mirror of https://github.com/x64dbg/TitanEngine
- TitanEngine.Debugger now uses dynamic lists
- TitanEngine.Librarian now uses dynamic lists
This commit is contained in:
parent
bc7906460c
commit
2770c22838
|
|
@ -26,7 +26,7 @@ DEBUG_EVENT TerminateDBGEvent = {};
|
||||||
DWORD ProcessExitCode = 0;
|
DWORD ProcessExitCode = 0;
|
||||||
HANDLE DBGFileHandle;
|
HANDLE DBGFileHandle;
|
||||||
ULONG_PTR tlsCallBackList[100];
|
ULONG_PTR tlsCallBackList[100];
|
||||||
LPVOID hListProcess = 0;
|
std::vector<PROCESS_ITEM_DATA> hListProcess;
|
||||||
int engineStepCount = INFINITE;
|
int engineStepCount = INFINITE;
|
||||||
LPVOID engineStepCallBack = NULL;
|
LPVOID engineStepCallBack = NULL;
|
||||||
bool engineStepActive = false;
|
bool engineStepActive = false;
|
||||||
|
|
@ -65,3 +65,8 @@ void DebuggerReset()
|
||||||
RtlZeroMemory(&myDBGCustomHandler, sizeof CustomHandler);
|
RtlZeroMemory(&myDBGCustomHandler, sizeof CustomHandler);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
void ClearProcessList()
|
||||||
|
{
|
||||||
|
std::vector<PROCESS_ITEM_DATA>().swap(hListProcess);
|
||||||
|
}
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,8 @@
|
||||||
#ifndef _GLOBAL_DEBUGGER_H
|
#ifndef _GLOBAL_DEBUGGER_H
|
||||||
#define _GLOBAL_DEBUGGER_H
|
#define _GLOBAL_DEBUGGER_H
|
||||||
|
|
||||||
|
#include <vector>
|
||||||
|
|
||||||
extern HARDWARE_DATA DebugRegister[4];
|
extern HARDWARE_DATA DebugRegister[4];
|
||||||
extern PROCESS_INFORMATION dbgProcessInformation;
|
extern PROCESS_INFORMATION dbgProcessInformation;
|
||||||
extern CustomHandler myDBGCustomHandler;
|
extern CustomHandler myDBGCustomHandler;
|
||||||
|
|
@ -24,7 +26,7 @@ extern DEBUG_EVENT TerminateDBGEvent;
|
||||||
extern DWORD ProcessExitCode;
|
extern DWORD ProcessExitCode;
|
||||||
extern HANDLE DBGFileHandle;
|
extern HANDLE DBGFileHandle;
|
||||||
extern ULONG_PTR tlsCallBackList[100];
|
extern ULONG_PTR tlsCallBackList[100];
|
||||||
extern LPVOID hListProcess;
|
extern std::vector<PROCESS_ITEM_DATA> hListProcess;
|
||||||
extern int engineStepCount;
|
extern int engineStepCount;
|
||||||
extern LPVOID engineStepCallBack;
|
extern LPVOID engineStepCallBack;
|
||||||
extern bool engineStepActive;
|
extern bool engineStepActive;
|
||||||
|
|
@ -36,5 +38,6 @@ extern LPVOID engineAttachedProcessDebugInfo;
|
||||||
|
|
||||||
long DebugLoopInSecondThread(LPVOID InputParameter);
|
long DebugLoopInSecondThread(LPVOID InputParameter);
|
||||||
void DebuggerReset();
|
void DebuggerReset();
|
||||||
|
void ClearProcessList();
|
||||||
|
|
||||||
#endif //_GLOBAL_DEBUGGER_H
|
#endif //_GLOBAL_DEBUGGER_H
|
||||||
|
|
@ -3,6 +3,10 @@
|
||||||
#include "Global.Librarian.h"
|
#include "Global.Librarian.h"
|
||||||
|
|
||||||
// Global.Engine.Librarian:
|
// Global.Engine.Librarian:
|
||||||
LIBRARY_ITEM_DATA LibraryInfoData = {};
|
std::vector<LIBRARY_ITEM_DATAW> hListLibrary;
|
||||||
LPVOID LibrarianData = VirtualAlloc(NULL, MAX_LIBRARY_BPX * sizeof LIBRARY_BREAK_DATA, MEM_COMMIT, PAGE_READWRITE);
|
std::vector<LIBRARY_BREAK_DATA> LibrarianData;
|
||||||
LPVOID hListLibrary = 0;
|
|
||||||
|
void ClearLibraryList()
|
||||||
|
{
|
||||||
|
std::vector<LIBRARY_ITEM_DATAW>().swap(hListLibrary);
|
||||||
|
}
|
||||||
|
|
|
||||||
|
|
@ -1,8 +1,11 @@
|
||||||
#ifndef _GLOBAL_LIBRARIAN_H
|
#ifndef _GLOBAL_LIBRARIAN_H
|
||||||
#define _GLOBAL_LIBRARIAN_H
|
#define _GLOBAL_LIBRARIAN_H
|
||||||
|
|
||||||
extern LIBRARY_ITEM_DATA LibraryInfoData;
|
#include <vector>
|
||||||
extern LPVOID LibrarianData;
|
|
||||||
extern LPVOID hListLibrary;
|
extern std::vector<LIBRARY_ITEM_DATAW> hListLibrary;
|
||||||
|
extern std::vector<LIBRARY_BREAK_DATA> LibrarianData;
|
||||||
|
|
||||||
|
void ClearLibraryList();
|
||||||
|
|
||||||
#endif //_GLOBAL_LIBRARIAN_H
|
#endif //_GLOBAL_LIBRARIAN_H
|
||||||
|
|
@ -8,54 +8,35 @@
|
||||||
|
|
||||||
__declspec(dllexport) void TITCALL ForceClose()
|
__declspec(dllexport) void TITCALL ForceClose()
|
||||||
{
|
{
|
||||||
/*wchar_t szTempName[MAX_PATH];
|
//manage process list
|
||||||
wchar_t szTempFolder[MAX_PATH];*/
|
int processcount=hListProcess.size();
|
||||||
PPROCESS_ITEM_DATA hListProcessPtr = NULL;
|
for(int i=0; i<processcount; i++)
|
||||||
PTHREAD_ITEM_DATA hListThreadPtr = NULL;
|
|
||||||
PLIBRARY_ITEM_DATAW hListLibraryPtr = NULL;
|
|
||||||
//manage lists
|
|
||||||
if(hListProcess != NULL)
|
|
||||||
{
|
{
|
||||||
hListProcessPtr = (PPROCESS_ITEM_DATA)hListProcess;
|
EngineCloseHandle(hListProcess.at(i).hFile);
|
||||||
while(hListProcessPtr->hProcess != NULL)
|
EngineCloseHandle(hListProcess.at(i).hProcess);
|
||||||
{
|
|
||||||
__try
|
|
||||||
{
|
|
||||||
EngineCloseHandle(hListProcessPtr->hFile);
|
|
||||||
EngineCloseHandle(hListProcessPtr->hProcess);
|
|
||||||
}
|
|
||||||
__except(EXCEPTION_EXECUTE_HANDLER)
|
|
||||||
{
|
|
||||||
|
|
||||||
}
|
|
||||||
hListProcessPtr = (PPROCESS_ITEM_DATA)((ULONG_PTR)hListProcessPtr + sizeof PROCESS_ITEM_DATA);
|
|
||||||
}
|
|
||||||
RtlZeroMemory(hListProcess, MAX_DEBUG_DATA * sizeof PROCESS_ITEM_DATA);
|
|
||||||
}
|
}
|
||||||
|
ClearProcessList();
|
||||||
|
//manage thread list
|
||||||
int threadcount=hListThread.size();
|
int threadcount=hListThread.size();
|
||||||
for(int i=threadcount-1; i>-1; i--)
|
for(int i=0; i<threadcount; i++)
|
||||||
EngineCloseHandle(hListThread.at(i).hThread);
|
EngineCloseHandle(hListThread.at(i).hThread);
|
||||||
ClearThreadList();
|
ClearThreadList();
|
||||||
|
//manage library list
|
||||||
if(hListLibrary != NULL)
|
int libcount=hListLibrary.size();
|
||||||
|
for(int i=0; i<libcount; i++)
|
||||||
{
|
{
|
||||||
hListLibraryPtr = (PLIBRARY_ITEM_DATAW)hListLibrary;
|
if(hListLibrary.at(i).hFile != (HANDLE)-1)
|
||||||
while(hListLibraryPtr->hFile != NULL)
|
|
||||||
{
|
{
|
||||||
if(hListLibraryPtr->hFile != (HANDLE)-1)
|
if(hListLibrary.at(i).hFileMappingView != NULL)
|
||||||
{
|
{
|
||||||
if(hListLibraryPtr->hFileMappingView != NULL)
|
UnmapViewOfFile(hListLibrary.at(i).hFileMappingView);
|
||||||
{
|
EngineCloseHandle(hListLibrary.at(i).hFileMapping);
|
||||||
UnmapViewOfFile(hListLibraryPtr->hFileMappingView);
|
|
||||||
EngineCloseHandle(hListLibraryPtr->hFileMapping);
|
|
||||||
}
|
|
||||||
EngineCloseHandle(hListLibraryPtr->hFile);
|
|
||||||
}
|
}
|
||||||
hListLibraryPtr = (PLIBRARY_ITEM_DATAW)((ULONG_PTR)hListLibraryPtr + sizeof LIBRARY_ITEM_DATAW);
|
EngineCloseHandle(hListLibrary.at(i).hFile);
|
||||||
}
|
}
|
||||||
RtlZeroMemory(hListLibrary, MAX_DEBUG_DATA * sizeof LIBRARY_ITEM_DATAW);
|
|
||||||
}
|
}
|
||||||
|
ClearLibraryList();
|
||||||
|
|
||||||
if(!engineProcessIsNowDetached)
|
if(!engineProcessIsNowDetached)
|
||||||
{
|
{
|
||||||
StopDebug();
|
StopDebug();
|
||||||
|
|
|
||||||
|
|
@ -17,23 +17,16 @@ static DWORD engineWaitForDebugEventTimeOut = INFINITE;
|
||||||
|
|
||||||
__declspec(dllexport) void TITCALL DebugLoop()
|
__declspec(dllexport) void TITCALL DebugLoop()
|
||||||
{
|
{
|
||||||
int j = NULL;
|
|
||||||
int k = NULL;
|
|
||||||
bool FirstBPX = true;
|
bool FirstBPX = true;
|
||||||
bool ResetBPX = false;
|
bool ResetBPX = false;
|
||||||
bool BreakDBG = false;
|
bool BreakDBG = false;
|
||||||
bool ResetHwBPX = false;
|
bool ResetHwBPX = false;
|
||||||
bool ResetMemBPX = false;
|
bool ResetMemBPX = false;
|
||||||
bool CompareResult = false;
|
|
||||||
bool SecondChance = false;
|
bool SecondChance = false;
|
||||||
ULONG_PTR CmpValue1 = NULL;
|
|
||||||
ULONG_PTR CmpValue2 = NULL;
|
|
||||||
bool hListProcessFirst = true;
|
bool hListProcessFirst = true;
|
||||||
bool hListThreadFirst = true;
|
bool hListThreadFirst = true;
|
||||||
bool hListLibraryFirst = true;
|
bool hListLibraryFirst = true;
|
||||||
PPROCESS_ITEM_DATA hListProcessPtr = NULL;
|
bool MemoryBpxFound = false;
|
||||||
//PTHREAD_ITEM_DATA hListThreadPtr = NULL;
|
|
||||||
PLIBRARY_ITEM_DATAW hListLibraryPtr = NULL;
|
|
||||||
PLIBRARY_ITEM_DATAW hLoadedLibData = NULL;
|
PLIBRARY_ITEM_DATAW hLoadedLibData = NULL;
|
||||||
PLIBRARY_BREAK_DATA ptrLibrarianData = NULL;
|
PLIBRARY_BREAK_DATA ptrLibrarianData = NULL;
|
||||||
typedef void(TITCALL *fCustomBreakPoint)(void);
|
typedef void(TITCALL *fCustomBreakPoint)(void);
|
||||||
|
|
@ -46,7 +39,6 @@ __declspec(dllexport) void TITCALL DebugLoop()
|
||||||
ULONG_PTR ResetBPXAddressTo = 0;
|
ULONG_PTR ResetBPXAddressTo = 0;
|
||||||
ULONG_PTR ResetMemBPXAddress = 0;
|
ULONG_PTR ResetMemBPXAddress = 0;
|
||||||
SIZE_T ResetMemBPXSize = 0;
|
SIZE_T ResetMemBPXSize = 0;
|
||||||
//int MaximumBreakPoints = 0;
|
|
||||||
ULONG_PTR NumberOfBytesReadWritten = 0;
|
ULONG_PTR NumberOfBytesReadWritten = 0;
|
||||||
MEMORY_BASIC_INFORMATION MemInfo;
|
MEMORY_BASIC_INFORMATION MemInfo;
|
||||||
HANDLE hActiveThread;
|
HANDLE hActiveThread;
|
||||||
|
|
@ -61,7 +53,7 @@ __declspec(dllexport) void TITCALL DebugLoop()
|
||||||
HANDLE hFileMapping;
|
HANDLE hFileMapping;
|
||||||
LPVOID hFileMappingView;
|
LPVOID hFileMappingView;
|
||||||
LPVOID DBGEntryPoint;
|
LPVOID DBGEntryPoint;
|
||||||
bool MemoryBpxFound = false;
|
|
||||||
wchar_t* szTranslatedNativeName;
|
wchar_t* szTranslatedNativeName;
|
||||||
|
|
||||||
DBGFileHandle = NULL;
|
DBGFileHandle = NULL;
|
||||||
|
|
@ -73,9 +65,9 @@ __declspec(dllexport) void TITCALL DebugLoop()
|
||||||
DebugRegister[3].DrxEnabled = false;
|
DebugRegister[3].DrxEnabled = false;
|
||||||
engineProcessIsNowDetached = false;
|
engineProcessIsNowDetached = false;
|
||||||
engineResumeProcessIfNoThreadIsActive = false;
|
engineResumeProcessIfNoThreadIsActive = false;
|
||||||
RtlZeroMemory(&DBGEvent, sizeof DEBUG_EVENT);
|
memset(&DBGEvent, 0, sizeof(DEBUG_EVENT));
|
||||||
RtlZeroMemory(&TerminateDBGEvent, sizeof DEBUG_EVENT);
|
memset(&TerminateDBGEvent, 0, sizeof(DEBUG_EVENT));
|
||||||
RtlZeroMemory(&DLLDebugFileName, 512);
|
memset(&DLLDebugFileName, 0, sizeof(DLLDebugFileName));
|
||||||
ExtensionManagerPluginResetCallBack();
|
ExtensionManagerPluginResetCallBack();
|
||||||
engineFileIsBeingDebugged = true;
|
engineFileIsBeingDebugged = true;
|
||||||
if(engineExecutePluginCallBack)
|
if(engineExecutePluginCallBack)
|
||||||
|
|
@ -131,30 +123,14 @@ __declspec(dllexport) void TITCALL DebugLoop()
|
||||||
VirtualAllocEx(dbgProcessInformation.hProcess, (void*)DebugReserveModuleBase, 0x1000, MEM_RESERVE, PAGE_READWRITE); //return value nt used, yea just ignore. return value doesnt matter and there is no possible fix when failed :D this is only used to make sure DLL loads on another image base
|
VirtualAllocEx(dbgProcessInformation.hProcess, (void*)DebugReserveModuleBase, 0x1000, MEM_RESERVE, PAGE_READWRITE); //return value nt used, yea just ignore. return value doesnt matter and there is no possible fix when failed :D this is only used to make sure DLL loads on another image base
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if(hListProcess == NULL)
|
if(hListProcessFirst) //clear process list
|
||||||
{
|
ClearProcessList();
|
||||||
hListProcess = VirtualAlloc(NULL, MAX_DEBUG_DATA * sizeof PROCESS_ITEM_DATA, MEM_COMMIT, PAGE_READWRITE);
|
hListProcessFirst = false;
|
||||||
}
|
|
||||||
else
|
|
||||||
{
|
|
||||||
if(hListProcessFirst == true)
|
|
||||||
{
|
|
||||||
RtlZeroMemory(hListProcess, MAX_DEBUG_DATA * sizeof PROCESS_ITEM_DATA);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
if(hListThreadFirst) //clear thread list
|
if(hListThreadFirst) //clear thread list
|
||||||
ClearThreadList();
|
ClearThreadList();
|
||||||
|
hListThreadFirst = false;
|
||||||
hListProcessPtr = (PPROCESS_ITEM_DATA)hListProcess;
|
//update thread list
|
||||||
hListProcessPtr->hFile = DBGEvent.u.CreateProcessInfo.hFile;
|
|
||||||
hListProcessPtr->hProcess = DBGEvent.u.CreateProcessInfo.hProcess;
|
|
||||||
hListProcessPtr->hThread = DBGEvent.u.CreateProcessInfo.hThread;
|
|
||||||
hListProcessPtr->dwProcessId = DBGEvent.dwProcessId;
|
|
||||||
hListProcessPtr->dwThreadId = DBGEvent.dwThreadId;
|
|
||||||
hListProcessPtr->BaseOfImage = (void*)DBGEvent.u.CreateProcessInfo.lpBaseOfImage;
|
|
||||||
hListProcessPtr->ThreadStartAddress = (void*)DBGEvent.u.CreateProcessInfo.lpStartAddress;
|
|
||||||
hListProcessPtr->ThreadLocalBase = (void*)DBGEvent.u.CreateProcessInfo.lpThreadLocalBase;
|
|
||||||
|
|
||||||
THREAD_ITEM_DATA NewThreadData;
|
THREAD_ITEM_DATA NewThreadData;
|
||||||
memset(&NewThreadData, 0, sizeof(THREAD_ITEM_DATA));
|
memset(&NewThreadData, 0, sizeof(THREAD_ITEM_DATA));
|
||||||
NewThreadData.dwThreadId = DBGEvent.dwThreadId;
|
NewThreadData.dwThreadId = DBGEvent.dwThreadId;
|
||||||
|
|
@ -162,28 +138,19 @@ __declspec(dllexport) void TITCALL DebugLoop()
|
||||||
NewThreadData.ThreadStartAddress = (void*)DBGEvent.u.CreateProcessInfo.lpStartAddress;
|
NewThreadData.ThreadStartAddress = (void*)DBGEvent.u.CreateProcessInfo.lpStartAddress;
|
||||||
NewThreadData.ThreadLocalBase = (void*)DBGEvent.u.CreateProcessInfo.lpThreadLocalBase;
|
NewThreadData.ThreadLocalBase = (void*)DBGEvent.u.CreateProcessInfo.lpThreadLocalBase;
|
||||||
hListThread.push_back(NewThreadData);
|
hListThread.push_back(NewThreadData);
|
||||||
hListThreadFirst = false;
|
|
||||||
}
|
|
||||||
else //we have a valid handle already (which means a child process started)
|
|
||||||
{
|
|
||||||
hListProcessPtr = (PPROCESS_ITEM_DATA)hListProcess;
|
|
||||||
while(hListProcessPtr->hProcess != NULL)
|
|
||||||
{
|
|
||||||
hListProcessPtr = (PPROCESS_ITEM_DATA)((ULONG_PTR)hListProcessPtr + sizeof PROCESS_ITEM_DATA);
|
|
||||||
}
|
|
||||||
if(hListProcessPtr->hProcess == NULL)
|
|
||||||
{
|
|
||||||
hListProcessPtr->hFile = DBGEvent.u.CreateProcessInfo.hFile;
|
|
||||||
hListProcessPtr->hProcess = DBGEvent.u.CreateProcessInfo.hProcess;
|
|
||||||
hListProcessPtr->hThread = DBGEvent.u.CreateProcessInfo.hThread;
|
|
||||||
hListProcessPtr->dwProcessId = DBGEvent.dwProcessId;
|
|
||||||
hListProcessPtr->dwThreadId = DBGEvent.dwThreadId;
|
|
||||||
hListProcessPtr->BaseOfImage = (void*)DBGEvent.u.CreateProcessInfo.lpBaseOfImage;
|
|
||||||
hListProcessPtr->ThreadStartAddress = (void*)DBGEvent.u.CreateProcessInfo.lpStartAddress;
|
|
||||||
hListProcessPtr->ThreadLocalBase = (void*)DBGEvent.u.CreateProcessInfo.lpThreadLocalBase;
|
|
||||||
hListProcessFirst = false;
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
//update process list
|
||||||
|
PROCESS_ITEM_DATA NewProcessItem;
|
||||||
|
memset(&NewProcessItem, 0, sizeof(PROCESS_ITEM_DATA));
|
||||||
|
NewProcessItem.hFile = DBGEvent.u.CreateProcessInfo.hFile;
|
||||||
|
NewProcessItem.hProcess = DBGEvent.u.CreateProcessInfo.hProcess;
|
||||||
|
NewProcessItem.hThread = DBGEvent.u.CreateProcessInfo.hThread;
|
||||||
|
NewProcessItem.dwProcessId = DBGEvent.dwProcessId;
|
||||||
|
NewProcessItem.dwThreadId = DBGEvent.dwThreadId;
|
||||||
|
NewProcessItem.BaseOfImage = (void*)DBGEvent.u.CreateProcessInfo.lpBaseOfImage;
|
||||||
|
NewProcessItem.ThreadStartAddress = (void*)DBGEvent.u.CreateProcessInfo.lpStartAddress;
|
||||||
|
NewProcessItem.ThreadLocalBase = (void*)DBGEvent.u.CreateProcessInfo.lpThreadLocalBase;
|
||||||
|
hListProcess.push_back(NewProcessItem);
|
||||||
|
|
||||||
//process created callback
|
//process created callback
|
||||||
if(DBGCustomHandler->chCreateProcess != NULL)
|
if(DBGCustomHandler->chCreateProcess != NULL)
|
||||||
|
|
@ -297,40 +264,26 @@ __declspec(dllexport) void TITCALL DebugLoop()
|
||||||
case LOAD_DLL_DEBUG_EVENT:
|
case LOAD_DLL_DEBUG_EVENT:
|
||||||
{
|
{
|
||||||
//maintain library list
|
//maintain library list
|
||||||
if(hListLibrary == NULL)
|
if(hListLibraryFirst)
|
||||||
{
|
ClearLibraryList();
|
||||||
hListLibrary = VirtualAlloc(NULL, MAX_DEBUG_DATA * sizeof LIBRARY_ITEM_DATAW, MEM_COMMIT, PAGE_READWRITE);
|
|
||||||
}
|
|
||||||
else
|
|
||||||
{
|
|
||||||
if(hListLibraryFirst == true)
|
|
||||||
{
|
|
||||||
RtlZeroMemory(hListLibrary, MAX_DEBUG_DATA * sizeof LIBRARY_ITEM_DATAW);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
hListLibraryFirst = false;
|
hListLibraryFirst = false;
|
||||||
hListLibraryPtr = (PLIBRARY_ITEM_DATAW)hListLibrary;
|
LIBRARY_ITEM_DATAW NewLibraryData;
|
||||||
while(hListLibraryPtr->hFile != NULL)
|
memset(&NewLibraryData, 0, sizeof(LIBRARY_ITEM_DATAW));
|
||||||
{
|
NewLibraryData.hFile = DBGEvent.u.LoadDll.hFile;
|
||||||
hListLibraryPtr = (PLIBRARY_ITEM_DATAW)((ULONG_PTR)hListLibraryPtr + sizeof LIBRARY_ITEM_DATAW);
|
NewLibraryData.BaseOfDll = DBGEvent.u.LoadDll.lpBaseOfDll;
|
||||||
}
|
|
||||||
hListLibraryPtr->hFile = DBGEvent.u.LoadDll.hFile;
|
|
||||||
hListLibraryPtr->BaseOfDll = DBGEvent.u.LoadDll.lpBaseOfDll;
|
|
||||||
hFileMapping = CreateFileMappingA(DBGEvent.u.LoadDll.hFile, NULL, PAGE_READONLY, NULL, GetFileSize(DBGEvent.u.LoadDll.hFile, NULL), NULL);
|
hFileMapping = CreateFileMappingA(DBGEvent.u.LoadDll.hFile, NULL, PAGE_READONLY, NULL, GetFileSize(DBGEvent.u.LoadDll.hFile, NULL), NULL);
|
||||||
if(hFileMapping != NULL)
|
if(hFileMapping != NULL)
|
||||||
{
|
{
|
||||||
hFileMappingView = MapViewOfFile(hFileMapping, FILE_MAP_READ, NULL, NULL, NULL);
|
hFileMappingView = MapViewOfFile(hFileMapping, FILE_MAP_READ, NULL, NULL, NULL);
|
||||||
if(hFileMappingView != NULL)
|
if(hFileMappingView != NULL)
|
||||||
{
|
{
|
||||||
hListLibraryPtr->hFileMapping = hFileMapping;
|
NewLibraryData.hFileMapping = hFileMapping;
|
||||||
hListLibraryPtr->hFileMappingView = hFileMappingView;
|
NewLibraryData.hFileMappingView = hFileMappingView;
|
||||||
if(GetMappedFileNameW(GetCurrentProcess(), hFileMappingView, DLLDebugFileName, sizeof(DLLDebugFileName)/sizeof(DLLDebugFileName[0])) > NULL)
|
if(GetMappedFileNameW(GetCurrentProcess(), hFileMappingView, DLLDebugFileName, sizeof(DLLDebugFileName)/sizeof(DLLDebugFileName[0])) > NULL)
|
||||||
{
|
{
|
||||||
int i = lstrlenW(DLLDebugFileName);
|
int i = lstrlenW(DLLDebugFileName);
|
||||||
while(DLLDebugFileName[i] != 0x5C && i >= NULL)
|
while(DLLDebugFileName[i]!='\\' && i)
|
||||||
{
|
|
||||||
i--;
|
i--;
|
||||||
}
|
|
||||||
if(DebugDebuggingDLL)
|
if(DebugDebuggingDLL)
|
||||||
{
|
{
|
||||||
if(lstrcmpiW(&DLLDebugFileName[i+1], DebugDebuggingDLLFileName) == NULL)
|
if(lstrcmpiW(&DLLDebugFileName[i+1], DebugDebuggingDLLFileName) == NULL)
|
||||||
|
|
@ -353,42 +306,36 @@ __declspec(dllexport) void TITCALL DebugLoop()
|
||||||
engineFakeDLLHandle = (ULONG_PTR)DBGEvent.u.LoadDll.lpBaseOfDll;
|
engineFakeDLLHandle = (ULONG_PTR)DBGEvent.u.LoadDll.lpBaseOfDll;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
lstrcpyW(hListLibraryPtr->szLibraryName, &DLLDebugFileName[i+1]);
|
lstrcpyW(NewLibraryData.szLibraryName, &DLLDebugFileName[i+1]);
|
||||||
szTranslatedNativeName = (wchar_t*)TranslateNativeNameW(DLLDebugFileName);
|
szTranslatedNativeName = (wchar_t*)TranslateNativeNameW(DLLDebugFileName);
|
||||||
lstrcpyW(hListLibraryPtr->szLibraryPath, szTranslatedNativeName);
|
lstrcpyW(NewLibraryData.szLibraryPath, szTranslatedNativeName);
|
||||||
VirtualFree((void*)szTranslatedNativeName, NULL, MEM_RELEASE);
|
VirtualFree((void*)szTranslatedNativeName, NULL, MEM_RELEASE);
|
||||||
RtlZeroMemory(szAnsiLibraryName, sizeof szAnsiLibraryName);
|
RtlZeroMemory(szAnsiLibraryName, sizeof(szAnsiLibraryName));
|
||||||
WideCharToMultiByte(CP_ACP, NULL, hListLibraryPtr->szLibraryName, -1, szAnsiLibraryName, sizeof szAnsiLibraryName, NULL, NULL);
|
WideCharToMultiByte(CP_ACP, NULL, NewLibraryData.szLibraryName, -1, szAnsiLibraryName, sizeof szAnsiLibraryName, NULL, NULL);
|
||||||
ptrLibrarianData = (PLIBRARY_BREAK_DATA)LibrarianData;
|
|
||||||
k = NULL;
|
//library breakpoint
|
||||||
if(ptrLibrarianData != NULL)
|
int libbpcount=LibrarianData.size();
|
||||||
|
for(int i=libbpcount-1; i>-1; i--)
|
||||||
{
|
{
|
||||||
while(k < MAX_LIBRARY_BPX)
|
ptrLibrarianData=&LibrarianData.at(i);
|
||||||
|
if(!lstrcmpiA(ptrLibrarianData->szLibraryName, szAnsiLibraryName))
|
||||||
{
|
{
|
||||||
if(ptrLibrarianData->szLibraryName[0] != 0x00)
|
if(ptrLibrarianData->bpxType == UE_ON_LIB_LOAD || ptrLibrarianData->bpxType == UE_ON_LIB_ALL)
|
||||||
{
|
{
|
||||||
if(lstrcmpiA(ptrLibrarianData->szLibraryName, szAnsiLibraryName) == NULL)
|
myCustomHandler = (fCustomHandler)(ptrLibrarianData->bpxCallBack);
|
||||||
|
__try
|
||||||
{
|
{
|
||||||
if(ptrLibrarianData->bpxType == UE_ON_LIB_LOAD || ptrLibrarianData->bpxType == UE_ON_LIB_ALL)
|
myCustomHandler(&DBGEvent.u.LoadDll);
|
||||||
{
|
}
|
||||||
myCustomHandler = (fCustomHandler)(ptrLibrarianData->bpxCallBack);
|
__except(EXCEPTION_EXECUTE_HANDLER)
|
||||||
__try
|
{
|
||||||
{
|
LibrarianRemoveBreakPoint(ptrLibrarianData->szLibraryName, ptrLibrarianData->bpxType);
|
||||||
myCustomHandler(&DBGEvent.u.LoadDll);
|
}
|
||||||
}
|
if(ptrLibrarianData->bpxSingleShoot)
|
||||||
__except(EXCEPTION_EXECUTE_HANDLER)
|
{
|
||||||
{
|
LibrarianRemoveBreakPoint(ptrLibrarianData->szLibraryName, ptrLibrarianData->bpxType);
|
||||||
LibrarianRemoveBreakPoint(ptrLibrarianData->szLibraryName, ptrLibrarianData->bpxType);
|
|
||||||
}
|
|
||||||
if(ptrLibrarianData->bpxSingleShoot)
|
|
||||||
{
|
|
||||||
LibrarianRemoveBreakPoint(ptrLibrarianData->szLibraryName, ptrLibrarianData->bpxType);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
ptrLibrarianData = (PLIBRARY_BREAK_DATA)((ULONG_PTR)ptrLibrarianData + sizeof LIBRARY_BREAK_DATA);
|
|
||||||
k++;
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
@ -426,65 +373,53 @@ __declspec(dllexport) void TITCALL DebugLoop()
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
//maintain library list
|
//library breakpoint
|
||||||
k = NULL;
|
|
||||||
ptrLibrarianData = (PLIBRARY_BREAK_DATA)LibrarianData;
|
|
||||||
hLoadedLibData = (PLIBRARY_ITEM_DATAW)LibrarianGetLibraryInfoEx(DBGEvent.u.UnloadDll.lpBaseOfDll);
|
hLoadedLibData = (PLIBRARY_ITEM_DATAW)LibrarianGetLibraryInfoEx(DBGEvent.u.UnloadDll.lpBaseOfDll);
|
||||||
if(hLoadedLibData != NULL)
|
if(hLoadedLibData)
|
||||||
{
|
{
|
||||||
RtlZeroMemory(szAnsiLibraryName, sizeof szAnsiLibraryName);
|
RtlZeroMemory(szAnsiLibraryName, sizeof(szAnsiLibraryName));
|
||||||
WideCharToMultiByte(CP_ACP, NULL, hLoadedLibData->szLibraryName, -1, szAnsiLibraryName, sizeof szAnsiLibraryName, NULL, NULL);
|
WideCharToMultiByte(CP_ACP, NULL, hLoadedLibData->szLibraryName, -1, szAnsiLibraryName, sizeof szAnsiLibraryName, NULL, NULL);
|
||||||
if(ptrLibrarianData != NULL)
|
int libbpcount=LibrarianData.size();
|
||||||
|
for(int i=libbpcount-1; i>-1; i--)
|
||||||
{
|
{
|
||||||
while(k < MAX_LIBRARY_BPX)
|
ptrLibrarianData=&LibrarianData.at(i);
|
||||||
|
if(!lstrcmpiA(ptrLibrarianData->szLibraryName, szAnsiLibraryName))
|
||||||
{
|
{
|
||||||
if(ptrLibrarianData->szLibraryName[0] != 0x00)
|
if(ptrLibrarianData->bpxType == UE_ON_LIB_UNLOAD || ptrLibrarianData->bpxType == UE_ON_LIB_ALL)
|
||||||
{
|
{
|
||||||
if(lstrcmpiA(ptrLibrarianData->szLibraryName, szAnsiLibraryName) == NULL)
|
myCustomHandler = (fCustomHandler)(ptrLibrarianData->bpxCallBack);
|
||||||
|
__try
|
||||||
{
|
{
|
||||||
if(ptrLibrarianData->bpxType == UE_ON_LIB_UNLOAD || ptrLibrarianData->bpxType == UE_ON_LIB_ALL)
|
myCustomHandler(&DBGEvent.u.UnloadDll);
|
||||||
{
|
}
|
||||||
myCustomHandler = (fCustomHandler)(ptrLibrarianData->bpxCallBack);
|
__except(EXCEPTION_EXECUTE_HANDLER)
|
||||||
__try
|
{
|
||||||
{
|
LibrarianRemoveBreakPoint(ptrLibrarianData->szLibraryName, ptrLibrarianData->bpxType);
|
||||||
myCustomHandler(&DBGEvent.u.UnloadDll);
|
}
|
||||||
}
|
if(ptrLibrarianData->bpxSingleShoot)
|
||||||
__except(EXCEPTION_EXECUTE_HANDLER)
|
{
|
||||||
{
|
LibrarianRemoveBreakPoint(ptrLibrarianData->szLibraryName, ptrLibrarianData->bpxType);
|
||||||
LibrarianRemoveBreakPoint(ptrLibrarianData->szLibraryName, ptrLibrarianData->bpxType);
|
|
||||||
}
|
|
||||||
if(ptrLibrarianData->bpxSingleShoot)
|
|
||||||
{
|
|
||||||
LibrarianRemoveBreakPoint(ptrLibrarianData->szLibraryName, ptrLibrarianData->bpxType);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
ptrLibrarianData = (PLIBRARY_BREAK_DATA)((ULONG_PTR)ptrLibrarianData + sizeof LIBRARY_BREAK_DATA);
|
|
||||||
k++;
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
hListLibraryPtr = (PLIBRARY_ITEM_DATAW)hListLibrary;
|
|
||||||
if(hListLibraryPtr != NULL)
|
//maintain library list
|
||||||
|
int libcount=hListLibrary.size();
|
||||||
|
for(int i=0; i<libcount; i++)
|
||||||
{
|
{
|
||||||
while(hListLibraryPtr->hFile != NULL)
|
if(hListLibrary.at(i).BaseOfDll == DBGEvent.u.UnloadDll.lpBaseOfDll &&
|
||||||
|
hListLibrary.at(i).hFile != INVALID_HANDLE_VALUE)
|
||||||
{
|
{
|
||||||
if(hListLibraryPtr->BaseOfDll == DBGEvent.u.UnloadDll.lpBaseOfDll)
|
if(hListLibrary.at(i).hFileMappingView != NULL)
|
||||||
{
|
{
|
||||||
if(hListLibraryPtr->hFile != (HANDLE)-1)
|
UnmapViewOfFile(hListLibrary.at(i).hFileMappingView);
|
||||||
{
|
EngineCloseHandle(hListLibrary.at(i).hFileMapping);
|
||||||
if(hListLibraryPtr->hFileMappingView != NULL)
|
|
||||||
{
|
|
||||||
UnmapViewOfFile(hListLibraryPtr->hFileMappingView);
|
|
||||||
EngineCloseHandle(hListLibraryPtr->hFileMapping);
|
|
||||||
}
|
|
||||||
EngineCloseHandle(hListLibraryPtr->hFile);
|
|
||||||
RtlZeroMemory(hListLibraryPtr, sizeof LIBRARY_ITEM_DATAW);
|
|
||||||
hListLibraryPtr->hFile = (HANDLE)-1;
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
hListLibraryPtr = (PLIBRARY_ITEM_DATAW)((ULONG_PTR)hListLibraryPtr + sizeof LIBRARY_ITEM_DATAW);
|
EngineCloseHandle(hListLibrary.at(i).hFile);
|
||||||
|
hListLibrary.erase(hListLibrary.begin()+i);
|
||||||
|
break;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -127,7 +127,6 @@ __declspec(dllexport) long long TITCALL ImporterGetRemoteAPIAddressEx(char* szDL
|
||||||
int i = 0;
|
int i = 0;
|
||||||
int j = 0;
|
int j = 0;
|
||||||
char szAnsiLibraryName[MAX_PATH];
|
char szAnsiLibraryName[MAX_PATH];
|
||||||
PLIBRARY_ITEM_DATAW hListLibraryPtr = NULL;
|
|
||||||
ULONG_PTR APIFoundAddress = 0;
|
ULONG_PTR APIFoundAddress = 0;
|
||||||
PIMAGE_DOS_HEADER DOSHeader;
|
PIMAGE_DOS_HEADER DOSHeader;
|
||||||
PIMAGE_NT_HEADERS32 PEHeader32;
|
PIMAGE_NT_HEADERS32 PEHeader32;
|
||||||
|
|
@ -136,79 +135,77 @@ __declspec(dllexport) long long TITCALL ImporterGetRemoteAPIAddressEx(char* szDL
|
||||||
PEXPORTED_DATA ExportedFunctions;
|
PEXPORTED_DATA ExportedFunctions;
|
||||||
PEXPORTED_DATA ExportedFunctionNames;
|
PEXPORTED_DATA ExportedFunctionNames;
|
||||||
PEXPORTED_DATA_WORD ExportedFunctionOrdinals;
|
PEXPORTED_DATA_WORD ExportedFunctionOrdinals;
|
||||||
|
PLIBRARY_ITEM_DATAW hListLibraryPtr;
|
||||||
bool FileIs64 = false;
|
bool FileIs64 = false;
|
||||||
|
|
||||||
hListLibraryPtr = (PLIBRARY_ITEM_DATAW)hListLibrary;
|
int libcount=hListLibrary.size();
|
||||||
if(hListLibraryPtr != NULL)
|
for(int i=0; i<libcount; i++)
|
||||||
{
|
{
|
||||||
while(hListLibraryPtr->hFile != NULL)
|
hListLibraryPtr=&hListLibrary.at(i);
|
||||||
|
WideCharToMultiByte(CP_ACP, NULL, hListLibraryPtr->szLibraryName, -1, szAnsiLibraryName, sizeof szAnsiLibraryName, NULL, NULL);
|
||||||
|
if(lstrcmpiA(szAnsiLibraryName, szDLLName) == NULL)
|
||||||
{
|
{
|
||||||
WideCharToMultiByte(CP_ACP, NULL, hListLibraryPtr->szLibraryName, -1, szAnsiLibraryName, sizeof szAnsiLibraryName, NULL, NULL);
|
__try
|
||||||
if(lstrcmpiA(szAnsiLibraryName, szDLLName) == NULL)
|
|
||||||
{
|
{
|
||||||
__try
|
DOSHeader = (PIMAGE_DOS_HEADER)hListLibraryPtr->hFileMappingView;
|
||||||
|
PEHeader32 = (PIMAGE_NT_HEADERS32)((ULONG_PTR)DOSHeader + DOSHeader->e_lfanew);
|
||||||
|
PEHeader64 = (PIMAGE_NT_HEADERS64)((ULONG_PTR)DOSHeader + DOSHeader->e_lfanew);
|
||||||
|
if(PEHeader32->OptionalHeader.Magic == 0x10B)
|
||||||
|
{
|
||||||
|
FileIs64 = false;
|
||||||
|
}
|
||||||
|
else if(PEHeader32->OptionalHeader.Magic == 0x20B)
|
||||||
|
{
|
||||||
|
FileIs64 = true;
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
return(NULL);
|
||||||
|
}
|
||||||
|
if(!FileIs64)
|
||||||
|
{
|
||||||
|
PEExports = (PIMAGE_EXPORT_DIRECTORY)((ULONG_PTR)ConvertVAtoFileOffsetEx((ULONG_PTR)hListLibraryPtr->hFileMappingView, GetFileSize(hListLibraryPtr->hFile, NULL), (ULONG_PTR)PEHeader32->OptionalHeader.ImageBase, PEHeader32->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_EXPORT].VirtualAddress, true, true));
|
||||||
|
ExportedFunctions = (PEXPORTED_DATA)((ULONG_PTR)ConvertVAtoFileOffsetEx((ULONG_PTR)hListLibraryPtr->hFileMappingView, GetFileSize(hListLibraryPtr->hFile, NULL), (ULONG_PTR)PEHeader32->OptionalHeader.ImageBase, PEExports->AddressOfFunctions, true, true));
|
||||||
|
ExportedFunctionNames = (PEXPORTED_DATA)((ULONG_PTR)ConvertVAtoFileOffsetEx((ULONG_PTR)hListLibraryPtr->hFileMappingView, GetFileSize(hListLibraryPtr->hFile, NULL), (ULONG_PTR)PEHeader32->OptionalHeader.ImageBase, PEExports->AddressOfNames, true, true));
|
||||||
|
ExportedFunctionOrdinals = (PEXPORTED_DATA_WORD)((ULONG_PTR)ConvertVAtoFileOffsetEx((ULONG_PTR)hListLibraryPtr->hFileMappingView, GetFileSize(hListLibraryPtr->hFile, NULL), (ULONG_PTR)PEHeader32->OptionalHeader.ImageBase, PEExports->AddressOfNameOrdinals, true, true));
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
PEExports = (PIMAGE_EXPORT_DIRECTORY)((ULONG_PTR)ConvertVAtoFileOffsetEx((ULONG_PTR)hListLibraryPtr->hFileMappingView, GetFileSize(hListLibraryPtr->hFile, NULL), (ULONG_PTR)PEHeader64->OptionalHeader.ImageBase, PEHeader64->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_EXPORT].VirtualAddress, true, true));
|
||||||
|
ExportedFunctions = (PEXPORTED_DATA)((ULONG_PTR)ConvertVAtoFileOffsetEx((ULONG_PTR)hListLibraryPtr->hFileMappingView, GetFileSize(hListLibraryPtr->hFile, NULL), (ULONG_PTR)PEHeader64->OptionalHeader.ImageBase, PEExports->AddressOfFunctions, true, true));
|
||||||
|
ExportedFunctionNames = (PEXPORTED_DATA)((ULONG_PTR)ConvertVAtoFileOffsetEx((ULONG_PTR)hListLibraryPtr->hFileMappingView, GetFileSize(hListLibraryPtr->hFile, NULL), (ULONG_PTR)PEHeader64->OptionalHeader.ImageBase, PEExports->AddressOfNames, true, true));
|
||||||
|
ExportedFunctionOrdinals = (PEXPORTED_DATA_WORD)((ULONG_PTR)ConvertVAtoFileOffsetEx((ULONG_PTR)hListLibraryPtr->hFileMappingView, GetFileSize(hListLibraryPtr->hFile, NULL), (ULONG_PTR)PEHeader64->OptionalHeader.ImageBase, PEExports->AddressOfNameOrdinals, true, true));
|
||||||
|
}
|
||||||
|
for(j = 0; j <= (int)PEExports->NumberOfNames; j++)
|
||||||
{
|
{
|
||||||
DOSHeader = (PIMAGE_DOS_HEADER)hListLibraryPtr->hFileMappingView;
|
|
||||||
PEHeader32 = (PIMAGE_NT_HEADERS32)((ULONG_PTR)DOSHeader + DOSHeader->e_lfanew);
|
|
||||||
PEHeader64 = (PIMAGE_NT_HEADERS64)((ULONG_PTR)DOSHeader + DOSHeader->e_lfanew);
|
|
||||||
if(PEHeader32->OptionalHeader.Magic == 0x10B)
|
|
||||||
{
|
|
||||||
FileIs64 = false;
|
|
||||||
}
|
|
||||||
else if(PEHeader32->OptionalHeader.Magic == 0x20B)
|
|
||||||
{
|
|
||||||
FileIs64 = true;
|
|
||||||
}
|
|
||||||
else
|
|
||||||
{
|
|
||||||
return(NULL);
|
|
||||||
}
|
|
||||||
if(!FileIs64)
|
if(!FileIs64)
|
||||||
{
|
{
|
||||||
PEExports = (PIMAGE_EXPORT_DIRECTORY)((ULONG_PTR)ConvertVAtoFileOffsetEx((ULONG_PTR)hListLibraryPtr->hFileMappingView, GetFileSize(hListLibraryPtr->hFile, NULL), (ULONG_PTR)PEHeader32->OptionalHeader.ImageBase, PEHeader32->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_EXPORT].VirtualAddress, true, true));
|
if(lstrcmpiA((LPCSTR)szAPIName, (LPCSTR)((ULONG_PTR)ConvertVAtoFileOffsetEx((ULONG_PTR)hListLibraryPtr->hFileMappingView, GetFileSize(hListLibraryPtr->hFile, NULL), (ULONG_PTR)PEHeader32->OptionalHeader.ImageBase, ExportedFunctionNames->ExportedItem, true, true))) == NULL)
|
||||||
ExportedFunctions = (PEXPORTED_DATA)((ULONG_PTR)ConvertVAtoFileOffsetEx((ULONG_PTR)hListLibraryPtr->hFileMappingView, GetFileSize(hListLibraryPtr->hFile, NULL), (ULONG_PTR)PEHeader32->OptionalHeader.ImageBase, PEExports->AddressOfFunctions, true, true));
|
{
|
||||||
ExportedFunctionNames = (PEXPORTED_DATA)((ULONG_PTR)ConvertVAtoFileOffsetEx((ULONG_PTR)hListLibraryPtr->hFileMappingView, GetFileSize(hListLibraryPtr->hFile, NULL), (ULONG_PTR)PEHeader32->OptionalHeader.ImageBase, PEExports->AddressOfNames, true, true));
|
ExportedFunctionOrdinals = (PEXPORTED_DATA_WORD)((ULONG_PTR)ExportedFunctionOrdinals + j * 2);
|
||||||
ExportedFunctionOrdinals = (PEXPORTED_DATA_WORD)((ULONG_PTR)ConvertVAtoFileOffsetEx((ULONG_PTR)hListLibraryPtr->hFileMappingView, GetFileSize(hListLibraryPtr->hFile, NULL), (ULONG_PTR)PEHeader32->OptionalHeader.ImageBase, PEExports->AddressOfNameOrdinals, true, true));
|
ExportedFunctions = (PEXPORTED_DATA)((ULONG_PTR)ExportedFunctions + (ExportedFunctionOrdinals->OrdinalNumber) * 4);
|
||||||
|
APIFoundAddress = ExportedFunctions->ExportedItem + (ULONG_PTR)hListLibraryPtr->BaseOfDll;
|
||||||
|
return((ULONG_PTR)APIFoundAddress);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
PEExports = (PIMAGE_EXPORT_DIRECTORY)((ULONG_PTR)ConvertVAtoFileOffsetEx((ULONG_PTR)hListLibraryPtr->hFileMappingView, GetFileSize(hListLibraryPtr->hFile, NULL), (ULONG_PTR)PEHeader64->OptionalHeader.ImageBase, PEHeader64->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_EXPORT].VirtualAddress, true, true));
|
if(lstrcmpiA((LPCSTR)szAPIName, (LPCSTR)((ULONG_PTR)ConvertVAtoFileOffsetEx((ULONG_PTR)hListLibraryPtr->hFileMappingView, GetFileSize(hListLibraryPtr->hFile, NULL), (ULONG_PTR)PEHeader64->OptionalHeader.ImageBase, ExportedFunctionNames->ExportedItem, true, true))) == NULL)
|
||||||
ExportedFunctions = (PEXPORTED_DATA)((ULONG_PTR)ConvertVAtoFileOffsetEx((ULONG_PTR)hListLibraryPtr->hFileMappingView, GetFileSize(hListLibraryPtr->hFile, NULL), (ULONG_PTR)PEHeader64->OptionalHeader.ImageBase, PEExports->AddressOfFunctions, true, true));
|
|
||||||
ExportedFunctionNames = (PEXPORTED_DATA)((ULONG_PTR)ConvertVAtoFileOffsetEx((ULONG_PTR)hListLibraryPtr->hFileMappingView, GetFileSize(hListLibraryPtr->hFile, NULL), (ULONG_PTR)PEHeader64->OptionalHeader.ImageBase, PEExports->AddressOfNames, true, true));
|
|
||||||
ExportedFunctionOrdinals = (PEXPORTED_DATA_WORD)((ULONG_PTR)ConvertVAtoFileOffsetEx((ULONG_PTR)hListLibraryPtr->hFileMappingView, GetFileSize(hListLibraryPtr->hFile, NULL), (ULONG_PTR)PEHeader64->OptionalHeader.ImageBase, PEExports->AddressOfNameOrdinals, true, true));
|
|
||||||
}
|
|
||||||
for(j = 0; j <= (int)PEExports->NumberOfNames; j++)
|
|
||||||
{
|
|
||||||
if(!FileIs64)
|
|
||||||
{
|
{
|
||||||
if(lstrcmpiA((LPCSTR)szAPIName, (LPCSTR)((ULONG_PTR)ConvertVAtoFileOffsetEx((ULONG_PTR)hListLibraryPtr->hFileMappingView, GetFileSize(hListLibraryPtr->hFile, NULL), (ULONG_PTR)PEHeader32->OptionalHeader.ImageBase, ExportedFunctionNames->ExportedItem, true, true))) == NULL)
|
ExportedFunctionOrdinals = (PEXPORTED_DATA_WORD)((ULONG_PTR)ExportedFunctionOrdinals + j * 2);
|
||||||
{
|
ExportedFunctions = (PEXPORTED_DATA)((ULONG_PTR)ExportedFunctions + (ExportedFunctionOrdinals->OrdinalNumber) * 4);
|
||||||
ExportedFunctionOrdinals = (PEXPORTED_DATA_WORD)((ULONG_PTR)ExportedFunctionOrdinals + j * 2);
|
APIFoundAddress = ExportedFunctions->ExportedItem + (ULONG_PTR)hListLibraryPtr->BaseOfDll;
|
||||||
ExportedFunctions = (PEXPORTED_DATA)((ULONG_PTR)ExportedFunctions + (ExportedFunctionOrdinals->OrdinalNumber) * 4);
|
return((ULONG_PTR)APIFoundAddress);
|
||||||
APIFoundAddress = ExportedFunctions->ExportedItem + (ULONG_PTR)hListLibraryPtr->BaseOfDll;
|
|
||||||
return((ULONG_PTR)APIFoundAddress);
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
else
|
|
||||||
{
|
|
||||||
if(lstrcmpiA((LPCSTR)szAPIName, (LPCSTR)((ULONG_PTR)ConvertVAtoFileOffsetEx((ULONG_PTR)hListLibraryPtr->hFileMappingView, GetFileSize(hListLibraryPtr->hFile, NULL), (ULONG_PTR)PEHeader64->OptionalHeader.ImageBase, ExportedFunctionNames->ExportedItem, true, true))) == NULL)
|
|
||||||
{
|
|
||||||
ExportedFunctionOrdinals = (PEXPORTED_DATA_WORD)((ULONG_PTR)ExportedFunctionOrdinals + j * 2);
|
|
||||||
ExportedFunctions = (PEXPORTED_DATA)((ULONG_PTR)ExportedFunctions + (ExportedFunctionOrdinals->OrdinalNumber) * 4);
|
|
||||||
APIFoundAddress = ExportedFunctions->ExportedItem + (ULONG_PTR)hListLibraryPtr->BaseOfDll;
|
|
||||||
return((ULONG_PTR)APIFoundAddress);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
ExportedFunctionNames = (PEXPORTED_DATA)((ULONG_PTR)ExportedFunctionNames + 4);
|
|
||||||
}
|
}
|
||||||
return(NULL);
|
ExportedFunctionNames = (PEXPORTED_DATA)((ULONG_PTR)ExportedFunctionNames + 4);
|
||||||
}
|
|
||||||
__except(EXCEPTION_EXECUTE_HANDLER)
|
|
||||||
{
|
|
||||||
return(NULL);
|
|
||||||
}
|
}
|
||||||
|
return(NULL);
|
||||||
|
}
|
||||||
|
__except(EXCEPTION_EXECUTE_HANDLER)
|
||||||
|
{
|
||||||
|
return(NULL);
|
||||||
}
|
}
|
||||||
hListLibraryPtr = (PLIBRARY_ITEM_DATAW)((ULONG_PTR)hListLibraryPtr + sizeof LIBRARY_ITEM_DATAW);
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
return(NULL);
|
return(NULL);
|
||||||
|
|
|
||||||
|
|
@ -2,116 +2,41 @@
|
||||||
#include "definitions.h"
|
#include "definitions.h"
|
||||||
#include "Global.Librarian.h"
|
#include "Global.Librarian.h"
|
||||||
|
|
||||||
|
static LIBRARY_ITEM_DATA LibraryInfoData = {};
|
||||||
|
|
||||||
// TitanEngine.Librarian.functions:
|
// TitanEngine.Librarian.functions:
|
||||||
__declspec(dllexport) bool TITCALL LibrarianSetBreakPoint(char* szLibraryName, DWORD bpxType, bool SingleShoot, LPVOID bpxCallBack)
|
__declspec(dllexport) bool TITCALL LibrarianSetBreakPoint(char* szLibraryName, DWORD bpxType, bool SingleShoot, LPVOID bpxCallBack)
|
||||||
{
|
{
|
||||||
|
LIBRARY_BREAK_DATA NewLibrarianData;
|
||||||
int i = MAX_LIBRARY_BPX;
|
memset(&NewLibrarianData, 0, sizeof(LIBRARY_BREAK_DATA));
|
||||||
PLIBRARY_BREAK_DATA ptrLibrarianData = (PLIBRARY_BREAK_DATA)LibrarianData;
|
lstrcpyA(NewLibrarianData.szLibraryName, szLibraryName);
|
||||||
|
NewLibrarianData.bpxCallBack = bpxCallBack;
|
||||||
if(szLibraryName != NULL && ptrLibrarianData != NULL)
|
NewLibrarianData.bpxSingleShoot = SingleShoot;
|
||||||
{
|
NewLibrarianData.bpxType = bpxType;
|
||||||
while(i > NULL && ptrLibrarianData->szLibraryName[0] != 0x00)
|
LibrarianData.push_back(NewLibrarianData);
|
||||||
{
|
return true;
|
||||||
ptrLibrarianData = (PLIBRARY_BREAK_DATA)((ULONG_PTR)ptrLibrarianData + sizeof LIBRARY_BREAK_DATA);
|
|
||||||
i--;
|
|
||||||
}
|
|
||||||
lstrcpyA(&ptrLibrarianData->szLibraryName[0], szLibraryName);
|
|
||||||
ptrLibrarianData->bpxCallBack = bpxCallBack;
|
|
||||||
ptrLibrarianData->bpxSingleShoot = SingleShoot;
|
|
||||||
ptrLibrarianData->bpxType = bpxType;
|
|
||||||
return true;
|
|
||||||
}
|
|
||||||
return false;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
__declspec(dllexport) bool TITCALL LibrarianRemoveBreakPoint(char* szLibraryName, DWORD bpxType)
|
__declspec(dllexport) bool TITCALL LibrarianRemoveBreakPoint(char* szLibraryName, DWORD bpxType)
|
||||||
{
|
{
|
||||||
|
int libbpcount=LibrarianData.size();
|
||||||
int i = MAX_LIBRARY_BPX;
|
for(int i=libbpcount=1; i>-1; i--)
|
||||||
PLIBRARY_BREAK_DATA ptrLibrarianData = (PLIBRARY_BREAK_DATA)LibrarianData;
|
if(!lstrcmpiA(szLibraryName, LibrarianData.at(i).szLibraryName) && (LibrarianData.at(i).bpxType == bpxType || bpxType == UE_ON_LIB_ALL))
|
||||||
|
|
||||||
if(szLibraryName != NULL && ptrLibrarianData != NULL)
|
|
||||||
{
|
|
||||||
while(i > NULL)
|
|
||||||
{
|
{
|
||||||
if(ptrLibrarianData->szLibraryName[0] != 0x00)
|
LibrarianData.erase(LibrarianData.begin()+i);
|
||||||
{
|
|
||||||
if(lstrcmpiA(szLibraryName, ptrLibrarianData->szLibraryName) == NULL && (ptrLibrarianData->bpxType == bpxType || bpxType == UE_ON_LIB_ALL))
|
|
||||||
{
|
|
||||||
RtlZeroMemory(ptrLibrarianData, sizeof LIBRARY_BREAK_DATA);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
ptrLibrarianData = (PLIBRARY_BREAK_DATA)((ULONG_PTR)ptrLibrarianData + sizeof LIBRARY_BREAK_DATA);
|
|
||||||
i--;
|
|
||||||
}
|
}
|
||||||
return true;
|
return true;
|
||||||
}
|
|
||||||
return false;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
__declspec(dllexport) void* TITCALL LibrarianGetLibraryInfo(char* szLibraryName)
|
__declspec(dllexport) void* TITCALL LibrarianGetLibraryInfo(char* szLibraryName)
|
||||||
{
|
{
|
||||||
|
if(!szLibraryName)
|
||||||
|
return NULL;
|
||||||
wchar_t uniLibraryName[MAX_PATH] = {};
|
wchar_t uniLibraryName[MAX_PATH] = {};
|
||||||
PLIBRARY_ITEM_DATAW LibInfo;
|
PLIBRARY_ITEM_DATAW LibInfo;
|
||||||
|
MultiByteToWideChar(CP_ACP, NULL, szLibraryName, lstrlenA(szLibraryName)+1, uniLibraryName, sizeof(uniLibraryName)/(sizeof(uniLibraryName[0])));
|
||||||
if(szLibraryName != NULL)
|
LibInfo = (PLIBRARY_ITEM_DATAW)LibrarianGetLibraryInfoW(uniLibraryName);
|
||||||
{
|
if(LibInfo)
|
||||||
MultiByteToWideChar(CP_ACP, NULL, szLibraryName, lstrlenA(szLibraryName)+1, uniLibraryName, sizeof(uniLibraryName)/(sizeof(uniLibraryName[0])));
|
|
||||||
LibInfo = (PLIBRARY_ITEM_DATAW)LibrarianGetLibraryInfoW(uniLibraryName);
|
|
||||||
if(LibInfo != NULL)
|
|
||||||
{
|
|
||||||
RtlZeroMemory(&LibraryInfoData, sizeof LIBRARY_ITEM_DATA);
|
|
||||||
LibraryInfoData.hFile = LibInfo->hFile;
|
|
||||||
LibraryInfoData.BaseOfDll = LibInfo->BaseOfDll;
|
|
||||||
LibraryInfoData.hFileMapping = LibInfo->hFileMapping;
|
|
||||||
LibraryInfoData.hFileMappingView = LibInfo->hFileMappingView;
|
|
||||||
WideCharToMultiByte(CP_ACP, NULL, LibInfo->szLibraryName, -1, &LibraryInfoData.szLibraryName[0], sizeof LibraryInfoData.szLibraryName, NULL, NULL);
|
|
||||||
WideCharToMultiByte(CP_ACP, NULL, LibInfo->szLibraryPath, -1, &LibraryInfoData.szLibraryPath[0], sizeof LibraryInfoData.szLibraryPath, NULL, NULL);
|
|
||||||
return((void*)&LibraryInfoData);
|
|
||||||
}
|
|
||||||
else
|
|
||||||
{
|
|
||||||
return(NULL);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
else
|
|
||||||
{
|
|
||||||
return(NULL);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
__declspec(dllexport) void* TITCALL LibrarianGetLibraryInfoW(wchar_t* szLibraryName)
|
|
||||||
{
|
|
||||||
|
|
||||||
PLIBRARY_ITEM_DATAW hListLibraryPtr = NULL;
|
|
||||||
|
|
||||||
if(hListLibrary != NULL)
|
|
||||||
{
|
|
||||||
hListLibraryPtr = (PLIBRARY_ITEM_DATAW)hListLibrary;
|
|
||||||
while(hListLibraryPtr->hFile != NULL)
|
|
||||||
{
|
|
||||||
if(hListLibraryPtr->hFile != (HANDLE)-1)
|
|
||||||
{
|
|
||||||
if(lstrcmpiW(hListLibraryPtr->szLibraryName, szLibraryName) == NULL)
|
|
||||||
{
|
|
||||||
return((void*)hListLibraryPtr);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
hListLibraryPtr = (PLIBRARY_ITEM_DATAW)((ULONG_PTR)hListLibraryPtr + sizeof LIBRARY_ITEM_DATAW);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
return(NULL);
|
|
||||||
}
|
|
||||||
|
|
||||||
__declspec(dllexport) void* TITCALL LibrarianGetLibraryInfoEx(void* BaseOfDll)
|
|
||||||
{
|
|
||||||
|
|
||||||
PLIBRARY_ITEM_DATAW LibInfo;
|
|
||||||
|
|
||||||
LibInfo = (PLIBRARY_ITEM_DATAW)LibrarianGetLibraryInfoExW(BaseOfDll);
|
|
||||||
if(LibInfo != NULL)
|
|
||||||
{
|
{
|
||||||
RtlZeroMemory(&LibraryInfoData, sizeof LIBRARY_ITEM_DATA);
|
RtlZeroMemory(&LibraryInfoData, sizeof LIBRARY_ITEM_DATA);
|
||||||
LibraryInfoData.hFile = LibInfo->hFile;
|
LibraryInfoData.hFile = LibInfo->hFile;
|
||||||
|
|
@ -122,95 +47,101 @@ __declspec(dllexport) void* TITCALL LibrarianGetLibraryInfoEx(void* BaseOfDll)
|
||||||
WideCharToMultiByte(CP_ACP, NULL, LibInfo->szLibraryPath, -1, &LibraryInfoData.szLibraryPath[0], sizeof LibraryInfoData.szLibraryPath, NULL, NULL);
|
WideCharToMultiByte(CP_ACP, NULL, LibInfo->szLibraryPath, -1, &LibraryInfoData.szLibraryPath[0], sizeof LibraryInfoData.szLibraryPath, NULL, NULL);
|
||||||
return((void*)&LibraryInfoData);
|
return((void*)&LibraryInfoData);
|
||||||
}
|
}
|
||||||
else
|
return(NULL);
|
||||||
{
|
|
||||||
return(NULL);
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
__declspec(dllexport) void* TITCALL LibrarianGetLibraryInfoExW(void* BaseOfDll)
|
__declspec(dllexport) void* TITCALL LibrarianGetLibraryInfoW(wchar_t* szLibraryName)
|
||||||
{
|
{
|
||||||
|
static LIBRARY_ITEM_DATAW LibraryInfo;
|
||||||
PLIBRARY_ITEM_DATAW hListLibraryPtr = NULL;
|
memset(&LibraryInfo, 0, sizeof(LIBRARY_ITEM_DATAW));
|
||||||
|
int libcount=hListLibrary.size();
|
||||||
if(hListLibrary != NULL)
|
for(int i=0; i<libcount; i++)
|
||||||
{
|
if(hListLibrary.at(i).hFile != INVALID_HANDLE_VALUE && !lstrcmpiW(hListLibrary.at(i).szLibraryName, szLibraryName))
|
||||||
hListLibraryPtr = (PLIBRARY_ITEM_DATAW)hListLibrary;
|
|
||||||
while(hListLibraryPtr->hFile != NULL)
|
|
||||||
{
|
{
|
||||||
if(hListLibraryPtr->hFile != (HANDLE)-1)
|
memcpy(&LibraryInfo, &hListLibrary.at(i), sizeof(LIBRARY_ITEM_DATAW));
|
||||||
{
|
return &LibraryInfo;
|
||||||
if(hListLibraryPtr->BaseOfDll == BaseOfDll)
|
|
||||||
{
|
|
||||||
return((void*)hListLibraryPtr);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
hListLibraryPtr = (PLIBRARY_ITEM_DATAW)((ULONG_PTR)hListLibraryPtr + sizeof LIBRARY_ITEM_DATAW);
|
|
||||||
}
|
}
|
||||||
|
return NULL;
|
||||||
|
}
|
||||||
|
|
||||||
|
__declspec(dllexport) void* TITCALL LibrarianGetLibraryInfoEx(void* BaseOfDll)
|
||||||
|
{
|
||||||
|
PLIBRARY_ITEM_DATAW LibInfo;
|
||||||
|
LibInfo = (PLIBRARY_ITEM_DATAW)LibrarianGetLibraryInfoExW(BaseOfDll);
|
||||||
|
if(LibInfo)
|
||||||
|
{
|
||||||
|
RtlZeroMemory(&LibraryInfoData, sizeof LIBRARY_ITEM_DATA);
|
||||||
|
LibraryInfoData.hFile = LibInfo->hFile;
|
||||||
|
LibraryInfoData.BaseOfDll = LibInfo->BaseOfDll;
|
||||||
|
LibraryInfoData.hFileMapping = LibInfo->hFileMapping;
|
||||||
|
LibraryInfoData.hFileMappingView = LibInfo->hFileMappingView;
|
||||||
|
WideCharToMultiByte(CP_ACP, NULL, LibInfo->szLibraryName, -1, &LibraryInfoData.szLibraryName[0], sizeof LibraryInfoData.szLibraryName, NULL, NULL);
|
||||||
|
WideCharToMultiByte(CP_ACP, NULL, LibInfo->szLibraryPath, -1, &LibraryInfoData.szLibraryPath[0], sizeof LibraryInfoData.szLibraryPath, NULL, NULL);
|
||||||
|
return((void*)&LibraryInfoData);
|
||||||
}
|
}
|
||||||
return(NULL);
|
return(NULL);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
__declspec(dllexport) void* TITCALL LibrarianGetLibraryInfoExW(void* BaseOfDll)
|
||||||
|
{
|
||||||
|
static LIBRARY_ITEM_DATAW LibraryData;
|
||||||
|
memset(&LibraryData, 0, sizeof(LIBRARY_ITEM_DATAW));
|
||||||
|
int libcount=hListLibrary.size();
|
||||||
|
for(int i=0; i<libcount; i++)
|
||||||
|
if(hListLibrary.at(i).hFile != INVALID_HANDLE_VALUE && hListLibrary.at(i).BaseOfDll == BaseOfDll)
|
||||||
|
{
|
||||||
|
memcpy(&LibraryData, &hListLibrary.at(i), sizeof(LIBRARY_ITEM_DATAW));
|
||||||
|
return &LibraryData;
|
||||||
|
}
|
||||||
|
return NULL;
|
||||||
|
}
|
||||||
|
|
||||||
__declspec(dllexport) void TITCALL LibrarianEnumLibraryInfo(void* EnumCallBack)
|
__declspec(dllexport) void TITCALL LibrarianEnumLibraryInfo(void* EnumCallBack)
|
||||||
{
|
{
|
||||||
|
if(!EnumCallBack)
|
||||||
PLIBRARY_ITEM_DATAW hListLibraryPtr = NULL;
|
return;
|
||||||
typedef void(TITCALL *fEnumCallBack)(LPVOID fLibraryDetail);
|
typedef void(TITCALL *fEnumCallBack)(LPVOID fLibraryDetail);
|
||||||
fEnumCallBack myEnumCallBack = (fEnumCallBack)EnumCallBack;
|
fEnumCallBack myEnumCallBack = (fEnumCallBack)EnumCallBack;
|
||||||
|
int libcount=hListLibrary.size();
|
||||||
if(hListLibrary != NULL)
|
for(int i=0; i<libcount; i++)
|
||||||
{
|
if(hListLibrary.at(i).hFile != INVALID_HANDLE_VALUE)
|
||||||
hListLibraryPtr = (PLIBRARY_ITEM_DATAW)hListLibrary;
|
|
||||||
while(EnumCallBack != NULL && hListLibraryPtr->hFile != NULL)
|
|
||||||
{
|
{
|
||||||
if(hListLibraryPtr->hFile != (HANDLE)-1)
|
__try
|
||||||
{
|
{
|
||||||
__try
|
LIBRARY_ITEM_DATA myLibraryInfoData;
|
||||||
{
|
memset(&myLibraryInfoData, 0, sizeof(LIBRARY_ITEM_DATA));
|
||||||
myEnumCallBack((void*)hListLibraryPtr);
|
myLibraryInfoData.hFile = hListLibrary.at(i).hFile;
|
||||||
}
|
myLibraryInfoData.BaseOfDll = hListLibrary.at(i).BaseOfDll;
|
||||||
__except(EXCEPTION_EXECUTE_HANDLER)
|
myLibraryInfoData.hFileMapping = hListLibrary.at(i).hFileMapping;
|
||||||
{
|
myLibraryInfoData.hFileMappingView = hListLibrary.at(i).hFileMappingView;
|
||||||
EnumCallBack = NULL;
|
WideCharToMultiByte(CP_ACP, NULL, hListLibrary.at(i).szLibraryName, -1, &myLibraryInfoData.szLibraryName[0], sizeof(myLibraryInfoData.szLibraryName), NULL, NULL);
|
||||||
}
|
WideCharToMultiByte(CP_ACP, NULL, hListLibrary.at(i).szLibraryPath, -1, &myLibraryInfoData.szLibraryPath[0], sizeof(myLibraryInfoData.szLibraryPath), NULL, NULL);
|
||||||
|
myEnumCallBack(&myLibraryInfoData);
|
||||||
|
}
|
||||||
|
__except(EXCEPTION_EXECUTE_HANDLER)
|
||||||
|
{
|
||||||
|
break;
|
||||||
}
|
}
|
||||||
hListLibraryPtr = (PLIBRARY_ITEM_DATAW)((ULONG_PTR)hListLibraryPtr + sizeof LIBRARY_ITEM_DATAW);
|
|
||||||
}
|
}
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
__declspec(dllexport) void TITCALL LibrarianEnumLibraryInfoW(void* EnumCallBack)
|
__declspec(dllexport) void TITCALL LibrarianEnumLibraryInfoW(void* EnumCallBack)
|
||||||
{
|
{
|
||||||
|
if(!EnumCallBack)
|
||||||
LIBRARY_ITEM_DATA myLibraryInfoData;
|
return;
|
||||||
PLIBRARY_ITEM_DATAW hListLibraryPtr = NULL;
|
|
||||||
typedef void(TITCALL *fEnumCallBack)(LPVOID fLibraryDetail);
|
typedef void(TITCALL *fEnumCallBack)(LPVOID fLibraryDetail);
|
||||||
fEnumCallBack myEnumCallBack = (fEnumCallBack)EnumCallBack;
|
fEnumCallBack myEnumCallBack = (fEnumCallBack)EnumCallBack;
|
||||||
|
int libcount=hListLibrary.size();
|
||||||
if(hListLibrary != NULL)
|
for(int i=0; i<libcount; i++)
|
||||||
{
|
if(hListLibrary.at(i).hFile != INVALID_HANDLE_VALUE)
|
||||||
hListLibraryPtr = (PLIBRARY_ITEM_DATAW)hListLibrary;
|
|
||||||
while(EnumCallBack != NULL && hListLibraryPtr->hFile != NULL)
|
|
||||||
{
|
{
|
||||||
if(hListLibraryPtr->hFile != (HANDLE)-1)
|
__try
|
||||||
{
|
{
|
||||||
__try
|
myEnumCallBack(&hListLibrary.at(i));
|
||||||
{
|
}
|
||||||
RtlZeroMemory(&myLibraryInfoData, sizeof LIBRARY_ITEM_DATA);
|
__except(EXCEPTION_EXECUTE_HANDLER)
|
||||||
myLibraryInfoData.hFile = hListLibraryPtr->hFile;
|
{
|
||||||
myLibraryInfoData.BaseOfDll = hListLibraryPtr->BaseOfDll;
|
break;
|
||||||
myLibraryInfoData.hFileMapping = hListLibraryPtr->hFileMapping;
|
|
||||||
myLibraryInfoData.hFileMappingView = hListLibraryPtr->hFileMappingView;
|
|
||||||
WideCharToMultiByte(CP_ACP, NULL, hListLibraryPtr->szLibraryName, -1, &myLibraryInfoData.szLibraryName[0], sizeof myLibraryInfoData.szLibraryName, NULL, NULL);
|
|
||||||
WideCharToMultiByte(CP_ACP, NULL, hListLibraryPtr->szLibraryPath, -1, &myLibraryInfoData.szLibraryPath[0], sizeof myLibraryInfoData.szLibraryPath, NULL, NULL);
|
|
||||||
myEnumCallBack((void*)&myLibraryInfoData);
|
|
||||||
}
|
|
||||||
__except(EXCEPTION_EXECUTE_HANDLER)
|
|
||||||
{
|
|
||||||
EnumCallBack = NULL;
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
hListLibraryPtr = (PLIBRARY_ITEM_DATAW)((ULONG_PTR)hListLibraryPtr + sizeof LIBRARY_ITEM_DATAW);
|
|
||||||
}
|
}
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -201,7 +201,7 @@ __declspec(dllexport) bool TITCALL ThreaderIsThreadStillRunning(HANDLE hThread)
|
||||||
CONTEXT myDBGContext;
|
CONTEXT myDBGContext;
|
||||||
memset(&myDBGContext, 0, sizeof(CONTEXT));
|
memset(&myDBGContext, 0, sizeof(CONTEXT));
|
||||||
myDBGContext.ContextFlags = CONTEXT_ALL;
|
myDBGContext.ContextFlags = CONTEXT_ALL;
|
||||||
return GetThreadContext(hThread, &myDBGContext);
|
return (GetThreadContext(hThread, &myDBGContext)==TRUE);
|
||||||
}
|
}
|
||||||
|
|
||||||
__declspec(dllexport) bool TITCALL ThreaderIsThreadActive(HANDLE hThread)
|
__declspec(dllexport) bool TITCALL ThreaderIsThreadActive(HANDLE hThread)
|
||||||
|
|
@ -220,7 +220,7 @@ __declspec(dllexport) bool TITCALL ThreaderIsAnyThreadActive()
|
||||||
for(int i=0; i<threadcount; i++)
|
for(int i=0; i<threadcount; i++)
|
||||||
if(ThreaderIsThreadActive(hListThread.at(i).hThread))
|
if(ThreaderIsThreadActive(hListThread.at(i).hThread))
|
||||||
return true;
|
return true;
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
__declspec(dllexport) bool TITCALL ThreaderExecuteOnlyInjectedThreads()
|
__declspec(dllexport) bool TITCALL ThreaderExecuteOnlyInjectedThreads()
|
||||||
|
|
@ -239,7 +239,7 @@ __declspec(dllexport) long long TITCALL ThreaderGetOpenHandleForThread(DWORD Thr
|
||||||
for(int i=0; i<threadcount; i++)
|
for(int i=0; i<threadcount; i++)
|
||||||
if(hListThread.at(i).dwThreadId == ThreadId)
|
if(hListThread.at(i).dwThreadId == ThreadId)
|
||||||
return (ULONG_PTR)hListThread.at(i).hThread;
|
return (ULONG_PTR)hListThread.at(i).hThread;
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
__declspec(dllexport) bool TITCALL ThreaderIsExceptionInMainThread()
|
__declspec(dllexport) bool TITCALL ThreaderIsExceptionInMainThread()
|
||||||
|
|
|
||||||
|
|
@ -229,8 +229,6 @@ typedef struct MEMORY_COMPARE_HANDLER
|
||||||
} Array;
|
} Array;
|
||||||
} MEMORY_COMPARE_HANDLER, *PMEMORY_COMPARE_HANDLER;
|
} MEMORY_COMPARE_HANDLER, *PMEMORY_COMPARE_HANDLER;
|
||||||
|
|
||||||
#define MAX_DEBUG_DATA 65536
|
|
||||||
|
|
||||||
typedef struct
|
typedef struct
|
||||||
{
|
{
|
||||||
HANDLE hThread;
|
HANDLE hThread;
|
||||||
|
|
@ -271,7 +269,6 @@ typedef struct
|
||||||
wchar_t szLibraryName[MAX_PATH];
|
wchar_t szLibraryName[MAX_PATH];
|
||||||
} LIBRARY_ITEM_DATAW, *PLIBRARY_ITEM_DATAW;
|
} LIBRARY_ITEM_DATAW, *PLIBRARY_ITEM_DATAW;
|
||||||
|
|
||||||
#define MAX_LIBRARY_BPX 64
|
|
||||||
#define UE_ON_LIB_LOAD 1
|
#define UE_ON_LIB_LOAD 1
|
||||||
#define UE_ON_LIB_UNLOAD 2
|
#define UE_ON_LIB_UNLOAD 2
|
||||||
#define UE_ON_LIB_ALL 3
|
#define UE_ON_LIB_ALL 3
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue