mirror of https://github.com/x64dbg/TitanEngine
cleanup TE remnants obsoleted by scylla integration
This commit is contained in:
cypherpunk
parent
cf3b7d49cd
commit
419f9a3c4b
|
|
@ -740,18 +740,11 @@ __declspec(dllexport) void TITCALL FindOEPInit();
|
|||
__declspec(dllexport) bool TITCALL FindOEPGenerically(char* szFileName, LPVOID TraceInitCallBack, LPVOID CallBack);
|
||||
__declspec(dllexport) bool TITCALL FindOEPGenericallyW(wchar_t* szFileName, LPVOID TraceInitCallBack, LPVOID CallBack);
|
||||
// TitanEngine.Importer.functions:
|
||||
__declspec(dllexport) void TITCALL ImporterCleanup();
|
||||
__declspec(dllexport) void TITCALL ImporterSetImageBase(ULONG_PTR ImageBase);
|
||||
__declspec(dllexport) void TITCALL ImporterSetUnknownDelta(ULONG_PTR DeltaAddress);
|
||||
__declspec(dllexport) long long TITCALL ImporterGetCurrentDelta();
|
||||
__declspec(dllexport) void TITCALL ImporterInit(DWORD MemorySize, ULONG_PTR ImageBase);
|
||||
__declspec(dllexport) void TITCALL ImporterAddNewDll(char* szDLLName, ULONG_PTR FirstThunk);
|
||||
__declspec(dllexport) void TITCALL ImporterAddNewAPI(char* szAPIName, ULONG_PTR ThunkValue);
|
||||
__declspec(dllexport) void TITCALL ImporterAddNewOrdinalAPI(ULONG_PTR OrdinalNumber, ULONG_PTR ThunkValue);
|
||||
__declspec(dllexport) long TITCALL ImporterGetAddedDllCount();
|
||||
__declspec(dllexport) long TITCALL ImporterGetAddedAPICount();
|
||||
__declspec(dllexport) void* TITCALL ImporterGetLastAddedDLLName();
|
||||
__declspec(dllexport) void TITCALL ImporterMoveIAT();
|
||||
__declspec(dllexport) bool TITCALL ImporterExportIAT(ULONG_PTR StorePlace, ULONG_PTR FileMapVA, HANDLE hFileMap);
|
||||
__declspec(dllexport) long TITCALL ImporterEstimatedSize();
|
||||
__declspec(dllexport) bool TITCALL ImporterExportIATEx(char* szDumpFileName, char* szExportFileName, char* szSectionName);
|
||||
|
|
@ -774,7 +767,6 @@ __declspec(dllexport) long TITCALL ImporterGetDLLIndexEx(ULONG_PTR APIAddress, U
|
|||
__declspec(dllexport) long TITCALL ImporterGetDLLIndex(HANDLE hProcess, ULONG_PTR APIAddress, ULONG_PTR DLLBasesList);
|
||||
__declspec(dllexport) long long TITCALL ImporterGetRemoteDLLBase(HANDLE hProcess, HMODULE LocalModuleBase);
|
||||
__declspec(dllexport) long long TITCALL ImporterGetRemoteDLLBaseEx(HANDLE hProcess, char* szModuleName);
|
||||
__declspec(dllexport) bool TITCALL ImporterRelocateWriteLocation(ULONG_PTR AddValue);
|
||||
__declspec(dllexport) bool TITCALL ImporterIsForwardedAPI(HANDLE hProcess, ULONG_PTR APIAddress);
|
||||
__declspec(dllexport) void* TITCALL ImporterGetForwardedAPIName(HANDLE hProcess, ULONG_PTR APIAddress);
|
||||
__declspec(dllexport) void* TITCALL ImporterGetForwardedDLLName(HANDLE hProcess, ULONG_PTR APIAddress);
|
||||
|
|
|
|||
|
|
@ -739,18 +739,11 @@ __declspec(dllimport) void TITCALL FindOEPInit();
|
|||
__declspec(dllimport) bool TITCALL FindOEPGenerically(char* szFileName, LPVOID TraceInitCallBack, LPVOID CallBack);
|
||||
__declspec(dllimport) bool TITCALL FindOEPGenericallyW(wchar_t* szFileName, LPVOID TraceInitCallBack, LPVOID CallBack);
|
||||
// TitanEngine.Importer.functions:
|
||||
__declspec(dllimport) void TITCALL ImporterCleanup();
|
||||
__declspec(dllimport) void TITCALL ImporterSetImageBase(ULONG_PTR ImageBase);
|
||||
__declspec(dllimport) void TITCALL ImporterSetUnknownDelta(ULONG_PTR DeltaAddress);
|
||||
__declspec(dllimport) long long TITCALL ImporterGetCurrentDelta();
|
||||
__declspec(dllimport) void TITCALL ImporterInit(DWORD MemorySize, ULONG_PTR ImageBase);
|
||||
__declspec(dllimport) void TITCALL ImporterAddNewDll(char* szDLLName, ULONG_PTR FirstThunk);
|
||||
__declspec(dllimport) void TITCALL ImporterAddNewAPI(char* szAPIName, ULONG_PTR ThunkValue);
|
||||
__declspec(dllimport) void TITCALL ImporterAddNewOrdinalAPI(ULONG_PTR OrdinalNumber, ULONG_PTR ThunkValue);
|
||||
__declspec(dllimport) long TITCALL ImporterGetAddedDllCount();
|
||||
__declspec(dllimport) long TITCALL ImporterGetAddedAPICount();
|
||||
__declspec(dllimport) void* TITCALL ImporterGetLastAddedDLLName();
|
||||
__declspec(dllimport) void TITCALL ImporterMoveIAT();
|
||||
__declspec(dllimport) bool TITCALL ImporterExportIAT(ULONG_PTR StorePlace, ULONG_PTR FileMapVA, HANDLE hFileMap);
|
||||
__declspec(dllimport) long TITCALL ImporterEstimatedSize();
|
||||
__declspec(dllimport) bool TITCALL ImporterExportIATEx(char* szDumpFileName, char* szExportFileName, char* szSectionName);
|
||||
|
|
@ -772,7 +765,6 @@ __declspec(dllimport) long long TITCALL ImporterGetAPIOrdinalNumberFromDebugee(H
|
|||
__declspec(dllimport) long TITCALL ImporterGetDLLIndexEx(ULONG_PTR APIAddress, ULONG_PTR DLLBasesList);
|
||||
__declspec(dllimport) long TITCALL ImporterGetDLLIndex(HANDLE hProcess, ULONG_PTR APIAddress, ULONG_PTR DLLBasesList);
|
||||
__declspec(dllimport) long long TITCALL ImporterGetRemoteDLLBase(HANDLE hProcess, HMODULE LocalModuleBase);
|
||||
__declspec(dllimport) bool TITCALL ImporterRelocateWriteLocation(ULONG_PTR AddValue);
|
||||
__declspec(dllimport) bool TITCALL ImporterIsForwardedAPI(HANDLE hProcess, ULONG_PTR APIAddress);
|
||||
__declspec(dllimport) void* TITCALL ImporterGetForwardedAPIName(HANDLE hProcess, ULONG_PTR APIAddress);
|
||||
__declspec(dllimport) void* TITCALL ImporterGetForwardedDLLName(HANDLE hProcess, ULONG_PTR APIAddress);
|
||||
|
|
|
|||
|
|
@ -1647,26 +1647,6 @@ protected:
|
|||
typedef void (TITCALL *fImportEnumCallBack)(void* ptrImportEnumData);
|
||||
typedef void* (TITCALL *fImportFixCallback)(void* fIATPointer);
|
||||
|
||||
static void Cleanup()
|
||||
{
|
||||
UE::ImporterCleanup();
|
||||
}
|
||||
static void SetImageBase(ULONG_PTR ImageBase)
|
||||
{
|
||||
UE::ImporterSetImageBase(ImageBase);
|
||||
}
|
||||
static void SetUnknownDelta(ULONG_PTR DeltaAddress)
|
||||
{
|
||||
UE::ImporterSetUnknownDelta(DeltaAddress);
|
||||
}
|
||||
static long long GetCurrentDelta()
|
||||
{
|
||||
return UE::ImporterGetCurrentDelta();
|
||||
}
|
||||
static void Init(DWORD MemorySize, ULONG_PTR ImageBase)
|
||||
{
|
||||
UE::ImporterInit(MemorySize, ImageBase);
|
||||
}
|
||||
static void AddNewDll(const char* szDLLName, ULONG_PTR FirstThunk)
|
||||
{
|
||||
UE::ImporterAddNewDll((char*)szDLLName, FirstThunk);
|
||||
|
|
@ -1687,14 +1667,6 @@ protected:
|
|||
{
|
||||
return UE::ImporterGetAddedAPICount();
|
||||
}
|
||||
static const char* GetLastAddedDLLName()
|
||||
{
|
||||
return (const char*)UE::ImporterGetLastAddedDLLName();
|
||||
}
|
||||
static void MoveIAT()
|
||||
{
|
||||
UE::ImporterMoveIAT();
|
||||
}
|
||||
static bool ExportIAT(ULONG_PTR StorePlace, ULONG_PTR FileMapVA, HANDLE hFileMap)
|
||||
{
|
||||
return UE::ImporterExportIAT(StorePlace, FileMapVA, hFileMap);
|
||||
|
|
@ -1771,10 +1743,6 @@ protected:
|
|||
{
|
||||
return UE::ImporterGetRemoteDLLBase(hProcess, LocalModuleBase);
|
||||
}
|
||||
static bool RelocateWriteLocation(ULONG_PTR AddValue)
|
||||
{
|
||||
return UE::ImporterRelocateWriteLocation(AddValue);
|
||||
}
|
||||
static bool IsForwardedAPI(HANDLE hProcess, ULONG_PTR APIAddress)
|
||||
{
|
||||
return UE::ImporterIsForwardedAPI(hProcess, APIAddress);
|
||||
|
|
@ -1892,18 +1860,11 @@ public:
|
|||
using ImporterX::fImportEnumCallBack;
|
||||
using ImporterX::fImportFixCallback;
|
||||
|
||||
using ImporterX::Cleanup;
|
||||
using ImporterX::SetImageBase;
|
||||
using ImporterX::SetUnknownDelta;
|
||||
using ImporterX::GetCurrentDelta;
|
||||
using ImporterX::Init;
|
||||
using ImporterX::AddNewDll;
|
||||
using ImporterX::AddNewAPI;
|
||||
using ImporterX::AddNewOrdinalAPI;
|
||||
using ImporterX::GetAddedDllCount;
|
||||
using ImporterX::GetAddedAPICount;
|
||||
using ImporterX::GetLastAddedDLLName;
|
||||
using ImporterX::MoveIAT;
|
||||
using ImporterX::ExportIAT;
|
||||
using ImporterX::EstimatedSize;
|
||||
using ImporterA::ExportIATEx;
|
||||
|
|
@ -1925,7 +1886,6 @@ public:
|
|||
using ImporterX::GetDLLIndexEx;
|
||||
using ImporterX::GetDLLIndex;
|
||||
using ImporterX::GetRemoteDLLBase;
|
||||
using ImporterX::RelocateWriteLocation;
|
||||
using ImporterX::IsForwardedAPI;
|
||||
using ImporterX::GetForwardedAPIName;
|
||||
using ImporterX::GetForwardedDLLName;
|
||||
|
|
|
|||
|
|
@ -52,15 +52,6 @@ DWORD ProcessExitCode = 0;
|
|||
LPVOID hListProcess = 0;
|
||||
LPVOID hListThread = 0;
|
||||
LPVOID hListLibrary = 0;
|
||||
ULONG_PTR impDeltaStart = NULL;
|
||||
ULONG_PTR impDeltaCurrent = NULL;
|
||||
ULONG_PTR impImageBase = 0;
|
||||
DWORD impAllocSize = 20 * 1024;
|
||||
DWORD impDLLNumber = 0;
|
||||
bool impMoveIAT = false;
|
||||
ULONG_PTR impDLLDataList[1000][2];
|
||||
ULONG_PTR impDLLStringList[1000][2];
|
||||
ULONG_PTR impOrdinalList[1000][2];
|
||||
LPVOID expTableData = NULL;
|
||||
LPVOID expTableDataCWP = NULL;
|
||||
ULONG_PTR expImageBase = 0;
|
||||
|
|
@ -18496,69 +18487,6 @@ __declspec(dllexport) bool TITCALL FindOEPGenericallyW(wchar_t* szFileName, LPVO
|
|||
return(false);
|
||||
}
|
||||
// TitanEngine.Importer.functions:
|
||||
__declspec(dllexport) void TITCALL ImporterCleanup()
|
||||
{
|
||||
//TODO scylla obsoleted this
|
||||
return;
|
||||
/*
|
||||
int i = 0;
|
||||
|
||||
for(i = 0; i < 1000; i++)
|
||||
{
|
||||
if(impDLLDataList[i][0] != NULL)
|
||||
{
|
||||
VirtualFree((LPVOID)(impDLLDataList[i][0]), NULL, MEM_RELEASE);
|
||||
impDLLDataList[i][0] = 0;
|
||||
impDLLDataList[i][1] = 0;
|
||||
}
|
||||
if(impDLLStringList[i][0] != NULL)
|
||||
{
|
||||
VirtualFree((LPVOID)(impDLLStringList[i][0]), NULL, MEM_RELEASE);
|
||||
impDLLStringList[i][0] = 0;
|
||||
impDLLStringList[i][1] = 0;
|
||||
}
|
||||
impOrdinalList[i][0] = 0;
|
||||
impOrdinalList[i][1] = 0;
|
||||
}
|
||||
*/
|
||||
}
|
||||
__declspec(dllexport) void TITCALL ImporterSetImageBase(ULONG_PTR ImageBase)
|
||||
{
|
||||
// scylla obsoleted this
|
||||
impImageBase = ImageBase;
|
||||
}
|
||||
__declspec(dllexport) void TITCALL ImporterSetUnknownDelta(ULONG_PTR DeltaAddress)
|
||||
{
|
||||
//scylla obsoleted this
|
||||
impDeltaStart = DeltaAddress;
|
||||
impDeltaCurrent = DeltaAddress;
|
||||
}
|
||||
__declspec(dllexport) long long TITCALL ImporterGetCurrentDelta()
|
||||
{
|
||||
//scylla obsoleted this
|
||||
return((ULONG_PTR)impDeltaCurrent);
|
||||
}
|
||||
__declspec(dllexport) void TITCALL ImporterInit(DWORD MemorySize, ULONG_PTR ImageBase)
|
||||
{
|
||||
//TODO scylla obsoleted this
|
||||
return;
|
||||
/*
|
||||
impImageBase = ImageBase;
|
||||
if(MemorySize != NULL)
|
||||
{
|
||||
impAllocSize = MemorySize;
|
||||
}
|
||||
else
|
||||
{
|
||||
impAllocSize = 20 * 1024;
|
||||
}
|
||||
ImporterCleanup();
|
||||
impMoveIAT = false;
|
||||
impDLLNumber = 0xFFFFFFFF;
|
||||
impDeltaStart = NULL;
|
||||
impDeltaCurrent = NULL;
|
||||
*/
|
||||
}
|
||||
__declspec(dllexport) void TITCALL ImporterAddNewDll(char* szDLLName, ULONG_PTR FirstThunk)
|
||||
{
|
||||
wchar_t uniDLLName[MAX_PATH] = {};
|
||||
|
|
@ -18596,24 +18524,6 @@ __declspec(dllexport) long TITCALL ImporterGetAddedAPICount()
|
|||
{
|
||||
return scylla_getImportCount();
|
||||
}
|
||||
__declspec(dllexport) void* TITCALL ImporterGetLastAddedDLLName()
|
||||
{
|
||||
//TODO scylla enable
|
||||
return NULL;
|
||||
/*
|
||||
if(impDLLNumber != 0xFFFFFFFF && impDLLNumber < 1000)
|
||||
{
|
||||
return((void*)impDLLStringList[impDLLNumber][0]);
|
||||
}
|
||||
else
|
||||
{
|
||||
return(NULL);
|
||||
}*/
|
||||
}
|
||||
__declspec(dllexport) void TITCALL ImporterMoveIAT()
|
||||
{
|
||||
impMoveIAT = true;
|
||||
}
|
||||
__declspec(dllexport) bool TITCALL ImporterExportIAT(ULONG_PTR StorePlace, ULONG_PTR FileMapVA, HANDLE hFileMap)
|
||||
{
|
||||
if(scylla_fixMappedDump(StorePlace, FileMapVA, hFileMap) != SCY_ERROR_SUCCESS)
|
||||
|
|
@ -18836,40 +18746,6 @@ __declspec(dllexport) long long TITCALL ImporterGetRemoteDLLBaseEx(HANDLE hProce
|
|||
}
|
||||
return(NULL);
|
||||
}
|
||||
__declspec(dllexport) bool TITCALL ImporterRelocateWriteLocation(ULONG_PTR AddValue)
|
||||
{
|
||||
//TODO scylla obsoleted this
|
||||
/*
|
||||
unsigned int i;
|
||||
ULONG_PTR RealignData = NULL;
|
||||
|
||||
if(impDLLNumber >= NULL)
|
||||
{
|
||||
for(i = 0; i < impDLLNumber + 1; i++)
|
||||
{
|
||||
RtlMoveMemory(&RealignData, (LPVOID)impDLLDataList[i][0], sizeof ULONG_PTR);
|
||||
RealignData = RealignData + AddValue;
|
||||
RtlMoveMemory((LPVOID)impDLLDataList[i][0], &RealignData, sizeof ULONG_PTR);
|
||||
RtlMoveMemory(&RealignData, (LPVOID)((ULONG_PTR)impDLLDataList[i][0] + sizeof ULONG_PTR), sizeof ULONG_PTR);
|
||||
RealignData = RealignData + AddValue;
|
||||
RtlMoveMemory((LPVOID)((ULONG_PTR)impDLLDataList[i][0] + sizeof ULONG_PTR), &RealignData, sizeof ULONG_PTR);
|
||||
}
|
||||
for(i = 0; i < 1000; i++)
|
||||
{
|
||||
if(impOrdinalList[i][0] != NULL && impOrdinalList[i][1] != NULL)
|
||||
{
|
||||
impOrdinalList[i][0] = impOrdinalList[i][0] + AddValue;
|
||||
}
|
||||
}
|
||||
return(true);
|
||||
}
|
||||
else
|
||||
{
|
||||
return(false);
|
||||
}
|
||||
*/
|
||||
return(false);
|
||||
}
|
||||
__declspec(dllexport) bool TITCALL ImporterIsForwardedAPI(HANDLE hProcess, ULONG_PTR APIAddress)
|
||||
{
|
||||
if((ULONG_PTR)EngineGlobalAPIHandler(hProcess, NULL, APIAddress, NULL, UE_OPTION_IMPORTER_RETURN_FORWARDER_DLLINDEX) > NULL)
|
||||
|
|
@ -26407,6 +26283,7 @@ void EngineSimplifyLoadLibraryCallBack()
|
|||
if(!EngineUnpackerFileImporterInit)
|
||||
{
|
||||
EngineUnpackerFileImporterInit = true;
|
||||
/* broken since scylla integration but we dont care
|
||||
if(EngineUnpackerFileStatus.FileIsDLL)
|
||||
{
|
||||
ImporterInit(50 * 1024, (ULONG_PTR)GetDebuggedDLLBaseAddress());
|
||||
|
|
@ -26414,7 +26291,7 @@ void EngineSimplifyLoadLibraryCallBack()
|
|||
else
|
||||
{
|
||||
ImporterInit(50 * 1024, (ULONG_PTR)GetDebuggedFileBaseAddress());
|
||||
}
|
||||
}*/
|
||||
}
|
||||
for(int i = 0; i < (int)EngineUnpackerBreakInfo.size(); i++)
|
||||
{
|
||||
|
|
@ -26689,7 +26566,8 @@ void EngineSimplifyEntryPointCallBack()
|
|||
__except(EXCEPTION_EXECUTE_HANDLER)
|
||||
{
|
||||
ForceClose();
|
||||
ImporterCleanup();
|
||||
//broken since scylla integration but we dont care
|
||||
//ImporterCleanup();
|
||||
if(FileMapVA > NULL)
|
||||
{
|
||||
StaticFileUnloadW(szEngineUnpackerOutputFile, false, FileHandle, FileSize, FileMap, FileMapVA);
|
||||
|
|
|
|||
|
|
@ -158,7 +158,6 @@ AutoDebugEx
|
|||
AutoDebugExW
|
||||
IsFileBeingDebugged
|
||||
SetErrorModel
|
||||
ImporterInit
|
||||
ImporterAddNewDll
|
||||
ImporterAddNewAPI
|
||||
ImporterAddNewOrdinalAPI
|
||||
|
|
@ -166,14 +165,8 @@ ImporterExportIAT
|
|||
ImporterExportIATEx
|
||||
ImporterExportIATExW
|
||||
ImporterEstimatedSize
|
||||
ImporterSetImageBase
|
||||
ImporterSetUnknownDelta
|
||||
ImporterGetCurrentDelta
|
||||
ImporterCleanup
|
||||
ImporterGetAddedDllCount
|
||||
ImporterGetAddedAPICount
|
||||
ImporterGetLastAddedDLLName
|
||||
ImporterMoveIAT
|
||||
ImporterFindAPIWriteLocation
|
||||
ImporterFindOrdinalAPIWriteLocation
|
||||
ImporterFindAPIByWriteLocation
|
||||
|
|
@ -192,7 +185,6 @@ ImporterGetDLLIndexEx
|
|||
ImporterGetDLLIndex
|
||||
ImporterGetRemoteDLLBase
|
||||
ImporterGetRemoteDLLBaseEx
|
||||
ImporterRelocateWriteLocation
|
||||
ImporterIsForwardedAPI
|
||||
ImporterAutoSearchIAT
|
||||
ImporterAutoSearchIATW
|
||||
|
|
@ -215,6 +207,7 @@ ImporterLoadImportTableW
|
|||
ImporterMoveOriginalIAT
|
||||
ImporterMoveOriginalIATW
|
||||
ImporterEnumAddedData
|
||||
ImporterDeleteAPI
|
||||
HooksSafeTransition
|
||||
HooksSafeTransitionEx
|
||||
HooksIsAddressRedirected
|
||||
|
|
|
|||
|
|
@ -239,18 +239,11 @@ __declspec(dllexport) void TITCALL FindOEPInit();
|
|||
__declspec(dllexport) bool TITCALL FindOEPGenerically(char* szFileName, LPVOID TraceInitCallBack, LPVOID CallBack);
|
||||
__declspec(dllexport) bool TITCALL FindOEPGenericallyW(wchar_t* szFileName, LPVOID TraceInitCallBack, LPVOID CallBack);
|
||||
// TitanEngine.Importer.functions:
|
||||
__declspec(dllexport) void TITCALL ImporterCleanup();
|
||||
__declspec(dllexport) void TITCALL ImporterSetImageBase(ULONG_PTR ImageBase);
|
||||
__declspec(dllexport) void TITCALL ImporterSetUnknownDelta(ULONG_PTR DeltaAddress);
|
||||
__declspec(dllexport) long long TITCALL ImporterGetCurrentDelta();
|
||||
__declspec(dllexport) void TITCALL ImporterInit(DWORD MemorySize, ULONG_PTR ImageBase);
|
||||
__declspec(dllexport) void TITCALL ImporterAddNewDll(char* szDLLName, ULONG_PTR FirstThunk);
|
||||
__declspec(dllexport) void TITCALL ImporterAddNewAPI(char* szAPIName, ULONG_PTR ThunkValue);
|
||||
__declspec(dllexport) void TITCALL ImporterAddNewOrdinalAPI(ULONG_PTR OrdinalNumber, ULONG_PTR ThunkValue);
|
||||
__declspec(dllexport) long TITCALL ImporterGetAddedDllCount();
|
||||
__declspec(dllexport) long TITCALL ImporterGetAddedAPICount();
|
||||
__declspec(dllexport) void* TITCALL ImporterGetLastAddedDLLName();
|
||||
__declspec(dllexport) void TITCALL ImporterMoveIAT();
|
||||
__declspec(dllexport) bool TITCALL ImporterExportIAT(ULONG_PTR StorePlace, ULONG_PTR FileMapVA, HANDLE hFileMap);
|
||||
__declspec(dllexport) long TITCALL ImporterEstimatedSize();
|
||||
__declspec(dllexport) bool TITCALL ImporterExportIATEx(char* szDumpFileName, char* szExportFileName, char* szSectionName);
|
||||
|
|
@ -273,7 +266,6 @@ __declspec(dllexport) long TITCALL ImporterGetDLLIndexEx(ULONG_PTR APIAddress, U
|
|||
__declspec(dllexport) long TITCALL ImporterGetDLLIndex(HANDLE hProcess, ULONG_PTR APIAddress, ULONG_PTR DLLBasesList);
|
||||
__declspec(dllexport) long long TITCALL ImporterGetRemoteDLLBase(HANDLE hProcess, HMODULE LocalModuleBase);
|
||||
__declspec(dllexport) long long TITCALL ImporterGetRemoteDLLBaseEx(HANDLE hProcess, char* szModuleName);
|
||||
__declspec(dllexport) bool TITCALL ImporterRelocateWriteLocation(ULONG_PTR AddValue);
|
||||
__declspec(dllexport) bool TITCALL ImporterIsForwardedAPI(HANDLE hProcess, ULONG_PTR APIAddress);
|
||||
__declspec(dllexport) void* TITCALL ImporterGetForwardedAPIName(HANDLE hProcess, ULONG_PTR APIAddress);
|
||||
__declspec(dllexport) void* TITCALL ImporterGetForwardedDLLName(HANDLE hProcess, ULONG_PTR APIAddress);
|
||||
|
|
|
|||
|
|
@ -1,21 +1,30 @@
|
|||
scylla-integration TODO
|
||||
obsolete/removed vars:
|
||||
|
||||
impDLLNumber
|
||||
impDeltaStart
|
||||
impDeltaCurrent
|
||||
impImageBase
|
||||
impAllocSize
|
||||
impDLLNumber
|
||||
impMoveIAT
|
||||
impDLLDataList
|
||||
impDLLStringList
|
||||
impOrdinalList
|
||||
|
||||
|
||||
obsolete functions:
|
||||
obsolete/removed functions:
|
||||
|
||||
Init
|
||||
SetImageBase
|
||||
Cleanup
|
||||
MoveIAT
|
||||
RelocateWriteLocation //only used for MoveIAT
|
||||
SetUnknownDelta //only used for MoveIAT
|
||||
GetCurrentDelta //only used for MoveIAT
|
||||
GetDLLIndexEx // no benefit in my eyes. can be done by enumAddedData
|
||||
GetDLLIndex
|
||||
__declspec(dllexport) void TITCALL ImporterCleanup()
|
||||
__declspec(dllexport) void TITCALL ImporterSetImageBase(ULONG_PTR ImageBase)
|
||||
__declspec(dllexport) void TITCALL ImporterSetUnknownDelta(ULONG_PTR DeltaAddress)
|
||||
__declspec(dllexport) long long TITCALL ImporterGetCurrentDelta()
|
||||
__declspec(dllexport) void TITCALL ImporterInit(DWORD MemorySize, ULONG_PTR ImageBase
|
||||
__declspec(dllexport) bool TITCALL ImporterRelocateWriteLocation(ULONG_PTR AddValue)
|
||||
__declspec(dllexport) void TITCALL ImporterMoveIAT()
|
||||
__declspec(dllexport) void TITCALL getLastAddedDLLName()
|
||||
|
||||
defunct until scylla-enabled:
|
||||
|
||||
GetLastAddedDLLName -> no scylla export needed, just rewrite
|
||||
* LoadImportTable
|
||||
* MoveOriginalIAT
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue