install/aur/pince-git/1572811072.log"

Build script fails when used against gdb-8 tree that it pulls on Ubuntu 17.10 (artful)
make[7]: Entering directory '/vol/8tb/build/PINCE/libPINCE/gdb_pince/gdb-8.0/gdb/build-gnulib/import' make[8]: Entering directory '/vol/8tb/build/PINCE/libPINCE/gdb_pince/gdb-8.0/gdb/build-gnulib/import' gcc-5 -DHAVE_CONFIG_H -I. -I../.././gnulib/import -I.. -g -O2 -MT dirname-lgpl.o -MD -MP -MF .deps/dirname-lgpl.Tpo -c -o dirname-lgpl.o ../.././gnulib/import/dirname-lgpl.c mv -f .deps/dirname-lgpl.Tpo .deps/dirname-lgpl.Po gcc-5 -DHAVE_CONFIG_H -I. -I../.././gnulib/import -I.. -g -O2 -MT basename-lgpl.o -MD -MP -MF .deps/basename-lgpl.Tpo -c -o basename-lgpl.o ../.././gnulib/import/basename-lgpl.c mv -f .deps/basename-lgpl.Tpo .deps/basename-lgpl.Po gcc-5 -DHAVE_CONFIG_H -I. -I../.././gnulib/import -I.. -g -O2 -MT stripslash.o -MD -MP -MF .deps/stripslash.Tpo -c -o stripslash.o ../.././gnulib/import/stripslash.c mv -f .deps/stripslash.Tpo .deps/stripslash.Po gcc-5 -DHAVE_CONFIG_H -I. -I../.././gnulib/import -I.. -g -O2 -MT hard-locale.o -MD -MP -MF .deps/hard-locale.Tpo -c -o hard-locale.o ../.././gnulib/import/hard-locale.c mv -f .deps/hard-locale.Tpo .deps/hard-locale.Po gcc-5 -DHAVE_CONFIG_H -I. -I../.././gnulib/import -I.. -g -O2 -MT localcharset.o -MD -MP -MF .deps/localcharset.Tpo -c -o localcharset.o ../.././gnulib/import/localcharset.c mv -f .deps/localcharset.Tpo .deps/localcharset.Po gcc-5 -DHAVE_CONFIG_H -I. -I../.././gnulib/import -I.. -g -O2 -MT malloca.o -MD -MP -MF .deps/malloca.Tpo -c -o malloca.o ../.././gnulib/import/malloca.c mv -f .deps/malloca.Tpo .deps/malloca.Po gcc-5 -DHAVE_CONFIG_H -I. -I../.././gnulib/import -I.. -g -O2 -MT math.o -MD -MP -MF .deps/math.Tpo -c -o math.o ../.././gnulib/import/math.c mv -f .deps/math.Tpo .deps/math.Po gcc-5 -DHAVE_CONFIG_H -I. -I../.././gnulib/import -I.. -g -O2 -MT strnlen1.o -MD -MP -MF .deps/strnlen1.Tpo -c -o strnlen1.o ../.././gnulib/import/strnlen1.c mv -f .deps/strnlen1.Tpo .deps/strnlen1.Po gcc-5 -DHAVE_CONFIG_H -I. -I../.././gnulib/import -I.. -g -O2 -MT unistd.o -MD -MP -MF .deps/unistd.Tpo -c -o unistd.o ../.././gnulib/import/unistd.c mv -f .deps/unistd.Tpo .deps/unistd.Po gcc-5 -DHAVE_CONFIG_H -I. -I../.././gnulib/import -I.. -g -O2 -MT wctype-h.o -MD -MP -MF .deps/wctype-h.Tpo -c -o wctype-h.o ../.././gnulib/import/wctype-h.c mv -f .deps/wctype-h.Tpo .deps/wctype-h.Po gcc-5 -DHAVE_CONFIG_H -I. -I../.././gnulib/import -I.. -g -O2 -MT mbrtowc.o -MD -MP -MF .deps/mbrtowc.Tpo -c -o mbrtowc.o ../.././gnulib/import/mbrtowc.c mv -f .deps/mbrtowc.Tpo .deps/mbrtowc.Po rm -f libgnu.a ar cr libgnu.a dirname-lgpl.o basename-lgpl.o stripslash.o hard-locale.o localcharset.o malloca.o math.o strnlen1.o unistd.o wctype-h.o mbrtowc.o ranlib libgnu.a rm -f t-charset.alias charset.alias && \ /bin/bash ../.././gnulib/import/config.charset 'x86_64-pc-linux-gnu' > t-charset.alias && \ mv t-charset.alias charset.alias rm -f t-ref-add.sed ref-add.sed && \ sed -e '/^#/d' -e 's/@''PACKAGE''@/libgnu/g' ../.././gnulib/import/ref-add.sin > t-ref-add.sed && \ mv t-ref-add.sed ref-add.sed rm -f t-ref-del.sed ref-del.sed && \ sed -e '/^#/d' -e 's/@''PACKAGE''@/libgnu/g' ../.././gnulib/import/ref-del.sin > t-ref-del.sed && \ mv t-ref-del.sed ref-del.sed make[8]: Leaving directory '/vol/8tb/build/PINCE/libPINCE/gdb_pince/gdb-8.0/gdb/build-gnulib/import' make[7]: Leaving directory '/vol/8tb/build/PINCE/libPINCE/gdb_pince/gdb-8.0/gdb/build-gnulib/import' make[6]: Leaving directory '/vol/8tb/build/PINCE/libPINCE/gdb_pince/gdb-8.0/gdb/build-gnulib/import' make[5]: Leaving directory '/vol/8tb/build/PINCE/libPINCE/gdb_pince/gdb-8.0/gdb/build-gnulib' make[4]: Leaving directory '/vol/8tb/build/PINCE/libPINCE/gdb_pince/gdb-8.0/gdb/build-gnulib' make[3]: Leaving directory '/vol/8tb/build/PINCE/libPINCE/gdb_pince/gdb-8.0/gdb' g++-5 -std=gnu++11 -g -O2 -I. -I. -I./common -I./config -DLOCALEDIR="\"/vol/8tb/build/PINCE/libPINCE/gdb_pince/gdb-8.0/share/locale\"" -DHAVE_CONFIG_H -I./../include/opcode -I./../opcodes/.. -I./../readline/.. -I./../zlib -I../bfd -I./../bfd -I./../include -I../libdecnumber -I./../libdecnumber -I./gnulib/import -Ibuild-gnulib/import -DTUI=1 -I/usr/include/python3.6m -I/usr/include/python3.6m -Wall -Wpointer-arith -Wno-unused -Wunused-value -Wunused-function -Wno-switch -Wno-char-subscripts -Wempty-body -Wunused-but-set-parameter -Wunused-but-set-variable -Wno-sign-compare -Wno-narrowing -Wformat-nonliteral -c -o gdb.o -MT gdb.o -MMD -MP -MF .deps/gdb.Tpo gdb.c In file included from defs.h:53:0, from gdb.c:19: ui-file.h:43:18: error: macro "putc" requires 2 arguments, but only 1 given int putc (int c); ^ In file included from ./common/common-defs.h:78:0, from defs.h:28, from gdb.c:19: ./common/common-utils.h:101:12: error: ‘std::to_string’ has not been declared using std::to_string; ^ Makefile:1891: recipe for target 'gdb.o' failed make[2]: *** [gdb.o] Error 1 make[2]: Leaving directory '/vol/8tb/build/PINCE/libPINCE/gdb_pince/gdb-8.0/gdb' Makefile:9126: recipe for target 'all-gdb' failed make[1]: *** [all-gdb] Error 2 make[1]: Leaving directory '/vol/8tb/build/PINCE/libPINCE/gdb_pince/gdb-8.0' Makefile:849: recipe for target 'all' failed make: *** [all] Error 2 Failed to install GDB, restart the installation process PINCE has been installed successfully! Now, just run 'sh PINCE.sh' from terminal

ba9d4fd

That change to update_address_table_manually makes the address column text empty if the address cannot be evaluted, while change_address_table_entries fallbacks to address_expr instead (with address or address_expr).

Despite SysUtils.execute_shell_command_as_user working properly for web browsers, some other GUI applications such as file browsers and text editors might show buggy behavior. For instance, some standard KDE applications such as Dolphin and Kate are unable to show user icons even while invoked within sudo -u non_sudo_user. I've also tried invoking Kate with subprocess module with user demotion and all os.setuid and os.setgid variants, nothing has worked.

The first solution that came to my mind was to change PINCE.sh in a way that it creates a user bash session before invoking PINCE so PINCE can communicate with it via IPC and invoke commands on demand. But this looks a bit hacky, doesn't it? I'm sure that there's a more convenient way to solve this. Open for ideas

[Enhancement]: Solving this issue can allow LogFileWidget to have its own buttons to show files via file browsers or text editors

Please refer to #55

No matter what I try when I try to hack the memory of game via PINCE it outright refuses to do anything but show the debugger/memory (reader?), I'd like an option to ignore risks and just scan anyway, GameConqueror can get into the same memory just fine but it lacks the ability to search for values based on number of bits which I was trying to use PINCE for but everything is just permanently disabled
The game I'm trying is Dragon Quest Builders on RPCS3

When I am trying to launch pince(gksudo pince) I get this error:

`QStandardPaths: XDG_RUNTIME_DIR not set, defaulting to '/tmp/runtime-root'
Detached from the process with PID:-1
Last command: source /root/PINCE_USER_FILES/gdbinit

&"source /tmp/PINCE-connection/-1/gdb_command.txt\n"
^done

0.004914045333862305
Traceback (most recent call last):
File "PINCE.py", line 4085, in
window = MainForm()
File "PINCE.py", line 284, in init
self.about_widget = AboutWidgetForm()
File "PINCE.py", line 1219, in init
authors_text = open("AUTHORS").read()
File "/usr/lib/python3.6/encodings/ascii.py", line 26, in decode
return codecs.ascii_decode(input, self.errors)[0]
UnicodeDecodeError: 'ascii' codec can't decode byte 0xc3 in position 32: ordinal not in range(128)`

Anybody knows a solution ?

There are serious problems with the loading widget, in detail explanation is here

We at scanmem keep getting folks that want to do a "search for pointer", aka keep following a variable once they found it, even if the structure reallocates.

The issue is that to do that you need to find the address of the structure the value is in, and the only way to do that with a memory scanner is to look for the variable address, then address-1, then address-2, etc..., hoping that when you reach the variable's offset in the struct, you'll find the struct pointer.

We have no intention of implementing this "blind scan", so we keep sending people to use either a debugger (gdb) or ugtrain (so they can find the struct offset from the debugger), but I can tell that the typical user isn't going to use those.

If PINCE can do it, instead, I can point them here, as PINCE looks user-friendly enough for a layuser to use.

Thanks guys.

PINCE should use another method of interprocess communication with GDB rather than using files like a primitive caveman

Executing finish in that state aborts any other command that comes after it, that's the main reason that renders gdb completely inoperable. This bug is caused by gdb itself, it's not related to PINCE in any way

error:

(gdb)
&"source /dev/shm/PINCE-connection/12644/gdb_command.txt\n"
&"/dev/shm/PINCE-connection/12644/gdb_command.txt:1: Error in sourced command file:\n"
&"No symbol table is loaded. Use the "file" command.\n"
^error,msg="/dev/shm/PINCE-connection/12644/gdb_command.txt:1: Error in sourced command file:\nNo symbol table is loaded. Use the "file" command."
(gdb)
&"source /dev/shm/PINCE-connection/12644/gdb_command.txt\n"
&"/dev/shm/PINCE-connection/12644/gdb_command.txt:1: Error in sourced command file:\n"
&"'libc_dlopen_mode' has unknown return type; cast the call to its declared return type\n"
^error,msg="/dev/shm/PINCE-connection/12644/gdb_command.txt:1: Error in sourced command file:\n'libc_dlopen_mode' has unknown return type; cast the call to its declared return type"
(gdb)

gdb version:
-->show version
~"GNU gdb (GDB) 8.2\n"
~"Copyright (C) 2018 Free Software Foundation, Inc.\n"
~"License GPLv3+: GNU GPL version 3 or later http://gnu.org/licenses/gpl.html\nThis is free software: you are free to change and redistribute it.\nThere is NO WARRANTY, to the extent permitted by law."
~"\nType "show copying" and "show warranty" for details.\n"
~"This GDB was configured as "x86_64-pc-linux-gnu".\n"
~"Type "show configuration" for configuration details.\n"
~"For bug reporting instructions, please see:\n"
~"http://www.gnu.org/software/gdb/bugs/.\n"
~"Find the GDB manual and other documentation resources online at:\n http://www.gnu.org/software/gdb/documentation/."
~"\n\n"
~"For help, type "help".\n"
~"Type "apropos word" to search for commands related to "word".\n"
^done

the actual code I'm trying to inject:

#include "stdlib.h"
#include "stdio.h"
#include "string.h"
#include <unistd.h>

static void init(void) __attribute__((constructor));

static long custpow(long x, long y){
    long rez = x;
    if (y == 0 ) return 1;
    for(int i = 0; i < y -1; i++){
        rez*=x;
    }

    return rez;
}

static long xtoi(char * hex){

        int val, len;
    len = 0;
    long decimal = 0;

    len = strlen(hex) -1;

    for(int i=0; hex[i]!='\0'; i++)
    {
 
        /* Find the decimal representation of hex[i] */
        if(hex[i]>='0' && hex[i]<='9')
        {
            val = hex[i] - 48;
            //printf("%d\n", val); 
        }
        else if(hex[i]>='a' && hex[i]<='f')
        {
            val = hex[i] - 97 + 10;
            //printf("%d\n", val);
        }
        else if(hex[i]>='A' && hex[i]<='F')
        {
            val = hex[i] - 65 + 10;
        }
        long pw = custpow(16, len);
        long geo = (long)val * pw;
        decimal += geo;
        //printf("--%ld %d\n geo %ld %ld---\n", pw, len, geo, decimal);
        
        len--;
    }
    return decimal;
}

static void init(void){
    FILE *fp;
    FILE *fp1;
    printf("loading...\n");
    char address[500];
    fp = fopen("/home/arturas/addr.txt", "r");
    fp1 = fopen("/home/arturas/addr1.txt", "w");
    fscanf(fp, "%s", address);
    printf("%s\n", address);
    long addrlong = xtoi(address);
    //long * addrpoint = (long*)addrlong;
    printf("%ld\n", addrlong);
    fputs(address, fp1);
    fclose(fp);
    fclose(fp1);
    //printf("addr: %p | value: %ld\n", addrpoint, *addrpoint);
}

Running Linux Mint 18.1
No problems during installation (using install.sh), and I had to install the extra since to be able to select processes.

Screenshot with the error:
https://i.imgur.com/cxkxFDI.png

I would be more to happy to provide additional details wherever possible. I suspect something went bad with the compilation process. Perhaps some changes have been made without testing on Linux Mint? Hopefully not that serious. :)

When trying to attach to a process, command line says

0.0014507770538330078
Last command: pince-get-stack-trace-info
 
&"source /tmp/PINCE-connection/10995/gdb_command.txt\n"
&"Python Exception <class 'gdb.MemoryError'> Cannot access memory at address 0x850fb148: \n"
&"/tmp/PINCE-connection/10995/gdb_command.txt:1: Error in sourced command file:\n"
&"Error occurred in Python command: Cannot access memory at address 0x850fb148\n"
^error,msg="/tmp/PINCE-connection/10995/gdb_command.txt:1: Error in sourced command file:\nError occurred in Python command: Cannot access memory at address 0x850fb148"

Traceback (most recent call last):
  File "PINCE.py", line 1590, in on_process_stop
    self.update_stacktrace()
  File "PINCE.py", line 1680, in update_stacktrace
    stack_trace_info = GDB_Engine.get_stacktrace_info()
  File "/home/trent/PINCE-master/libPINCE/GDB_Engine.py", line 927, in get_stacktrace_info
    contents_recv = send_command("pince-get-stack-trace-info", recv_with_file=True)
  File "/home/trent/PINCE-master/libPINCE/GDB_Engine.py", line 121, in send_command
    output = pickle.load(open(recv_file, "rb"))
EOFError: Ran out of input

Then when I try to scan for a value It says

Exception test
Traceback (most recent call last):
  File "PINCE.py", line 450, in newfirstscan_onclick
    x = 0 / 0
ZeroDivisionError: division by zero

Because the installation insists on gdb 8.2 while my system reports it already has the latest version and refuses to install which causes the whole script to bail outright, please just set your install script to require min gdb 8.2 instead of insisting on that exact version

Why I should use console to attach/detach GDB?

The functions are not related to each other. This issue also doesn't prevent PINCE from working, so this one isn't really a bug, since PINCE can work flawlessly under these warnings. But I'd really like to know what's going on at the background.

[enhancement].

This can be useful if multiple addressed is dependent on a common pointer.

Child fields may refer to parent's field by using an expression, %, for example.

Alternatively, Cheat Engine's approach is to append the child address to the parent address if it makes sense. (for example if parent address is 0x123455 and child address is +1 then the computed address for child field is 0x123456)

A logo would be nice, even in low res!

I'm shit at designing graphics, so if you have ideas or even better commissions, please post it here.

It also crashes when superfluous number of threads get injected, which is quite normal to be honest but not desirable. Will try to write better threads asap.

I'm shit at designing graphics, so if you have ideas or even better commissions, please post it here.

When I attach a process, the game automatically pauses. (I guess that is fine)
However, when I press F3 to resume, it takes about 1 second before it pauses again by itself.
If I were to close the memory viewer and press F3 to resume again, it pauses and the memory viewer opens up again.

I do not believe this is intentionally designed to behave like this (I hope).
If there is any additional information I can provide, let me know.

while creating setup.py, file hierarchy has need to be like this http://docs.python-guide.org/en/latest/writing/structure/ or not like ours :D .We must change structure this way.

(this is just an [enhancement]. But I find it very annoying)

Some issues:

• Because the disassemble view updates when the scroll bar changes value, it's impossible to scroll the disassemble view using the keyboard. (except by using goto, which is not easy)
• After scrolling, it's necessary to pull the scroll bar to the middle position.

I'm thinking of implementing it like this instead. Thoughts?

(this may disassemble up to once per scroll, which may cause bad performance. It's possible to do better)

HexView and AsciiView can use a similar approach. (or easier, because the steps are known, so just make it have about 2**64//column_width rows)

What I mean by this is that the typical user won't understand how to get python compiling or even setup for their system (I myself struggle to get it compiling everytime I try)

It would be better to use an open framework like IUP which is easy to compile as it follows the same rules as Lua (to the extent that is possible for APIs that wrap around the system API) so one can simply run "make" in the directory of the makefile, the API is simple to use too, I favour it every time I want to use GUI functions in my own projects. Not to say you can't use alternatives like wxWidgets or hook into the python library and manually create the GUI but IUP does have Lua support built into it so you could just call IUP functions under the hood when replicating CE GUI functions and not bother manually mapping GUI functions in C or Python.

This is more of a notice for people that want to install PINCE within one setup file rather than having to deal with manual installation. I wanted to create a classic setup.py file till I encountered these problems. So, I've decided to create a simple custom installation script instead of a setup.py. I'll edit manual installation steps when the setup script finishes. I'll need help when this project finishes to a point where we can distribute it seriously tho 😄

Oh, also about polkit, I'm leaving it to final distribution phase as well.

Edit: Created the custom installation script and edited manual installation steps

I installed the linux game Pingus and attach to the process. Once I do, it says

29001 - pingus [stopped]

and the entire window is greyed out and I cannot First Scan or Next Scan. Is there something I need to do to enable searching?

This issue affects all systems that use X11 window manager. "Always on Top" option also needs a restart to actually function. A workaround for X11 systems would be nice.

Steps to reproduce:

1. Open the Select Process dialog
2. Select an invalid process
3. Click Open or use its hotkey Return

This will make ProcessForm call attach_to_pid() from its parent MainForm and trigger the bug. This happens because QMessageBox call resides in the MainForm instead of ProcessForm because of modularity purposes, which makes sense. This bug first appeared after the PR #54. I've played with modality functions a bit but couldn't make it work. It also doesn't make sense to move QMessageBoxes around, that would break modularity. What would be an elegant solution to this you think @user202729?

I found one in my pre-installed icons (on manjaro) called custom-toolbox, I think that would be a suitable icon for time being, as for future logo I think a joypad with a wrench on top would make for a good logo since this is focused on cheating, if you want a more general suggestion then the only thing that comes to mind is similar but with a gear instead of a joypad

Another problem that is caused by gdb. PINCE currently uses gdb's disas command to make pince-dissect-code command work. It disassembles 0x10000 bytes in 0.2 seconds most of the time, which is enough for PINCE. But it increases to 30secs from 0.2secs time to time and makes pince-dissect-code work very slowly because of that. Distorm actually looks pretty good and easy to use, maybe we can use it in the future.

For anyone interested in this topic, the code for the pince-dissect-code command can be found in libPINCE/gdb_python_scripts/GDBCommandExtensions.py. Look at the invoke method of the class DissectCode

On my machine (gdb 8.1, Arch Linux, PINCE obtained from AUR), gdb output for info threads sometimes look like this: (when there are multiple threads)

* 1    LWP 7406 "winhlp32" 0xf7ffade9 in __kernel_vsyscall ()

That makes the regex thread_info_multiple_threads fail to parse the output.

Example invocation:

[user202729@archlinux ~]$ wine winhlp32 &
[1] 7406
[user202729@archlinux ~]$ sudo gdb
GNU gdb (GDB) 8.1
[[GDB copyright information and help...]]
(gdb) attach 7406
Attaching to process 7406
[New LWP 7408]
0xf7ffade9 in __kernel_vsyscall ()
(gdb) info threads
  Id   Target Id         Frame 
* 1    LWP 7406 "winhlp32" 0xf7ffade9 in __kernel_vsyscall ()
  2    LWP 7408 "winhlp32" 0xf7ffade9 in __kernel_vsyscall ()

This only happens with multithreaded processes started with wine, I have not experience a similar situation for non-Wine processes.

I see @korcankaraokcu around the scanmem/GC issues, I thought about paying a courtesy visit.

On my system I probably need to recompile gdb, as PINCE opens but cannot attach to any process, so I don't have a definite opinion.

My question is, how much overlap do you have with GC? I know you want to use libscanmem, I'm interested in the gui.

GDB outputs "Could not insert hardware watchpoint" while trying to set chained breakpoints although there's still enough space for more hardware breakpoints. This rarely occurs and it's caused by GDB itself, not a PINCE specific bug.

But fortunately there's a workaround, setting watchpoints manually, one by one. Here are the steps:
1-)Calculate the number of watchpoints needed: The max length for a watchpoint is 8bytes on x64 and 4bytes on x86. Divide the length needed to max length for a breakpoint and the result is the number of breakpoints needed(result+1 if there's a reminder)
2-)Calculate the addresses you should set watchpoint on

For instance, lets say you have a 20byte string at address 0x00400000 on x64, so you must divide 20 to 8, which yields 2. There's a reminder of 4, so the number of breakpoints needed are 3. This means that you must put 3 breakpoints on the addresses 0x00400000(8byte),0x00400008(8byte),0x00400010(4byte)

GDB shuts itself down with this output:
~"Error detected on fd 0\n"
~"error detected on stdin\n"

This only affects a few processes but it's pretty important I must say, since PINCE has a random chance to close itself whenever the "stepi" command gets executed

This bug is probably related to gdb/mi

Edit: The thing that causes this problem is gdb/mi's set target-async 1 command. If the target doesn't support asynchronous execution, this problem occurs. Might delete set target-async 1 command and redesign the PINCE to cover the lack of it. I really don't want to leave it as it is.