mirror of https://github.com/x64dbg/TitanEngine
- changed calling convention
- added lib2a.bat (for MingW static library file)
This commit is contained in:
parent
818ac8a7b1
commit
425107b86e
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
|
|
@ -0,0 +1,5 @@
|
|||
@echo off
|
||||
set PATH=c:\MinGW64\bin
|
||||
gendef TitanEngine.dll
|
||||
dlltool --as-flags=--32 -m i386 -k --output-lib TitanEngine_x86.a --input-def TitanEngine.def
|
||||
del TitanEngine.def
|
||||
File diff suppressed because it is too large
Load Diff
|
|
@ -58,6 +58,7 @@
|
|||
<Unit filename="TitanEngine.rc">
|
||||
<Option compilerVar="WINDRES" />
|
||||
</Unit>
|
||||
<Unit filename="definitions.h" />
|
||||
<Unit filename="dllmain.cpp" />
|
||||
<Unit filename="resource.h" />
|
||||
<Unit filename="stdafx.cpp" />
|
||||
|
|
|
|||
File diff suppressed because it is too large
Load Diff
|
|
@ -188,6 +188,7 @@
|
|||
<PrecompiledHeader>Use</PrecompiledHeader>
|
||||
<WarningLevel>Level3</WarningLevel>
|
||||
<DebugInformationFormat>ProgramDatabase</DebugInformationFormat>
|
||||
<WholeProgramOptimization>true</WholeProgramOptimization>
|
||||
</ClCompile>
|
||||
<Link>
|
||||
<AdditionalDependencies>$(ProjectDir)distorm_x64.lib;Imagehlp.lib;psapi.lib;%(AdditionalDependencies)</AdditionalDependencies>
|
||||
|
|
@ -201,6 +202,8 @@
|
|||
<SetChecksum>true</SetChecksum>
|
||||
<FixedBaseAddress>false</FixedBaseAddress>
|
||||
<TargetMachine>MachineX64</TargetMachine>
|
||||
<IgnoreSpecificDefaultLibraries>
|
||||
</IgnoreSpecificDefaultLibraries>
|
||||
</Link>
|
||||
</ItemDefinitionGroup>
|
||||
<ItemGroup>
|
||||
|
|
@ -228,6 +231,7 @@
|
|||
<ClCompile Include="LzmaDec.cpp" />
|
||||
</ItemGroup>
|
||||
<ItemGroup>
|
||||
<ClInclude Include="definitions.h" />
|
||||
<ClInclude Include="resource.h" />
|
||||
<ClInclude Include="stdafx.h" />
|
||||
<ClInclude Include="targetver.h" />
|
||||
|
|
|
|||
|
|
@ -47,6 +47,9 @@
|
|||
<ClInclude Include="targetver.h">
|
||||
<Filter>Header Files</Filter>
|
||||
</ClInclude>
|
||||
<ClInclude Include="definitions.h">
|
||||
<Filter>Header Files</Filter>
|
||||
</ClInclude>
|
||||
</ItemGroup>
|
||||
<ItemGroup>
|
||||
<ResourceCompile Include="TitanEngine.rc">
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
// Global.Function.Declaration:
|
||||
void BreakPointManager();
|
||||
void __stdcall GenericOEPTraceHited();
|
||||
void GenericOEPTraceHited();
|
||||
|
||||
// Global.Garbage.functions:
|
||||
bool CreateGarbageItem(void* outGargabeItem, int MaxGargabeStringSize);
|
||||
|
|
@ -9,440 +9,440 @@ bool FillGarbageItem(wchar_t* szGarbageItem, wchar_t* szFileName, void* outGarga
|
|||
void EmptyGarbage();
|
||||
|
||||
#if !defined (_WIN64)
|
||||
#ifdef __cplusplus
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif /*__cplusplus*/
|
||||
#endif /*__cplusplus*/
|
||||
#endif
|
||||
|
||||
// TitanEngine.Dumper.functions:
|
||||
__declspec(dllexport) bool __stdcall DumpProcess(HANDLE hProcess, LPVOID ImageBase, char* szDumpFileName, ULONG_PTR EntryPoint);
|
||||
__declspec(dllexport) bool __stdcall DumpProcessW(HANDLE hProcess, LPVOID ImageBase, wchar_t* szDumpFileName, ULONG_PTR EntryPoint);
|
||||
__declspec(dllexport) bool __stdcall DumpProcessEx(DWORD ProcessId, LPVOID ImageBase, char* szDumpFileName, ULONG_PTR EntryPoint);
|
||||
__declspec(dllexport) bool __stdcall DumpProcessExW(DWORD ProcessId, LPVOID ImageBase, wchar_t* szDumpFileName, ULONG_PTR EntryPoint);
|
||||
__declspec(dllexport) bool __stdcall DumpMemory(HANDLE hProcess, LPVOID MemoryStart, ULONG_PTR MemorySize, char* szDumpFileName);
|
||||
__declspec(dllexport) bool __stdcall DumpMemoryW(HANDLE hProcess, LPVOID MemoryStart, ULONG_PTR MemorySize, wchar_t* szDumpFileName);
|
||||
__declspec(dllexport) bool __stdcall DumpMemoryEx(DWORD ProcessId, LPVOID MemoryStart, ULONG_PTR MemorySize, char* szDumpFileName);
|
||||
__declspec(dllexport) bool __stdcall DumpMemoryExW(DWORD ProcessId, LPVOID MemoryStart, ULONG_PTR MemorySize, wchar_t* szDumpFileName);
|
||||
__declspec(dllexport) bool __stdcall DumpRegions(HANDLE hProcess, char* szDumpFolder, bool DumpAboveImageBaseOnly);
|
||||
__declspec(dllexport) bool __stdcall DumpRegionsW(HANDLE hProcess, wchar_t* szDumpFolder, bool DumpAboveImageBaseOnly);
|
||||
__declspec(dllexport) bool __stdcall DumpRegionsEx(DWORD ProcessId, char* szDumpFolder, bool DumpAboveImageBaseOnly);
|
||||
__declspec(dllexport) bool __stdcall DumpRegionsExW(DWORD ProcessId, wchar_t* szDumpFolder, bool DumpAboveImageBaseOnly);
|
||||
__declspec(dllexport) bool __stdcall DumpModule(HANDLE hProcess, LPVOID ModuleBase, char* szDumpFileName);
|
||||
__declspec(dllexport) bool __stdcall DumpModuleW(HANDLE hProcess, LPVOID ModuleBase, wchar_t* szDumpFileName);
|
||||
__declspec(dllexport) bool __stdcall DumpModuleEx(DWORD ProcessId, LPVOID ModuleBase, char* szDumpFileName);
|
||||
__declspec(dllexport) bool __stdcall DumpModuleExW(DWORD ProcessId, LPVOID ModuleBase, wchar_t* szDumpFileName);
|
||||
__declspec(dllexport) bool __stdcall PastePEHeader(HANDLE hProcess, LPVOID ImageBase, char* szDebuggedFileName);
|
||||
__declspec(dllexport) bool __stdcall PastePEHeaderW(HANDLE hProcess, LPVOID ImageBase, wchar_t* szDebuggedFileName);
|
||||
__declspec(dllexport) bool __stdcall ExtractSection(char* szFileName, char* szDumpFileName, DWORD SectionNumber);
|
||||
__declspec(dllexport) bool __stdcall ExtractSectionW(wchar_t* szFileName, wchar_t* szDumpFileName, DWORD SectionNumber);
|
||||
__declspec(dllexport) bool __stdcall ResortFileSections(char* szFileName);
|
||||
__declspec(dllexport) bool __stdcall ResortFileSectionsW(wchar_t* szFileName);
|
||||
__declspec(dllexport) bool __stdcall FindOverlay(char* szFileName, LPDWORD OverlayStart, LPDWORD OverlaySize);
|
||||
__declspec(dllexport) bool __stdcall FindOverlayW(wchar_t* szFileName, LPDWORD OverlayStart, LPDWORD OverlaySize);
|
||||
__declspec(dllexport) bool __stdcall ExtractOverlay(char* szFileName, char* szExtactedFileName);
|
||||
__declspec(dllexport) bool __stdcall ExtractOverlayW(wchar_t* szFileName, wchar_t* szExtactedFileName);
|
||||
__declspec(dllexport) bool __stdcall AddOverlay(char* szFileName, char* szOverlayFileName);
|
||||
__declspec(dllexport) bool __stdcall AddOverlayW(wchar_t* szFileName, wchar_t* szOverlayFileName);
|
||||
__declspec(dllexport) bool __stdcall CopyOverlay(char* szInFileName, char* szOutFileName);
|
||||
__declspec(dllexport) bool __stdcall CopyOverlayW(wchar_t* szInFileName, wchar_t* szOutFileName);
|
||||
__declspec(dllexport) bool __stdcall RemoveOverlay(char* szFileName);
|
||||
__declspec(dllexport) bool __stdcall RemoveOverlayW(wchar_t* szFileName);
|
||||
__declspec(dllexport) bool __stdcall MakeAllSectionsRWE(char* szFileName);
|
||||
__declspec(dllexport) bool __stdcall MakeAllSectionsRWEW(wchar_t* szFileName);
|
||||
__declspec(dllexport) long __stdcall AddNewSectionEx(char* szFileName, char* szSectionName, DWORD SectionSize, DWORD SectionAttributes, LPVOID SectionContent, DWORD ContentSize);
|
||||
__declspec(dllexport) long __stdcall AddNewSectionExW(wchar_t* szFileName, char* szSectionName, DWORD SectionSize, DWORD SectionAttributes, LPVOID SectionContent, DWORD ContentSize);
|
||||
__declspec(dllexport) long __stdcall AddNewSection(char* szFileName, char* szSectionName, DWORD SectionSize);
|
||||
__declspec(dllexport) long __stdcall AddNewSectionW(wchar_t* szFileName, char* szSectionName, DWORD SectionSize);
|
||||
__declspec(dllexport) bool __stdcall ResizeLastSection(char* szFileName, DWORD NumberOfExpandBytes, bool AlignResizeData);
|
||||
__declspec(dllexport) bool __stdcall ResizeLastSectionW(wchar_t* szFileName, DWORD NumberOfExpandBytes, bool AlignResizeData);
|
||||
__declspec(dllexport) void __stdcall SetSharedOverlay(char* szFileName);
|
||||
__declspec(dllexport) void __stdcall SetSharedOverlayW(wchar_t* szFileName);
|
||||
__declspec(dllexport) char* __stdcall GetSharedOverlay();
|
||||
__declspec(dllexport) wchar_t* __stdcall GetSharedOverlayW();
|
||||
__declspec(dllexport) bool __stdcall DeleteLastSection(char* szFileName);
|
||||
__declspec(dllexport) bool __stdcall DeleteLastSectionW(wchar_t* szFileName);
|
||||
__declspec(dllexport) bool __stdcall DeleteLastSectionEx(char* szFileName, DWORD NumberOfSections);
|
||||
__declspec(dllexport) bool __stdcall DeleteLastSectionExW(wchar_t* szFileName, DWORD NumberOfSections);
|
||||
__declspec(dllexport) long long __stdcall GetPE32DataFromMappedFile(ULONG_PTR FileMapVA, DWORD WhichSection, DWORD WhichData);
|
||||
__declspec(dllexport) long long __stdcall GetPE32Data(char* szFileName, DWORD WhichSection, DWORD WhichData);
|
||||
__declspec(dllexport) long long __stdcall GetPE32DataW(wchar_t* szFileName, DWORD WhichSection, DWORD WhichData);
|
||||
__declspec(dllexport) bool __stdcall GetPE32DataFromMappedFileEx(ULONG_PTR FileMapVA, LPVOID DataStorage);
|
||||
__declspec(dllexport) bool __stdcall GetPE32DataEx(char* szFileName, LPVOID DataStorage);
|
||||
__declspec(dllexport) bool __stdcall GetPE32DataExW(wchar_t* szFileName, LPVOID DataStorage);
|
||||
__declspec(dllexport) bool __stdcall SetPE32DataForMappedFile(ULONG_PTR FileMapVA, DWORD WhichSection, DWORD WhichData, ULONG_PTR NewDataValue);
|
||||
__declspec(dllexport) bool __stdcall SetPE32Data(char* szFileName, DWORD WhichSection, DWORD WhichData, ULONG_PTR NewDataValue);
|
||||
__declspec(dllexport) bool __stdcall SetPE32DataW(wchar_t* szFileName, DWORD WhichSection, DWORD WhichData, ULONG_PTR NewDataValue);
|
||||
__declspec(dllexport) bool __stdcall SetPE32DataForMappedFileEx(ULONG_PTR FileMapVA, LPVOID DataStorage);
|
||||
__declspec(dllexport) bool __stdcall SetPE32DataEx(char* szFileName, LPVOID DataStorage);
|
||||
__declspec(dllexport) long __stdcall GetPE32SectionNumberFromVA(ULONG_PTR FileMapVA, ULONG_PTR AddressToConvert);
|
||||
__declspec(dllexport) long long __stdcall ConvertVAtoFileOffset(ULONG_PTR FileMapVA, ULONG_PTR AddressToConvert, bool ReturnType);
|
||||
__declspec(dllexport) long long __stdcall ConvertVAtoFileOffsetEx(ULONG_PTR FileMapVA, DWORD FileSize, ULONG_PTR ImageBase, ULONG_PTR AddressToConvert, bool AddressIsRVA, bool ReturnType);
|
||||
__declspec(dllexport) long long __stdcall ConvertFileOffsetToVA(ULONG_PTR FileMapVA, ULONG_PTR AddressToConvert, bool ReturnType);
|
||||
__declspec(dllexport) long long __stdcall ConvertFileOffsetToVAEx(ULONG_PTR FileMapVA, DWORD FileSize, ULONG_PTR ImageBase, ULONG_PTR AddressToConvert, bool ReturnType);
|
||||
__declspec(dllexport) bool DumpProcess(HANDLE hProcess, LPVOID ImageBase, char* szDumpFileName, ULONG_PTR EntryPoint);
|
||||
__declspec(dllexport) bool DumpProcessW(HANDLE hProcess, LPVOID ImageBase, wchar_t* szDumpFileName, ULONG_PTR EntryPoint);
|
||||
__declspec(dllexport) bool DumpProcessEx(DWORD ProcessId, LPVOID ImageBase, char* szDumpFileName, ULONG_PTR EntryPoint);
|
||||
__declspec(dllexport) bool DumpProcessExW(DWORD ProcessId, LPVOID ImageBase, wchar_t* szDumpFileName, ULONG_PTR EntryPoint);
|
||||
__declspec(dllexport) bool DumpMemory(HANDLE hProcess, LPVOID MemoryStart, ULONG_PTR MemorySize, char* szDumpFileName);
|
||||
__declspec(dllexport) bool DumpMemoryW(HANDLE hProcess, LPVOID MemoryStart, ULONG_PTR MemorySize, wchar_t* szDumpFileName);
|
||||
__declspec(dllexport) bool DumpMemoryEx(DWORD ProcessId, LPVOID MemoryStart, ULONG_PTR MemorySize, char* szDumpFileName);
|
||||
__declspec(dllexport) bool DumpMemoryExW(DWORD ProcessId, LPVOID MemoryStart, ULONG_PTR MemorySize, wchar_t* szDumpFileName);
|
||||
__declspec(dllexport) bool DumpRegions(HANDLE hProcess, char* szDumpFolder, bool DumpAboveImageBaseOnly);
|
||||
__declspec(dllexport) bool DumpRegionsW(HANDLE hProcess, wchar_t* szDumpFolder, bool DumpAboveImageBaseOnly);
|
||||
__declspec(dllexport) bool DumpRegionsEx(DWORD ProcessId, char* szDumpFolder, bool DumpAboveImageBaseOnly);
|
||||
__declspec(dllexport) bool DumpRegionsExW(DWORD ProcessId, wchar_t* szDumpFolder, bool DumpAboveImageBaseOnly);
|
||||
__declspec(dllexport) bool DumpModule(HANDLE hProcess, LPVOID ModuleBase, char* szDumpFileName);
|
||||
__declspec(dllexport) bool DumpModuleW(HANDLE hProcess, LPVOID ModuleBase, wchar_t* szDumpFileName);
|
||||
__declspec(dllexport) bool DumpModuleEx(DWORD ProcessId, LPVOID ModuleBase, char* szDumpFileName);
|
||||
__declspec(dllexport) bool DumpModuleExW(DWORD ProcessId, LPVOID ModuleBase, wchar_t* szDumpFileName);
|
||||
__declspec(dllexport) bool PastePEHeader(HANDLE hProcess, LPVOID ImageBase, char* szDebuggedFileName);
|
||||
__declspec(dllexport) bool PastePEHeaderW(HANDLE hProcess, LPVOID ImageBase, wchar_t* szDebuggedFileName);
|
||||
__declspec(dllexport) bool ExtractSection(char* szFileName, char* szDumpFileName, DWORD SectionNumber);
|
||||
__declspec(dllexport) bool ExtractSectionW(wchar_t* szFileName, wchar_t* szDumpFileName, DWORD SectionNumber);
|
||||
__declspec(dllexport) bool ResortFileSections(char* szFileName);
|
||||
__declspec(dllexport) bool ResortFileSectionsW(wchar_t* szFileName);
|
||||
__declspec(dllexport) bool FindOverlay(char* szFileName, LPDWORD OverlayStart, LPDWORD OverlaySize);
|
||||
__declspec(dllexport) bool FindOverlayW(wchar_t* szFileName, LPDWORD OverlayStart, LPDWORD OverlaySize);
|
||||
__declspec(dllexport) bool ExtractOverlay(char* szFileName, char* szExtactedFileName);
|
||||
__declspec(dllexport) bool ExtractOverlayW(wchar_t* szFileName, wchar_t* szExtactedFileName);
|
||||
__declspec(dllexport) bool AddOverlay(char* szFileName, char* szOverlayFileName);
|
||||
__declspec(dllexport) bool AddOverlayW(wchar_t* szFileName, wchar_t* szOverlayFileName);
|
||||
__declspec(dllexport) bool CopyOverlay(char* szInFileName, char* szOutFileName);
|
||||
__declspec(dllexport) bool CopyOverlayW(wchar_t* szInFileName, wchar_t* szOutFileName);
|
||||
__declspec(dllexport) bool RemoveOverlay(char* szFileName);
|
||||
__declspec(dllexport) bool RemoveOverlayW(wchar_t* szFileName);
|
||||
__declspec(dllexport) bool MakeAllSectionsRWE(char* szFileName);
|
||||
__declspec(dllexport) bool MakeAllSectionsRWEW(wchar_t* szFileName);
|
||||
__declspec(dllexport) long AddNewSectionEx(char* szFileName, char* szSectionName, DWORD SectionSize, DWORD SectionAttributes, LPVOID SectionContent, DWORD ContentSize);
|
||||
__declspec(dllexport) long AddNewSectionExW(wchar_t* szFileName, char* szSectionName, DWORD SectionSize, DWORD SectionAttributes, LPVOID SectionContent, DWORD ContentSize);
|
||||
__declspec(dllexport) long AddNewSection(char* szFileName, char* szSectionName, DWORD SectionSize);
|
||||
__declspec(dllexport) long AddNewSectionW(wchar_t* szFileName, char* szSectionName, DWORD SectionSize);
|
||||
__declspec(dllexport) bool ResizeLastSection(char* szFileName, DWORD NumberOfExpandBytes, bool AlignResizeData);
|
||||
__declspec(dllexport) bool ResizeLastSectionW(wchar_t* szFileName, DWORD NumberOfExpandBytes, bool AlignResizeData);
|
||||
__declspec(dllexport) void SetSharedOverlay(char* szFileName);
|
||||
__declspec(dllexport) void SetSharedOverlayW(wchar_t* szFileName);
|
||||
__declspec(dllexport) char* GetSharedOverlay();
|
||||
__declspec(dllexport) wchar_t* GetSharedOverlayW();
|
||||
__declspec(dllexport) bool DeleteLastSection(char* szFileName);
|
||||
__declspec(dllexport) bool DeleteLastSectionW(wchar_t* szFileName);
|
||||
__declspec(dllexport) bool DeleteLastSectionEx(char* szFileName, DWORD NumberOfSections);
|
||||
__declspec(dllexport) bool DeleteLastSectionExW(wchar_t* szFileName, DWORD NumberOfSections);
|
||||
__declspec(dllexport) long long GetPE32DataFromMappedFile(ULONG_PTR FileMapVA, DWORD WhichSection, DWORD WhichData);
|
||||
__declspec(dllexport) long long GetPE32Data(char* szFileName, DWORD WhichSection, DWORD WhichData);
|
||||
__declspec(dllexport) long long GetPE32DataW(wchar_t* szFileName, DWORD WhichSection, DWORD WhichData);
|
||||
__declspec(dllexport) bool GetPE32DataFromMappedFileEx(ULONG_PTR FileMapVA, LPVOID DataStorage);
|
||||
__declspec(dllexport) bool GetPE32DataEx(char* szFileName, LPVOID DataStorage);
|
||||
__declspec(dllexport) bool GetPE32DataExW(wchar_t* szFileName, LPVOID DataStorage);
|
||||
__declspec(dllexport) bool SetPE32DataForMappedFile(ULONG_PTR FileMapVA, DWORD WhichSection, DWORD WhichData, ULONG_PTR NewDataValue);
|
||||
__declspec(dllexport) bool SetPE32Data(char* szFileName, DWORD WhichSection, DWORD WhichData, ULONG_PTR NewDataValue);
|
||||
__declspec(dllexport) bool SetPE32DataW(wchar_t* szFileName, DWORD WhichSection, DWORD WhichData, ULONG_PTR NewDataValue);
|
||||
__declspec(dllexport) bool SetPE32DataForMappedFileEx(ULONG_PTR FileMapVA, LPVOID DataStorage);
|
||||
__declspec(dllexport) bool SetPE32DataEx(char* szFileName, LPVOID DataStorage);
|
||||
__declspec(dllexport) long GetPE32SectionNumberFromVA(ULONG_PTR FileMapVA, ULONG_PTR AddressToConvert);
|
||||
__declspec(dllexport) long long ConvertVAtoFileOffset(ULONG_PTR FileMapVA, ULONG_PTR AddressToConvert, bool ReturnType);
|
||||
__declspec(dllexport) long long ConvertVAtoFileOffsetEx(ULONG_PTR FileMapVA, DWORD FileSize, ULONG_PTR ImageBase, ULONG_PTR AddressToConvert, bool AddressIsRVA, bool ReturnType);
|
||||
__declspec(dllexport) long long ConvertFileOffsetToVA(ULONG_PTR FileMapVA, ULONG_PTR AddressToConvert, bool ReturnType);
|
||||
__declspec(dllexport) long long ConvertFileOffsetToVAEx(ULONG_PTR FileMapVA, DWORD FileSize, ULONG_PTR ImageBase, ULONG_PTR AddressToConvert, bool ReturnType);
|
||||
// TitanEngine.Realigner.functions:
|
||||
__declspec(dllexport) bool __stdcall FixHeaderCheckSum(char* szFileName);
|
||||
__declspec(dllexport) bool __stdcall FixHeaderCheckSumW(wchar_t* szFileName);
|
||||
__declspec(dllexport) long __stdcall RealignPE(ULONG_PTR FileMapVA, DWORD FileSize, DWORD RealingMode);
|
||||
__declspec(dllexport) long __stdcall RealignPEEx(char* szFileName, DWORD RealingFileSize, DWORD ForcedFileAlignment);
|
||||
__declspec(dllexport) long __stdcall RealignPEExW(wchar_t* szFileName, DWORD RealingFileSize, DWORD ForcedFileAlignment);
|
||||
__declspec(dllexport) bool __stdcall WipeSection(char* szFileName, int WipeSectionNumber, bool RemovePhysically);
|
||||
__declspec(dllexport) bool __stdcall WipeSectionW(wchar_t* szFileName, int WipeSectionNumber, bool RemovePhysically);
|
||||
__declspec(dllexport) bool __stdcall IsPE32FileValidEx(char* szFileName, DWORD CheckDepth, LPVOID FileStatusInfo);
|
||||
__declspec(dllexport) bool __stdcall IsPE32FileValidExW(wchar_t* szFileName, DWORD CheckDepth, LPVOID FileStatusInfo);
|
||||
__declspec(dllexport) bool __stdcall FixBrokenPE32FileEx(char* szFileName, LPVOID FileStatusInfo, LPVOID FileFixInfo);
|
||||
__declspec(dllexport) bool __stdcall FixBrokenPE32FileExW(wchar_t* szFileName, LPVOID FileStatusInfo, LPVOID FileFixInfo);
|
||||
__declspec(dllexport) bool __stdcall IsFileDLL(char* szFileName, ULONG_PTR FileMapVA);
|
||||
__declspec(dllexport) bool __stdcall IsFileDLLW(wchar_t* szFileName, ULONG_PTR FileMapVA);
|
||||
__declspec(dllexport) bool FixHeaderCheckSum(char* szFileName);
|
||||
__declspec(dllexport) bool FixHeaderCheckSumW(wchar_t* szFileName);
|
||||
__declspec(dllexport) long RealignPE(ULONG_PTR FileMapVA, DWORD FileSize, DWORD RealingMode);
|
||||
__declspec(dllexport) long RealignPEEx(char* szFileName, DWORD RealingFileSize, DWORD ForcedFileAlignment);
|
||||
__declspec(dllexport) long RealignPEExW(wchar_t* szFileName, DWORD RealingFileSize, DWORD ForcedFileAlignment);
|
||||
__declspec(dllexport) bool WipeSection(char* szFileName, int WipeSectionNumber, bool RemovePhysically);
|
||||
__declspec(dllexport) bool WipeSectionW(wchar_t* szFileName, int WipeSectionNumber, bool RemovePhysically);
|
||||
__declspec(dllexport) bool IsPE32FileValidEx(char* szFileName, DWORD CheckDepth, LPVOID FileStatusInfo);
|
||||
__declspec(dllexport) bool IsPE32FileValidExW(wchar_t* szFileName, DWORD CheckDepth, LPVOID FileStatusInfo);
|
||||
__declspec(dllexport) bool FixBrokenPE32FileEx(char* szFileName, LPVOID FileStatusInfo, LPVOID FileFixInfo);
|
||||
__declspec(dllexport) bool FixBrokenPE32FileExW(wchar_t* szFileName, LPVOID FileStatusInfo, LPVOID FileFixInfo);
|
||||
__declspec(dllexport) bool IsFileDLL(char* szFileName, ULONG_PTR FileMapVA);
|
||||
__declspec(dllexport) bool IsFileDLLW(wchar_t* szFileName, ULONG_PTR FileMapVA);
|
||||
// TitanEngine.Hider.functions:
|
||||
__declspec(dllexport) void* __stdcall GetPEBLocation(HANDLE hProcess);
|
||||
__declspec(dllexport) bool __stdcall HideDebugger(HANDLE hProcess, DWORD PatchAPILevel);
|
||||
__declspec(dllexport) bool __stdcall UnHideDebugger(HANDLE hProcess, DWORD PatchAPILevel);
|
||||
__declspec(dllexport) void* GetPEBLocation(HANDLE hProcess);
|
||||
__declspec(dllexport) bool HideDebugger(HANDLE hProcess, DWORD PatchAPILevel);
|
||||
__declspec(dllexport) bool UnHideDebugger(HANDLE hProcess, DWORD PatchAPILevel);
|
||||
// TitanEngine.Relocater.functions:
|
||||
__declspec(dllexport) void __stdcall RelocaterCleanup();
|
||||
__declspec(dllexport) void __stdcall RelocaterInit(DWORD MemorySize, ULONG_PTR OldImageBase, ULONG_PTR NewImageBase);
|
||||
__declspec(dllexport) void __stdcall RelocaterAddNewRelocation(HANDLE hProcess, ULONG_PTR RelocateAddress, DWORD RelocateState);
|
||||
__declspec(dllexport) long __stdcall RelocaterEstimatedSize();
|
||||
__declspec(dllexport) bool __stdcall RelocaterExportRelocation(ULONG_PTR StorePlace, DWORD StorePlaceRVA, ULONG_PTR FileMapVA);
|
||||
__declspec(dllexport) bool __stdcall RelocaterExportRelocationEx(char* szFileName, char* szSectionName);
|
||||
__declspec(dllexport) bool __stdcall RelocaterExportRelocationExW(wchar_t* szFileName, char* szSectionName);
|
||||
__declspec(dllexport) bool __stdcall RelocaterGrabRelocationTable(HANDLE hProcess, ULONG_PTR MemoryStart, DWORD MemorySize);
|
||||
__declspec(dllexport) bool __stdcall RelocaterGrabRelocationTableEx(HANDLE hProcess, ULONG_PTR MemoryStart, ULONG_PTR MemorySize, DWORD NtSizeOfImage);
|
||||
__declspec(dllexport) bool __stdcall RelocaterMakeSnapshot(HANDLE hProcess, char* szSaveFileName, LPVOID MemoryStart, ULONG_PTR MemorySize);
|
||||
__declspec(dllexport) bool __stdcall RelocaterMakeSnapshotW(HANDLE hProcess, wchar_t* szSaveFileName, LPVOID MemoryStart, ULONG_PTR MemorySize);
|
||||
__declspec(dllexport) bool __stdcall RelocaterCompareTwoSnapshots(HANDLE hProcess, ULONG_PTR LoadedImageBase, ULONG_PTR NtSizeOfImage, char* szDumpFile1, char* szDumpFile2, ULONG_PTR MemStart);
|
||||
__declspec(dllexport) bool __stdcall RelocaterCompareTwoSnapshotsW(HANDLE hProcess, ULONG_PTR LoadedImageBase, ULONG_PTR NtSizeOfImage, wchar_t* szDumpFile1, wchar_t* szDumpFile2, ULONG_PTR MemStart);
|
||||
__declspec(dllexport) bool __stdcall RelocaterChangeFileBase(char* szFileName, ULONG_PTR NewImageBase);
|
||||
__declspec(dllexport) bool __stdcall RelocaterChangeFileBaseW(wchar_t* szFileName, ULONG_PTR NewImageBase);
|
||||
__declspec(dllexport) bool __stdcall RelocaterRelocateMemoryBlock(ULONG_PTR FileMapVA, ULONG_PTR MemoryLocation, void* RelocateMemory, DWORD RelocateMemorySize, ULONG_PTR CurrentLoadedBase, ULONG_PTR RelocateBase);
|
||||
__declspec(dllexport) bool __stdcall RelocaterWipeRelocationTable(char* szFileName);
|
||||
__declspec(dllexport) bool __stdcall RelocaterWipeRelocationTableW(wchar_t* szFileName);
|
||||
__declspec(dllexport) void RelocaterCleanup();
|
||||
__declspec(dllexport) void RelocaterInit(DWORD MemorySize, ULONG_PTR OldImageBase, ULONG_PTR NewImageBase);
|
||||
__declspec(dllexport) void RelocaterAddNewRelocation(HANDLE hProcess, ULONG_PTR RelocateAddress, DWORD RelocateState);
|
||||
__declspec(dllexport) long RelocaterEstimatedSize();
|
||||
__declspec(dllexport) bool RelocaterExportRelocation(ULONG_PTR StorePlace, DWORD StorePlaceRVA, ULONG_PTR FileMapVA);
|
||||
__declspec(dllexport) bool RelocaterExportRelocationEx(char* szFileName, char* szSectionName);
|
||||
__declspec(dllexport) bool RelocaterExportRelocationExW(wchar_t* szFileName, char* szSectionName);
|
||||
__declspec(dllexport) bool RelocaterGrabRelocationTable(HANDLE hProcess, ULONG_PTR MemoryStart, DWORD MemorySize);
|
||||
__declspec(dllexport) bool RelocaterGrabRelocationTableEx(HANDLE hProcess, ULONG_PTR MemoryStart, ULONG_PTR MemorySize, DWORD NtSizeOfImage);
|
||||
__declspec(dllexport) bool RelocaterMakeSnapshot(HANDLE hProcess, char* szSaveFileName, LPVOID MemoryStart, ULONG_PTR MemorySize);
|
||||
__declspec(dllexport) bool RelocaterMakeSnapshotW(HANDLE hProcess, wchar_t* szSaveFileName, LPVOID MemoryStart, ULONG_PTR MemorySize);
|
||||
__declspec(dllexport) bool RelocaterCompareTwoSnapshots(HANDLE hProcess, ULONG_PTR LoadedImageBase, ULONG_PTR NtSizeOfImage, char* szDumpFile1, char* szDumpFile2, ULONG_PTR MemStart);
|
||||
__declspec(dllexport) bool RelocaterCompareTwoSnapshotsW(HANDLE hProcess, ULONG_PTR LoadedImageBase, ULONG_PTR NtSizeOfImage, wchar_t* szDumpFile1, wchar_t* szDumpFile2, ULONG_PTR MemStart);
|
||||
__declspec(dllexport) bool RelocaterChangeFileBase(char* szFileName, ULONG_PTR NewImageBase);
|
||||
__declspec(dllexport) bool RelocaterChangeFileBaseW(wchar_t* szFileName, ULONG_PTR NewImageBase);
|
||||
__declspec(dllexport) bool RelocaterRelocateMemoryBlock(ULONG_PTR FileMapVA, ULONG_PTR MemoryLocation, void* RelocateMemory, DWORD RelocateMemorySize, ULONG_PTR CurrentLoadedBase, ULONG_PTR RelocateBase);
|
||||
__declspec(dllexport) bool RelocaterWipeRelocationTable(char* szFileName);
|
||||
__declspec(dllexport) bool RelocaterWipeRelocationTableW(wchar_t* szFileName);
|
||||
// TitanEngine.Resourcer.functions:
|
||||
__declspec(dllexport) long long __stdcall ResourcerLoadFileForResourceUse(char* szFileName);
|
||||
__declspec(dllexport) long long __stdcall ResourcerLoadFileForResourceUseW(wchar_t* szFileName);
|
||||
__declspec(dllexport) bool __stdcall ResourcerFreeLoadedFile(LPVOID LoadedFileBase);
|
||||
__declspec(dllexport) bool __stdcall ResourcerExtractResourceFromFileEx(ULONG_PTR FileMapVA, char* szResourceType, char* szResourceName, char* szExtractedFileName);
|
||||
__declspec(dllexport) bool __stdcall ResourcerExtractResourceFromFile(char* szFileName, char* szResourceType, char* szResourceName, char* szExtractedFileName);
|
||||
__declspec(dllexport) bool __stdcall ResourcerExtractResourceFromFileW(wchar_t* szFileName, char* szResourceType, char* szResourceName, char* szExtractedFileName);
|
||||
__declspec(dllexport) bool __stdcall ResourcerFindResource(char* szFileName, char* szResourceType, DWORD ResourceType, char* szResourceName, DWORD ResourceName, DWORD ResourceLanguage, PULONG_PTR pResourceData, LPDWORD pResourceSize);
|
||||
__declspec(dllexport) bool __stdcall ResourcerFindResourceW(wchar_t* szFileName, wchar_t* szResourceType, DWORD ResourceType, wchar_t* szResourceName, DWORD ResourceName, DWORD ResourceLanguage, PULONG_PTR pResourceData, LPDWORD pResourceSize);
|
||||
__declspec(dllexport) bool __stdcall ResourcerFindResourceEx(ULONG_PTR FileMapVA, DWORD FileSize, wchar_t* szResourceType, DWORD ResourceType, wchar_t* szResourceName, DWORD ResourceName, DWORD ResourceLanguage, PULONG_PTR pResourceData, LPDWORD pResourceSize);
|
||||
__declspec(dllexport) void __stdcall ResourcerEnumerateResource(char* szFileName, void* CallBack);
|
||||
__declspec(dllexport) void __stdcall ResourcerEnumerateResourceW(wchar_t* szFileName, void* CallBack);
|
||||
__declspec(dllexport) void __stdcall ResourcerEnumerateResourceEx(ULONG_PTR FileMapVA, DWORD FileSize, void* CallBack);
|
||||
__declspec(dllexport) long long ResourcerLoadFileForResourceUse(char* szFileName);
|
||||
__declspec(dllexport) long long ResourcerLoadFileForResourceUseW(wchar_t* szFileName);
|
||||
__declspec(dllexport) bool ResourcerFreeLoadedFile(LPVOID LoadedFileBase);
|
||||
__declspec(dllexport) bool ResourcerExtractResourceFromFileEx(ULONG_PTR FileMapVA, char* szResourceType, char* szResourceName, char* szExtractedFileName);
|
||||
__declspec(dllexport) bool ResourcerExtractResourceFromFile(char* szFileName, char* szResourceType, char* szResourceName, char* szExtractedFileName);
|
||||
__declspec(dllexport) bool ResourcerExtractResourceFromFileW(wchar_t* szFileName, char* szResourceType, char* szResourceName, char* szExtractedFileName);
|
||||
__declspec(dllexport) bool ResourcerFindResource(char* szFileName, char* szResourceType, DWORD ResourceType, char* szResourceName, DWORD ResourceName, DWORD ResourceLanguage, PULONG_PTR pResourceData, LPDWORD pResourceSize);
|
||||
__declspec(dllexport) bool ResourcerFindResourceW(wchar_t* szFileName, wchar_t* szResourceType, DWORD ResourceType, wchar_t* szResourceName, DWORD ResourceName, DWORD ResourceLanguage, PULONG_PTR pResourceData, LPDWORD pResourceSize);
|
||||
__declspec(dllexport) bool ResourcerFindResourceEx(ULONG_PTR FileMapVA, DWORD FileSize, wchar_t* szResourceType, DWORD ResourceType, wchar_t* szResourceName, DWORD ResourceName, DWORD ResourceLanguage, PULONG_PTR pResourceData, LPDWORD pResourceSize);
|
||||
__declspec(dllexport) void ResourcerEnumerateResource(char* szFileName, void* CallBack);
|
||||
__declspec(dllexport) void ResourcerEnumerateResourceW(wchar_t* szFileName, void* CallBack);
|
||||
__declspec(dllexport) void ResourcerEnumerateResourceEx(ULONG_PTR FileMapVA, DWORD FileSize, void* CallBack);
|
||||
// TitanEngine.Threader.functions:
|
||||
__declspec(dllexport) bool __stdcall ThreaderImportRunningThreadData(DWORD ProcessId);
|
||||
__declspec(dllexport) void* __stdcall ThreaderGetThreadInfo(HANDLE hThread, DWORD ThreadId);
|
||||
__declspec(dllexport) void __stdcall ThreaderEnumThreadInfo(void* EnumCallBack);
|
||||
__declspec(dllexport) bool __stdcall ThreaderPauseThread(HANDLE hThread);
|
||||
__declspec(dllexport) bool __stdcall ThreaderResumeThread(HANDLE hThread);
|
||||
__declspec(dllexport) bool __stdcall ThreaderTerminateThread(HANDLE hThread, DWORD ThreadExitCode);
|
||||
__declspec(dllexport) bool __stdcall ThreaderPauseAllThreads(bool LeaveMainRunning);
|
||||
__declspec(dllexport) bool __stdcall ThreaderResumeAllThreads(bool LeaveMainPaused);
|
||||
__declspec(dllexport) bool __stdcall ThreaderPauseProcess();
|
||||
__declspec(dllexport) bool __stdcall ThreaderResumeProcess();
|
||||
__declspec(dllexport) long long __stdcall ThreaderCreateRemoteThread(ULONG_PTR ThreadStartAddress, bool AutoCloseTheHandle, LPVOID ThreadPassParameter, LPDWORD ThreadId);
|
||||
__declspec(dllexport) bool __stdcall ThreaderInjectAndExecuteCode(LPVOID InjectCode, DWORD StartDelta, DWORD InjectSize);
|
||||
__declspec(dllexport) long long __stdcall ThreaderCreateRemoteThreadEx(HANDLE hProcess, ULONG_PTR ThreadStartAddress, bool AutoCloseTheHandle, LPVOID ThreadPassParameter, LPDWORD ThreadId);
|
||||
__declspec(dllexport) bool __stdcall ThreaderInjectAndExecuteCodeEx(HANDLE hProcess, LPVOID InjectCode, DWORD StartDelta, DWORD InjectSize);
|
||||
__declspec(dllexport) void __stdcall ThreaderSetCallBackForNextExitThreadEvent(LPVOID exitThreadCallBack);
|
||||
__declspec(dllexport) bool __stdcall ThreaderIsThreadStillRunning(HANDLE hThread);
|
||||
__declspec(dllexport) bool __stdcall ThreaderIsThreadActive(HANDLE hThread);
|
||||
__declspec(dllexport) bool __stdcall ThreaderIsAnyThreadActive();
|
||||
__declspec(dllexport) bool __stdcall ThreaderExecuteOnlyInjectedThreads();
|
||||
__declspec(dllexport) long long __stdcall ThreaderGetOpenHandleForThread(DWORD ThreadId);
|
||||
__declspec(dllexport) void* __stdcall ThreaderGetThreadData();
|
||||
__declspec(dllexport) bool __stdcall ThreaderIsExceptionInMainThread();
|
||||
__declspec(dllexport) bool ThreaderImportRunningThreadData(DWORD ProcessId);
|
||||
__declspec(dllexport) void* ThreaderGetThreadInfo(HANDLE hThread, DWORD ThreadId);
|
||||
__declspec(dllexport) void ThreaderEnumThreadInfo(void* EnumCallBack);
|
||||
__declspec(dllexport) bool ThreaderPauseThread(HANDLE hThread);
|
||||
__declspec(dllexport) bool ThreaderResumeThread(HANDLE hThread);
|
||||
__declspec(dllexport) bool ThreaderTerminateThread(HANDLE hThread, DWORD ThreadExitCode);
|
||||
__declspec(dllexport) bool ThreaderPauseAllThreads(bool LeaveMainRunning);
|
||||
__declspec(dllexport) bool ThreaderResumeAllThreads(bool LeaveMainPaused);
|
||||
__declspec(dllexport) bool ThreaderPauseProcess();
|
||||
__declspec(dllexport) bool ThreaderResumeProcess();
|
||||
__declspec(dllexport) long long ThreaderCreateRemoteThread(ULONG_PTR ThreadStartAddress, bool AutoCloseTheHandle, LPVOID ThreadPassParameter, LPDWORD ThreadId);
|
||||
__declspec(dllexport) bool ThreaderInjectAndExecuteCode(LPVOID InjectCode, DWORD StartDelta, DWORD InjectSize);
|
||||
__declspec(dllexport) long long ThreaderCreateRemoteThreadEx(HANDLE hProcess, ULONG_PTR ThreadStartAddress, bool AutoCloseTheHandle, LPVOID ThreadPassParameter, LPDWORD ThreadId);
|
||||
__declspec(dllexport) bool ThreaderInjectAndExecuteCodeEx(HANDLE hProcess, LPVOID InjectCode, DWORD StartDelta, DWORD InjectSize);
|
||||
__declspec(dllexport) void ThreaderSetCallBackForNextExitThreadEvent(LPVOID exitThreadCallBack);
|
||||
__declspec(dllexport) bool ThreaderIsThreadStillRunning(HANDLE hThread);
|
||||
__declspec(dllexport) bool ThreaderIsThreadActive(HANDLE hThread);
|
||||
__declspec(dllexport) bool ThreaderIsAnyThreadActive();
|
||||
__declspec(dllexport) bool ThreaderExecuteOnlyInjectedThreads();
|
||||
__declspec(dllexport) long long ThreaderGetOpenHandleForThread(DWORD ThreadId);
|
||||
__declspec(dllexport) void* ThreaderGetThreadData();
|
||||
__declspec(dllexport) bool ThreaderIsExceptionInMainThread();
|
||||
// TitanEngine.Debugger.functions:
|
||||
__declspec(dllexport) void* __stdcall StaticDisassembleEx(ULONG_PTR DisassmStart, LPVOID DisassmAddress);
|
||||
__declspec(dllexport) void* __stdcall StaticDisassemble(LPVOID DisassmAddress);
|
||||
__declspec(dllexport) void* __stdcall DisassembleEx(HANDLE hProcess, LPVOID DisassmAddress);
|
||||
__declspec(dllexport) void* __stdcall Disassemble(LPVOID DisassmAddress);
|
||||
__declspec(dllexport) long __stdcall StaticLengthDisassemble(LPVOID DisassmAddress);
|
||||
__declspec(dllexport) long __stdcall LengthDisassembleEx(HANDLE hProcess, LPVOID DisassmAddress);
|
||||
__declspec(dllexport) long __stdcall LengthDisassemble(LPVOID DisassmAddress);
|
||||
__declspec(dllexport) void* __stdcall InitDebug(char* szFileName, char* szCommandLine, char* szCurrentFolder);
|
||||
__declspec(dllexport) void* __stdcall InitDebugW(wchar_t* szFileName, wchar_t* szCommandLine, wchar_t* szCurrentFolder);
|
||||
__declspec(dllexport) void* __stdcall InitDebugEx(char* szFileName, char* szCommandLine, char* szCurrentFolder, LPVOID EntryCallBack);
|
||||
__declspec(dllexport) void* __stdcall InitDebugExW(wchar_t* szFileName, wchar_t* szCommandLine, wchar_t* szCurrentFolder, LPVOID EntryCallBack);
|
||||
__declspec(dllexport) void* __stdcall InitDLLDebug(char* szFileName, bool ReserveModuleBase, char* szCommandLine, char* szCurrentFolder, LPVOID EntryCallBack);
|
||||
__declspec(dllexport) void* __stdcall InitDLLDebugW(wchar_t* szFileName, bool ReserveModuleBase, wchar_t* szCommandLine, wchar_t* szCurrentFolder, LPVOID EntryCallBack);
|
||||
__declspec(dllexport) bool __stdcall StopDebug();
|
||||
__declspec(dllexport) void __stdcall SetBPXOptions(long DefaultBreakPointType);
|
||||
__declspec(dllexport) bool __stdcall IsBPXEnabled(ULONG_PTR bpxAddress);
|
||||
__declspec(dllexport) bool __stdcall EnableBPX(ULONG_PTR bpxAddress);
|
||||
__declspec(dllexport) bool __stdcall DisableBPX(ULONG_PTR bpxAddress);
|
||||
__declspec(dllexport) bool __stdcall SetBPX(ULONG_PTR bpxAddress, DWORD bpxType, LPVOID bpxCallBack);
|
||||
__declspec(dllexport) bool __stdcall SetBPXEx(ULONG_PTR bpxAddress, DWORD bpxType, DWORD NumberOfExecution, DWORD CmpRegister, DWORD CmpCondition, ULONG_PTR CmpValue, LPVOID bpxCallBack, LPVOID bpxCompareCallBack, LPVOID bpxRemoveCallBack);
|
||||
__declspec(dllexport) bool __stdcall DeleteBPX(ULONG_PTR bpxAddress);
|
||||
__declspec(dllexport) bool __stdcall SafeDeleteBPX(ULONG_PTR bpxAddress);
|
||||
__declspec(dllexport) bool __stdcall SetAPIBreakPoint(char* szDLLName, char* szAPIName, DWORD bpxType, DWORD bpxPlace, LPVOID bpxCallBack);
|
||||
__declspec(dllexport) bool __stdcall DeleteAPIBreakPoint(char* szDLLName, char* szAPIName, DWORD bpxPlace);
|
||||
__declspec(dllexport) bool __stdcall SafeDeleteAPIBreakPoint(char* szDLLName, char* szAPIName, DWORD bpxPlace);
|
||||
__declspec(dllexport) bool __stdcall SetMemoryBPX(ULONG_PTR MemoryStart, DWORD SizeOfMemory, LPVOID bpxCallBack);
|
||||
__declspec(dllexport) bool __stdcall SetMemoryBPXEx(ULONG_PTR MemoryStart, DWORD SizeOfMemory, DWORD BreakPointType, bool RestoreOnHit, LPVOID bpxCallBack);
|
||||
__declspec(dllexport) bool __stdcall RemoveMemoryBPX(ULONG_PTR MemoryStart, DWORD SizeOfMemory);
|
||||
__declspec(dllexport) bool __stdcall GetContextFPUDataEx(HANDLE hActiveThread, void* FPUSaveArea);
|
||||
__declspec(dllexport) long long __stdcall GetContextDataEx(HANDLE hActiveThread, DWORD IndexOfRegister);
|
||||
__declspec(dllexport) long long __stdcall GetContextData(DWORD IndexOfRegister);
|
||||
__declspec(dllexport) bool __stdcall SetContextFPUDataEx(HANDLE hActiveThread, void* FPUSaveArea);
|
||||
__declspec(dllexport) bool __stdcall SetContextDataEx(HANDLE hActiveThread, DWORD IndexOfRegister, ULONG_PTR NewRegisterValue);
|
||||
__declspec(dllexport) bool __stdcall SetContextData(DWORD IndexOfRegister, ULONG_PTR NewRegisterValue);
|
||||
__declspec(dllexport) void __stdcall ClearExceptionNumber();
|
||||
__declspec(dllexport) long __stdcall CurrentExceptionNumber();
|
||||
__declspec(dllexport) bool __stdcall MatchPatternEx(HANDLE hProcess, void* MemoryToCheck, int SizeOfMemoryToCheck, void* PatternToMatch, int SizeOfPatternToMatch, PBYTE WildCard);
|
||||
__declspec(dllexport) bool __stdcall MatchPattern(void* MemoryToCheck, int SizeOfMemoryToCheck, void* PatternToMatch, int SizeOfPatternToMatch, PBYTE WildCard);
|
||||
__declspec(dllexport) long long __stdcall FindEx(HANDLE hProcess, LPVOID MemoryStart, DWORD MemorySize, LPVOID SearchPattern, DWORD PatternSize, LPBYTE WildCard);
|
||||
__declspec(dllexport) long long __stdcall Find(LPVOID MemoryStart, DWORD MemorySize, LPVOID SearchPattern, DWORD PatternSize, LPBYTE WildCard);
|
||||
__declspec(dllexport) bool __stdcall FillEx(HANDLE hProcess, LPVOID MemoryStart, DWORD MemorySize, PBYTE FillByte);
|
||||
__declspec(dllexport) bool __stdcall Fill(LPVOID MemoryStart, DWORD MemorySize, PBYTE FillByte);
|
||||
__declspec(dllexport) bool __stdcall PatchEx(HANDLE hProcess, LPVOID MemoryStart, DWORD MemorySize, LPVOID ReplacePattern, DWORD ReplaceSize, bool AppendNOP, bool PrependNOP);
|
||||
__declspec(dllexport) bool __stdcall Patch(LPVOID MemoryStart, DWORD MemorySize, LPVOID ReplacePattern, DWORD ReplaceSize, bool AppendNOP, bool PrependNOP);
|
||||
__declspec(dllexport) bool __stdcall ReplaceEx(HANDLE hProcess, LPVOID MemoryStart, DWORD MemorySize, LPVOID SearchPattern, DWORD PatternSize, DWORD NumberOfRepetitions, LPVOID ReplacePattern, DWORD ReplaceSize, PBYTE WildCard);
|
||||
__declspec(dllexport) bool __stdcall Replace(LPVOID MemoryStart, DWORD MemorySize, LPVOID SearchPattern, DWORD PatternSize, DWORD NumberOfRepetitions, LPVOID ReplacePattern, DWORD ReplaceSize, PBYTE WildCard);
|
||||
__declspec(dllexport) void* __stdcall GetDebugData();
|
||||
__declspec(dllexport) void* __stdcall GetTerminationData();
|
||||
__declspec(dllexport) long __stdcall GetExitCode();
|
||||
__declspec(dllexport) long long __stdcall GetDebuggedDLLBaseAddress();
|
||||
__declspec(dllexport) unsigned long long __stdcall GetDebuggedFileBaseAddress();
|
||||
__declspec(dllexport) bool __stdcall GetRemoteString(HANDLE hProcess, LPVOID StringAddress, LPVOID StringStorage, int MaximumStringSize);
|
||||
__declspec(dllexport) long long __stdcall GetFunctionParameter(HANDLE hProcess, DWORD FunctionType, DWORD ParameterNumber, DWORD ParameterType);
|
||||
__declspec(dllexport) long long __stdcall GetJumpDestinationEx(HANDLE hProcess, ULONG_PTR InstructionAddress, bool JustJumps);
|
||||
__declspec(dllexport) long long __stdcall GetJumpDestination(HANDLE hProcess, ULONG_PTR InstructionAddress);
|
||||
__declspec(dllexport) bool __stdcall IsJumpGoingToExecuteEx(HANDLE hProcess, HANDLE hThread, ULONG_PTR InstructionAddress, ULONG_PTR RegFlags);
|
||||
__declspec(dllexport) bool __stdcall IsJumpGoingToExecute();
|
||||
__declspec(dllexport) void __stdcall SetCustomHandler(DWORD ExceptionId, LPVOID CallBack);
|
||||
__declspec(dllexport) void __stdcall ForceClose();
|
||||
__declspec(dllexport) void __stdcall StepInto(LPVOID traceCallBack);
|
||||
__declspec(dllexport) void __stdcall StepOver(LPVOID traceCallBack);
|
||||
__declspec(dllexport) void __stdcall SingleStep(DWORD StepCount, LPVOID StepCallBack);
|
||||
__declspec(dllexport) bool __stdcall GetUnusedHardwareBreakPointRegister(LPDWORD RegisterIndex);
|
||||
__declspec(dllexport) bool __stdcall SetHardwareBreakPointEx(HANDLE hActiveThread, ULONG_PTR bpxAddress, DWORD IndexOfRegister, DWORD bpxType, DWORD bpxSize, LPVOID bpxCallBack, LPDWORD IndexOfSelectedRegister);
|
||||
__declspec(dllexport) bool __stdcall SetHardwareBreakPoint(ULONG_PTR bpxAddress, DWORD IndexOfRegister, DWORD bpxType, DWORD bpxSize, LPVOID bpxCallBack);
|
||||
__declspec(dllexport) bool __stdcall DeleteHardwareBreakPoint(DWORD IndexOfRegister);
|
||||
__declspec(dllexport) bool __stdcall RemoveAllBreakPoints(DWORD RemoveOption);
|
||||
__declspec(dllexport) void* __stdcall GetProcessInformation();
|
||||
__declspec(dllexport) void* __stdcall GetStartupInformation();
|
||||
__declspec(dllexport) void __stdcall DebugLoop();
|
||||
__declspec(dllexport) void __stdcall SetDebugLoopTimeOut(DWORD TimeOut);
|
||||
__declspec(dllexport) void __stdcall SetNextDbgContinueStatus(DWORD SetDbgCode);
|
||||
__declspec(dllexport) bool __stdcall AttachDebugger(DWORD ProcessId, bool KillOnExit, LPVOID DebugInfo, LPVOID CallBack);
|
||||
__declspec(dllexport) bool __stdcall DetachDebugger(DWORD ProcessId);
|
||||
__declspec(dllexport) bool __stdcall DetachDebuggerEx(DWORD ProcessId);
|
||||
__declspec(dllexport) void __stdcall DebugLoopEx(DWORD TimeOut);
|
||||
__declspec(dllexport) void __stdcall AutoDebugEx(char* szFileName, bool ReserveModuleBase, char* szCommandLine, char* szCurrentFolder, DWORD TimeOut, LPVOID EntryCallBack);
|
||||
__declspec(dllexport) void __stdcall AutoDebugExW(wchar_t* szFileName, bool ReserveModuleBase, wchar_t* szCommandLine, wchar_t* szCurrentFolder, DWORD TimeOut, LPVOID EntryCallBack);
|
||||
__declspec(dllexport) bool __stdcall IsFileBeingDebugged();
|
||||
__declspec(dllexport) void __stdcall SetErrorModel(bool DisplayErrorMessages);
|
||||
__declspec(dllexport) void* StaticDisassembleEx(ULONG_PTR DisassmStart, LPVOID DisassmAddress);
|
||||
__declspec(dllexport) void* StaticDisassemble(LPVOID DisassmAddress);
|
||||
__declspec(dllexport) void* DisassembleEx(HANDLE hProcess, LPVOID DisassmAddress);
|
||||
__declspec(dllexport) void* Disassemble(LPVOID DisassmAddress);
|
||||
__declspec(dllexport) long StaticLengthDisassemble(LPVOID DisassmAddress);
|
||||
__declspec(dllexport) long LengthDisassembleEx(HANDLE hProcess, LPVOID DisassmAddress);
|
||||
__declspec(dllexport) long LengthDisassemble(LPVOID DisassmAddress);
|
||||
__declspec(dllexport) void* InitDebug(char* szFileName, char* szCommandLine, char* szCurrentFolder);
|
||||
__declspec(dllexport) void* InitDebugW(wchar_t* szFileName, wchar_t* szCommandLine, wchar_t* szCurrentFolder);
|
||||
__declspec(dllexport) void* InitDebugEx(char* szFileName, char* szCommandLine, char* szCurrentFolder, LPVOID EntryCallBack);
|
||||
__declspec(dllexport) void* InitDebugExW(wchar_t* szFileName, wchar_t* szCommandLine, wchar_t* szCurrentFolder, LPVOID EntryCallBack);
|
||||
__declspec(dllexport) void* InitDLLDebug(char* szFileName, bool ReserveModuleBase, char* szCommandLine, char* szCurrentFolder, LPVOID EntryCallBack);
|
||||
__declspec(dllexport) void* InitDLLDebugW(wchar_t* szFileName, bool ReserveModuleBase, wchar_t* szCommandLine, wchar_t* szCurrentFolder, LPVOID EntryCallBack);
|
||||
__declspec(dllexport) bool StopDebug();
|
||||
__declspec(dllexport) void SetBPXOptions(long DefaultBreakPointType);
|
||||
__declspec(dllexport) bool IsBPXEnabled(ULONG_PTR bpxAddress);
|
||||
__declspec(dllexport) bool EnableBPX(ULONG_PTR bpxAddress);
|
||||
__declspec(dllexport) bool DisableBPX(ULONG_PTR bpxAddress);
|
||||
__declspec(dllexport) bool SetBPX(ULONG_PTR bpxAddress, DWORD bpxType, LPVOID bpxCallBack);
|
||||
__declspec(dllexport) bool SetBPXEx(ULONG_PTR bpxAddress, DWORD bpxType, DWORD NumberOfExecution, DWORD CmpRegister, DWORD CmpCondition, ULONG_PTR CmpValue, LPVOID bpxCallBack, LPVOID bpxCompareCallBack, LPVOID bpxRemoveCallBack);
|
||||
__declspec(dllexport) bool DeleteBPX(ULONG_PTR bpxAddress);
|
||||
__declspec(dllexport) bool SafeDeleteBPX(ULONG_PTR bpxAddress);
|
||||
__declspec(dllexport) bool SetAPIBreakPoint(char* szDLLName, char* szAPIName, DWORD bpxType, DWORD bpxPlace, LPVOID bpxCallBack);
|
||||
__declspec(dllexport) bool DeleteAPIBreakPoint(char* szDLLName, char* szAPIName, DWORD bpxPlace);
|
||||
__declspec(dllexport) bool SafeDeleteAPIBreakPoint(char* szDLLName, char* szAPIName, DWORD bpxPlace);
|
||||
__declspec(dllexport) bool SetMemoryBPX(ULONG_PTR MemoryStart, DWORD SizeOfMemory, LPVOID bpxCallBack);
|
||||
__declspec(dllexport) bool SetMemoryBPXEx(ULONG_PTR MemoryStart, DWORD SizeOfMemory, DWORD BreakPointType, bool RestoreOnHit, LPVOID bpxCallBack);
|
||||
__declspec(dllexport) bool RemoveMemoryBPX(ULONG_PTR MemoryStart, DWORD SizeOfMemory);
|
||||
__declspec(dllexport) bool GetContextFPUDataEx(HANDLE hActiveThread, void* FPUSaveArea);
|
||||
__declspec(dllexport) long long GetContextDataEx(HANDLE hActiveThread, DWORD IndexOfRegister);
|
||||
__declspec(dllexport) long long GetContextData(DWORD IndexOfRegister);
|
||||
__declspec(dllexport) bool SetContextFPUDataEx(HANDLE hActiveThread, void* FPUSaveArea);
|
||||
__declspec(dllexport) bool SetContextDataEx(HANDLE hActiveThread, DWORD IndexOfRegister, ULONG_PTR NewRegisterValue);
|
||||
__declspec(dllexport) bool SetContextData(DWORD IndexOfRegister, ULONG_PTR NewRegisterValue);
|
||||
__declspec(dllexport) void ClearExceptionNumber();
|
||||
__declspec(dllexport) long CurrentExceptionNumber();
|
||||
__declspec(dllexport) bool MatchPatternEx(HANDLE hProcess, void* MemoryToCheck, int SizeOfMemoryToCheck, void* PatternToMatch, int SizeOfPatternToMatch, PBYTE WildCard);
|
||||
__declspec(dllexport) bool MatchPattern(void* MemoryToCheck, int SizeOfMemoryToCheck, void* PatternToMatch, int SizeOfPatternToMatch, PBYTE WildCard);
|
||||
__declspec(dllexport) long long FindEx(HANDLE hProcess, LPVOID MemoryStart, DWORD MemorySize, LPVOID SearchPattern, DWORD PatternSize, LPBYTE WildCard);
|
||||
extern "C" __declspec(dllexport) long long Find(LPVOID MemoryStart, DWORD MemorySize, LPVOID SearchPattern, DWORD PatternSize, LPBYTE WildCard);
|
||||
__declspec(dllexport) bool FillEx(HANDLE hProcess, LPVOID MemoryStart, DWORD MemorySize, PBYTE FillByte);
|
||||
__declspec(dllexport) bool Fill(LPVOID MemoryStart, DWORD MemorySize, PBYTE FillByte);
|
||||
__declspec(dllexport) bool PatchEx(HANDLE hProcess, LPVOID MemoryStart, DWORD MemorySize, LPVOID ReplacePattern, DWORD ReplaceSize, bool AppendNOP, bool PrependNOP);
|
||||
__declspec(dllexport) bool Patch(LPVOID MemoryStart, DWORD MemorySize, LPVOID ReplacePattern, DWORD ReplaceSize, bool AppendNOP, bool PrependNOP);
|
||||
__declspec(dllexport) bool ReplaceEx(HANDLE hProcess, LPVOID MemoryStart, DWORD MemorySize, LPVOID SearchPattern, DWORD PatternSize, DWORD NumberOfRepetitions, LPVOID ReplacePattern, DWORD ReplaceSize, PBYTE WildCard);
|
||||
__declspec(dllexport) bool Replace(LPVOID MemoryStart, DWORD MemorySize, LPVOID SearchPattern, DWORD PatternSize, DWORD NumberOfRepetitions, LPVOID ReplacePattern, DWORD ReplaceSize, PBYTE WildCard);
|
||||
__declspec(dllexport) void* GetDebugData();
|
||||
__declspec(dllexport) void* GetTerminationData();
|
||||
__declspec(dllexport) long GetExitCode();
|
||||
__declspec(dllexport) long long GetDebuggedDLLBaseAddress();
|
||||
__declspec(dllexport) unsigned long long GetDebuggedFileBaseAddress();
|
||||
__declspec(dllexport) bool GetRemoteString(HANDLE hProcess, LPVOID StringAddress, LPVOID StringStorage, int MaximumStringSize);
|
||||
__declspec(dllexport) long long GetFunctionParameter(HANDLE hProcess, DWORD FunctionType, DWORD ParameterNumber, DWORD ParameterType);
|
||||
__declspec(dllexport) long long GetJumpDestinationEx(HANDLE hProcess, ULONG_PTR InstructionAddress, bool JustJumps);
|
||||
__declspec(dllexport) long long GetJumpDestination(HANDLE hProcess, ULONG_PTR InstructionAddress);
|
||||
__declspec(dllexport) bool IsJumpGoingToExecuteEx(HANDLE hProcess, HANDLE hThread, ULONG_PTR InstructionAddress, ULONG_PTR RegFlags);
|
||||
__declspec(dllexport) bool IsJumpGoingToExecute();
|
||||
__declspec(dllexport) void SetCustomHandler(DWORD ExceptionId, LPVOID CallBack);
|
||||
__declspec(dllexport) void ForceClose();
|
||||
__declspec(dllexport) void StepInto(LPVOID traceCallBack);
|
||||
__declspec(dllexport) void StepOver(LPVOID traceCallBack);
|
||||
__declspec(dllexport) void SingleStep(DWORD StepCount, LPVOID StepCallBack);
|
||||
__declspec(dllexport) bool GetUnusedHardwareBreakPointRegister(LPDWORD RegisterIndex);
|
||||
__declspec(dllexport) bool SetHardwareBreakPointEx(HANDLE hActiveThread, ULONG_PTR bpxAddress, DWORD IndexOfRegister, DWORD bpxType, DWORD bpxSize, LPVOID bpxCallBack, LPDWORD IndexOfSelectedRegister);
|
||||
__declspec(dllexport) bool SetHardwareBreakPoint(ULONG_PTR bpxAddress, DWORD IndexOfRegister, DWORD bpxType, DWORD bpxSize, LPVOID bpxCallBack);
|
||||
__declspec(dllexport) bool DeleteHardwareBreakPoint(DWORD IndexOfRegister);
|
||||
__declspec(dllexport) bool RemoveAllBreakPoints(DWORD RemoveOption);
|
||||
__declspec(dllexport) void* GetProcessInformation();
|
||||
__declspec(dllexport) void* GetStartupInformation();
|
||||
__declspec(dllexport) void DebugLoop();
|
||||
__declspec(dllexport) void SetDebugLoopTimeOut(DWORD TimeOut);
|
||||
__declspec(dllexport) void SetNextDbgContinueStatus(DWORD SetDbgCode);
|
||||
__declspec(dllexport) bool AttachDebugger(DWORD ProcessId, bool KillOnExit, LPVOID DebugInfo, LPVOID CallBack);
|
||||
__declspec(dllexport) bool DetachDebugger(DWORD ProcessId);
|
||||
__declspec(dllexport) bool DetachDebuggerEx(DWORD ProcessId);
|
||||
__declspec(dllexport) void DebugLoopEx(DWORD TimeOut);
|
||||
__declspec(dllexport) void AutoDebugEx(char* szFileName, bool ReserveModuleBase, char* szCommandLine, char* szCurrentFolder, DWORD TimeOut, LPVOID EntryCallBack);
|
||||
__declspec(dllexport) void AutoDebugExW(wchar_t* szFileName, bool ReserveModuleBase, wchar_t* szCommandLine, wchar_t* szCurrentFolder, DWORD TimeOut, LPVOID EntryCallBack);
|
||||
__declspec(dllexport) bool IsFileBeingDebugged();
|
||||
__declspec(dllexport) void SetErrorModel(bool DisplayErrorMessages);
|
||||
// TitanEngine.FindOEP.functions:
|
||||
__declspec(dllexport) void __stdcall FindOEPInit();
|
||||
__declspec(dllexport) bool __stdcall FindOEPGenerically(char* szFileName, LPVOID TraceInitCallBack, LPVOID CallBack);
|
||||
__declspec(dllexport) bool __stdcall FindOEPGenericallyW(wchar_t* szFileName, LPVOID TraceInitCallBack, LPVOID CallBack);
|
||||
__declspec(dllexport) void FindOEPInit();
|
||||
__declspec(dllexport) bool FindOEPGenerically(char* szFileName, LPVOID TraceInitCallBack, LPVOID CallBack);
|
||||
__declspec(dllexport) bool FindOEPGenericallyW(wchar_t* szFileName, LPVOID TraceInitCallBack, LPVOID CallBack);
|
||||
// TitanEngine.Importer.functions:
|
||||
__declspec(dllexport) void __stdcall ImporterCleanup();
|
||||
__declspec(dllexport) void __stdcall ImporterSetImageBase(ULONG_PTR ImageBase);
|
||||
__declspec(dllexport) void __stdcall ImporterSetUnknownDelta(ULONG_PTR DeltaAddress);
|
||||
__declspec(dllexport) long long __stdcall ImporterGetCurrentDelta();
|
||||
__declspec(dllexport) void __stdcall ImporterInit(DWORD MemorySize, ULONG_PTR ImageBase);
|
||||
__declspec(dllexport) void __stdcall ImporterAddNewDll(char* szDLLName, ULONG_PTR FirstThunk);
|
||||
__declspec(dllexport) void __stdcall ImporterAddNewAPI(char* szAPIName, ULONG_PTR ThunkValue);
|
||||
__declspec(dllexport) void __stdcall ImporterAddNewOrdinalAPI(ULONG_PTR OrdinalNumber, ULONG_PTR ThunkValue);
|
||||
__declspec(dllexport) long __stdcall ImporterGetAddedDllCount();
|
||||
__declspec(dllexport) long __stdcall ImporterGetAddedAPICount();
|
||||
__declspec(dllexport) void* __stdcall ImporterGetLastAddedDLLName();
|
||||
__declspec(dllexport) void __stdcall ImporterMoveIAT();
|
||||
__declspec(dllexport) bool __stdcall ImporterExportIAT(ULONG_PTR StorePlace, ULONG_PTR FileMapVA);
|
||||
__declspec(dllexport) long __stdcall ImporterEstimatedSize();
|
||||
__declspec(dllexport) bool __stdcall ImporterExportIATEx(char* szExportFileName, char* szSectionName);
|
||||
__declspec(dllexport) bool __stdcall ImporterExportIATExW(wchar_t* szExportFileName, char* szSectionName);
|
||||
__declspec(dllexport) long long __stdcall ImporterFindAPIWriteLocation(char* szAPIName);
|
||||
__declspec(dllexport) long long __stdcall ImporterFindOrdinalAPIWriteLocation(ULONG_PTR OrdinalNumber);
|
||||
__declspec(dllexport) long long __stdcall ImporterFindAPIByWriteLocation(ULONG_PTR APIWriteLocation);
|
||||
__declspec(dllexport) long long __stdcall ImporterFindDLLByWriteLocation(ULONG_PTR APIWriteLocation);
|
||||
__declspec(dllexport) void* __stdcall ImporterGetDLLName(ULONG_PTR APIAddress);
|
||||
__declspec(dllexport) void* __stdcall ImporterGetAPIName(ULONG_PTR APIAddress);
|
||||
__declspec(dllexport) long long __stdcall ImporterGetAPIOrdinalNumber(ULONG_PTR APIAddress);
|
||||
__declspec(dllexport) void* __stdcall ImporterGetAPINameEx(ULONG_PTR APIAddress, ULONG_PTR DLLBasesList);
|
||||
__declspec(dllexport) long long __stdcall ImporterGetRemoteAPIAddress(HANDLE hProcess, ULONG_PTR APIAddress);
|
||||
__declspec(dllexport) long long __stdcall ImporterGetRemoteAPIAddressEx(char* szDLLName, char* szAPIName);
|
||||
__declspec(dllexport) long long __stdcall ImporterGetLocalAPIAddress(HANDLE hProcess, ULONG_PTR APIAddress);
|
||||
__declspec(dllexport) void* __stdcall ImporterGetDLLNameFromDebugee(HANDLE hProcess, ULONG_PTR APIAddress);
|
||||
__declspec(dllexport) void* __stdcall ImporterGetAPINameFromDebugee(HANDLE hProcess, ULONG_PTR APIAddress);
|
||||
__declspec(dllexport) long long __stdcall ImporterGetAPIOrdinalNumberFromDebugee(HANDLE hProcess, ULONG_PTR APIAddress);
|
||||
__declspec(dllexport) long __stdcall ImporterGetDLLIndexEx(ULONG_PTR APIAddress, ULONG_PTR DLLBasesList);
|
||||
__declspec(dllexport) long __stdcall ImporterGetDLLIndex(HANDLE hProcess, ULONG_PTR APIAddress, ULONG_PTR DLLBasesList);
|
||||
__declspec(dllexport) long long __stdcall ImporterGetRemoteDLLBase(HANDLE hProcess, HMODULE LocalModuleBase);
|
||||
__declspec(dllexport) bool __stdcall ImporterRelocateWriteLocation(ULONG_PTR AddValue);
|
||||
__declspec(dllexport) bool __stdcall ImporterIsForwardedAPI(HANDLE hProcess, ULONG_PTR APIAddress);
|
||||
__declspec(dllexport) void* __stdcall ImporterGetForwardedAPIName(HANDLE hProcess, ULONG_PTR APIAddress);
|
||||
__declspec(dllexport) void* __stdcall ImporterGetForwardedDLLName(HANDLE hProcess, ULONG_PTR APIAddress);
|
||||
__declspec(dllexport) long __stdcall ImporterGetForwardedDLLIndex(HANDLE hProcess, ULONG_PTR APIAddress, ULONG_PTR DLLBasesList);
|
||||
__declspec(dllexport) long long __stdcall ImporterGetForwardedAPIOrdinalNumber(HANDLE hProcess, ULONG_PTR APIAddress);
|
||||
__declspec(dllexport) long long __stdcall ImporterGetNearestAPIAddress(HANDLE hProcess, ULONG_PTR APIAddress);
|
||||
__declspec(dllexport) void* __stdcall ImporterGetNearestAPIName(HANDLE hProcess, ULONG_PTR APIAddress);
|
||||
__declspec(dllexport) bool __stdcall ImporterCopyOriginalIAT(char* szOriginalFile, char* szDumpFile);
|
||||
__declspec(dllexport) bool __stdcall ImporterCopyOriginalIATW(wchar_t* szOriginalFile, wchar_t* szDumpFile);
|
||||
__declspec(dllexport) bool __stdcall ImporterLoadImportTable(char* szFileName);
|
||||
__declspec(dllexport) bool __stdcall ImporterLoadImportTableW(wchar_t* szFileName);
|
||||
__declspec(dllexport) bool __stdcall ImporterMoveOriginalIAT(char* szOriginalFile, char* szDumpFile, char* szSectionName);
|
||||
__declspec(dllexport) bool __stdcall ImporterMoveOriginalIATW(wchar_t* szOriginalFile, wchar_t* szDumpFile, char* szSectionName);
|
||||
__declspec(dllexport) void __stdcall ImporterAutoSearchIAT(HANDLE hProcess, char* szFileName, ULONG_PTR ImageBase, ULONG_PTR SearchStart, DWORD SearchSize, LPVOID pIATStart, LPVOID pIATSize);
|
||||
__declspec(dllexport) void __stdcall ImporterAutoSearchIATW(HANDLE hProcess, wchar_t* szFileName, ULONG_PTR ImageBase, ULONG_PTR SearchStart, DWORD SearchSize, LPVOID pIATStart, LPVOID pIATSize);
|
||||
__declspec(dllexport) void __stdcall ImporterAutoSearchIATEx(HANDLE hProcess, ULONG_PTR ImageBase, ULONG_PTR SearchStart, DWORD SearchSize, LPVOID pIATStart, LPVOID pIATSize);
|
||||
__declspec(dllexport) void __stdcall ImporterEnumAddedData(LPVOID EnumCallBack);
|
||||
__declspec(dllexport) long __stdcall ImporterAutoFixIATEx(HANDLE hProcess, char* szDumpedFile, char* szSectionName, bool DumpRunningProcess, bool RealignFile, ULONG_PTR EntryPointAddress, ULONG_PTR ImageBase, ULONG_PTR SearchStart, DWORD SearchSize, DWORD SearchStep, bool TryAutoFix, bool FixEliminations, LPVOID UnknownPointerFixCallback);
|
||||
__declspec(dllexport) long __stdcall ImporterAutoFixIATExW(HANDLE hProcess, wchar_t* szDumpedFile, char* szSectionName, bool DumpRunningProcess, bool RealignFile, ULONG_PTR EntryPointAddress, ULONG_PTR ImageBase, ULONG_PTR SearchStart, DWORD SearchSize, DWORD SearchStep, bool TryAutoFix, bool FixEliminations, LPVOID UnknownPointerFixCallback);
|
||||
__declspec(dllexport) long __stdcall ImporterAutoFixIAT(HANDLE hProcess, char* szDumpedFile, ULONG_PTR ImageBase, ULONG_PTR SearchStart, DWORD SearchSize, DWORD SearchStep);
|
||||
__declspec(dllexport) long __stdcall ImporterAutoFixIATW(HANDLE hProcess, wchar_t* szDumpedFile, ULONG_PTR ImageBase, ULONG_PTR SearchStart, DWORD SearchSize, DWORD SearchStep);
|
||||
__declspec(dllexport) void ImporterCleanup();
|
||||
__declspec(dllexport) void ImporterSetImageBase(ULONG_PTR ImageBase);
|
||||
__declspec(dllexport) void ImporterSetUnknownDelta(ULONG_PTR DeltaAddress);
|
||||
__declspec(dllexport) long long ImporterGetCurrentDelta();
|
||||
__declspec(dllexport) void ImporterInit(DWORD MemorySize, ULONG_PTR ImageBase);
|
||||
__declspec(dllexport) void ImporterAddNewDll(char* szDLLName, ULONG_PTR FirstThunk);
|
||||
__declspec(dllexport) void ImporterAddNewAPI(char* szAPIName, ULONG_PTR ThunkValue);
|
||||
__declspec(dllexport) void ImporterAddNewOrdinalAPI(ULONG_PTR OrdinalNumber, ULONG_PTR ThunkValue);
|
||||
__declspec(dllexport) long ImporterGetAddedDllCount();
|
||||
__declspec(dllexport) long ImporterGetAddedAPICount();
|
||||
__declspec(dllexport) void* ImporterGetLastAddedDLLName();
|
||||
__declspec(dllexport) void ImporterMoveIAT();
|
||||
__declspec(dllexport) bool ImporterExportIAT(ULONG_PTR StorePlace, ULONG_PTR FileMapVA);
|
||||
__declspec(dllexport) long ImporterEstimatedSize();
|
||||
__declspec(dllexport) bool ImporterExportIATEx(char* szExportFileName, char* szSectionName);
|
||||
__declspec(dllexport) bool ImporterExportIATExW(wchar_t* szExportFileName, char* szSectionName);
|
||||
__declspec(dllexport) long long ImporterFindAPIWriteLocation(char* szAPIName);
|
||||
__declspec(dllexport) long long ImporterFindOrdinalAPIWriteLocation(ULONG_PTR OrdinalNumber);
|
||||
__declspec(dllexport) long long ImporterFindAPIByWriteLocation(ULONG_PTR APIWriteLocation);
|
||||
__declspec(dllexport) long long ImporterFindDLLByWriteLocation(ULONG_PTR APIWriteLocation);
|
||||
__declspec(dllexport) void* ImporterGetDLLName(ULONG_PTR APIAddress);
|
||||
__declspec(dllexport) void* ImporterGetAPIName(ULONG_PTR APIAddress);
|
||||
__declspec(dllexport) long long ImporterGetAPIOrdinalNumber(ULONG_PTR APIAddress);
|
||||
__declspec(dllexport) void* ImporterGetAPINameEx(ULONG_PTR APIAddress, ULONG_PTR DLLBasesList);
|
||||
__declspec(dllexport) long long ImporterGetRemoteAPIAddress(HANDLE hProcess, ULONG_PTR APIAddress);
|
||||
__declspec(dllexport) long long ImporterGetRemoteAPIAddressEx(char* szDLLName, char* szAPIName);
|
||||
__declspec(dllexport) long long ImporterGetLocalAPIAddress(HANDLE hProcess, ULONG_PTR APIAddress);
|
||||
__declspec(dllexport) void* ImporterGetDLLNameFromDebugee(HANDLE hProcess, ULONG_PTR APIAddress);
|
||||
__declspec(dllexport) void* ImporterGetAPINameFromDebugee(HANDLE hProcess, ULONG_PTR APIAddress);
|
||||
__declspec(dllexport) long long ImporterGetAPIOrdinalNumberFromDebugee(HANDLE hProcess, ULONG_PTR APIAddress);
|
||||
__declspec(dllexport) long ImporterGetDLLIndexEx(ULONG_PTR APIAddress, ULONG_PTR DLLBasesList);
|
||||
__declspec(dllexport) long ImporterGetDLLIndex(HANDLE hProcess, ULONG_PTR APIAddress, ULONG_PTR DLLBasesList);
|
||||
__declspec(dllexport) long long ImporterGetRemoteDLLBase(HANDLE hProcess, HMODULE LocalModuleBase);
|
||||
__declspec(dllexport) bool ImporterRelocateWriteLocation(ULONG_PTR AddValue);
|
||||
__declspec(dllexport) bool ImporterIsForwardedAPI(HANDLE hProcess, ULONG_PTR APIAddress);
|
||||
__declspec(dllexport) void* ImporterGetForwardedAPIName(HANDLE hProcess, ULONG_PTR APIAddress);
|
||||
__declspec(dllexport) void* ImporterGetForwardedDLLName(HANDLE hProcess, ULONG_PTR APIAddress);
|
||||
__declspec(dllexport) long ImporterGetForwardedDLLIndex(HANDLE hProcess, ULONG_PTR APIAddress, ULONG_PTR DLLBasesList);
|
||||
__declspec(dllexport) long long ImporterGetForwardedAPIOrdinalNumber(HANDLE hProcess, ULONG_PTR APIAddress);
|
||||
__declspec(dllexport) long long ImporterGetNearestAPIAddress(HANDLE hProcess, ULONG_PTR APIAddress);
|
||||
__declspec(dllexport) void* ImporterGetNearestAPIName(HANDLE hProcess, ULONG_PTR APIAddress);
|
||||
__declspec(dllexport) bool ImporterCopyOriginalIAT(char* szOriginalFile, char* szDumpFile);
|
||||
__declspec(dllexport) bool ImporterCopyOriginalIATW(wchar_t* szOriginalFile, wchar_t* szDumpFile);
|
||||
__declspec(dllexport) bool ImporterLoadImportTable(char* szFileName);
|
||||
__declspec(dllexport) bool ImporterLoadImportTableW(wchar_t* szFileName);
|
||||
__declspec(dllexport) bool ImporterMoveOriginalIAT(char* szOriginalFile, char* szDumpFile, char* szSectionName);
|
||||
__declspec(dllexport) bool ImporterMoveOriginalIATW(wchar_t* szOriginalFile, wchar_t* szDumpFile, char* szSectionName);
|
||||
__declspec(dllexport) void ImporterAutoSearchIAT(HANDLE hProcess, char* szFileName, ULONG_PTR ImageBase, ULONG_PTR SearchStart, DWORD SearchSize, LPVOID pIATStart, LPVOID pIATSize);
|
||||
__declspec(dllexport) void ImporterAutoSearchIATW(HANDLE hProcess, wchar_t* szFileName, ULONG_PTR ImageBase, ULONG_PTR SearchStart, DWORD SearchSize, LPVOID pIATStart, LPVOID pIATSize);
|
||||
__declspec(dllexport) void ImporterAutoSearchIATEx(HANDLE hProcess, ULONG_PTR ImageBase, ULONG_PTR SearchStart, DWORD SearchSize, LPVOID pIATStart, LPVOID pIATSize);
|
||||
__declspec(dllexport) void ImporterEnumAddedData(LPVOID EnumCallBack);
|
||||
__declspec(dllexport) long ImporterAutoFixIATEx(HANDLE hProcess, char* szDumpedFile, char* szSectionName, bool DumpRunningProcess, bool RealignFile, ULONG_PTR EntryPointAddress, ULONG_PTR ImageBase, ULONG_PTR SearchStart, DWORD SearchSize, DWORD SearchStep, bool TryAutoFix, bool FixEliminations, LPVOID UnknownPointerFixCallback);
|
||||
__declspec(dllexport) long ImporterAutoFixIATExW(HANDLE hProcess, wchar_t* szDumpedFile, char* szSectionName, bool DumpRunningProcess, bool RealignFile, ULONG_PTR EntryPointAddress, ULONG_PTR ImageBase, ULONG_PTR SearchStart, DWORD SearchSize, DWORD SearchStep, bool TryAutoFix, bool FixEliminations, LPVOID UnknownPointerFixCallback);
|
||||
__declspec(dllexport) long ImporterAutoFixIAT(HANDLE hProcess, char* szDumpedFile, ULONG_PTR ImageBase, ULONG_PTR SearchStart, DWORD SearchSize, DWORD SearchStep);
|
||||
__declspec(dllexport) long ImporterAutoFixIATW(HANDLE hProcess, wchar_t* szDumpedFile, ULONG_PTR ImageBase, ULONG_PTR SearchStart, DWORD SearchSize, DWORD SearchStep);
|
||||
// Global.Engine.Hook.functions:
|
||||
__declspec(dllexport) bool __stdcall HooksSafeTransitionEx(LPVOID HookAddressArray, int NumberOfHooks, bool TransitionStart);
|
||||
__declspec(dllexport) bool __stdcall HooksSafeTransition(LPVOID HookAddress, bool TransitionStart);
|
||||
__declspec(dllexport) bool __stdcall HooksIsAddressRedirected(LPVOID HookAddress);
|
||||
__declspec(dllexport) void* __stdcall HooksGetTrampolineAddress(LPVOID HookAddress);
|
||||
__declspec(dllexport) void* __stdcall HooksGetHookEntryDetails(LPVOID HookAddress);
|
||||
__declspec(dllexport) bool __stdcall HooksInsertNewRedirection(LPVOID HookAddress, LPVOID RedirectTo, int HookType);
|
||||
__declspec(dllexport) bool __stdcall HooksInsertNewIATRedirectionEx(ULONG_PTR FileMapVA, ULONG_PTR LoadedModuleBase, char* szHookFunction, LPVOID RedirectTo);
|
||||
__declspec(dllexport) bool __stdcall HooksInsertNewIATRedirection(char* szModuleName, char* szHookFunction, LPVOID RedirectTo);
|
||||
__declspec(dllexport) bool __stdcall HooksRemoveRedirection(LPVOID HookAddress, bool RemoveAll);
|
||||
__declspec(dllexport) bool __stdcall HooksRemoveRedirectionsForModule(HMODULE ModuleBase);
|
||||
__declspec(dllexport) bool __stdcall HooksRemoveIATRedirection(char* szModuleName, char* szHookFunction, bool RemoveAll);
|
||||
__declspec(dllexport) bool __stdcall HooksDisableRedirection(LPVOID HookAddress, bool DisableAll);
|
||||
__declspec(dllexport) bool __stdcall HooksDisableRedirectionsForModule(HMODULE ModuleBase);
|
||||
__declspec(dllexport) bool __stdcall HooksDisableIATRedirection(char* szModuleName, char* szHookFunction, bool DisableAll);
|
||||
__declspec(dllexport) bool __stdcall HooksEnableRedirection(LPVOID HookAddress, bool EnableAll);
|
||||
__declspec(dllexport) bool __stdcall HooksEnableRedirectionsForModule(HMODULE ModuleBase);
|
||||
__declspec(dllexport) bool __stdcall HooksEnableIATRedirection(char* szModuleName, char* szHookFunction, bool EnableAll);
|
||||
__declspec(dllexport) void __stdcall HooksScanModuleMemory(HMODULE ModuleBase, LPVOID CallBack);
|
||||
__declspec(dllexport) void __stdcall HooksScanEntireProcessMemory(LPVOID CallBack);
|
||||
__declspec(dllexport) void __stdcall HooksScanEntireProcessMemoryEx();
|
||||
__declspec(dllexport) bool HooksSafeTransitionEx(LPVOID HookAddressArray, int NumberOfHooks, bool TransitionStart);
|
||||
__declspec(dllexport) bool HooksSafeTransition(LPVOID HookAddress, bool TransitionStart);
|
||||
__declspec(dllexport) bool HooksIsAddressRedirected(LPVOID HookAddress);
|
||||
__declspec(dllexport) void* HooksGetTrampolineAddress(LPVOID HookAddress);
|
||||
__declspec(dllexport) void* HooksGetHookEntryDetails(LPVOID HookAddress);
|
||||
__declspec(dllexport) bool HooksInsertNewRedirection(LPVOID HookAddress, LPVOID RedirectTo, int HookType);
|
||||
__declspec(dllexport) bool HooksInsertNewIATRedirectionEx(ULONG_PTR FileMapVA, ULONG_PTR LoadedModuleBase, char* szHookFunction, LPVOID RedirectTo);
|
||||
__declspec(dllexport) bool HooksInsertNewIATRedirection(char* szModuleName, char* szHookFunction, LPVOID RedirectTo);
|
||||
__declspec(dllexport) bool HooksRemoveRedirection(LPVOID HookAddress, bool RemoveAll);
|
||||
__declspec(dllexport) bool HooksRemoveRedirectionsForModule(HMODULE ModuleBase);
|
||||
__declspec(dllexport) bool HooksRemoveIATRedirection(char* szModuleName, char* szHookFunction, bool RemoveAll);
|
||||
__declspec(dllexport) bool HooksDisableRedirection(LPVOID HookAddress, bool DisableAll);
|
||||
__declspec(dllexport) bool HooksDisableRedirectionsForModule(HMODULE ModuleBase);
|
||||
__declspec(dllexport) bool HooksDisableIATRedirection(char* szModuleName, char* szHookFunction, bool DisableAll);
|
||||
__declspec(dllexport) bool HooksEnableRedirection(LPVOID HookAddress, bool EnableAll);
|
||||
__declspec(dllexport) bool HooksEnableRedirectionsForModule(HMODULE ModuleBase);
|
||||
__declspec(dllexport) bool HooksEnableIATRedirection(char* szModuleName, char* szHookFunction, bool EnableAll);
|
||||
__declspec(dllexport) void HooksScanModuleMemory(HMODULE ModuleBase, LPVOID CallBack);
|
||||
__declspec(dllexport) void HooksScanEntireProcessMemory(LPVOID CallBack);
|
||||
__declspec(dllexport) void HooksScanEntireProcessMemoryEx();
|
||||
// TitanEngine.Tracer.functions:
|
||||
__declspec(dllexport) void __stdcall TracerInit();
|
||||
__declspec(dllexport) long long __stdcall TracerLevel1(HANDLE hProcess, ULONG_PTR AddressToTrace);
|
||||
__declspec(dllexport) long long __stdcall HashTracerLevel1(HANDLE hProcess, ULONG_PTR AddressToTrace, DWORD InputNumberOfInstructions);
|
||||
__declspec(dllexport) long __stdcall TracerDetectRedirection(HANDLE hProcess, ULONG_PTR AddressToTrace);
|
||||
__declspec(dllexport) long long __stdcall TracerFixKnownRedirection(HANDLE hProcess, ULONG_PTR AddressToTrace, DWORD RedirectionId);
|
||||
__declspec(dllexport) long long __stdcall TracerFixRedirectionViaModule(HMODULE hModuleHandle, HANDLE hProcess, ULONG_PTR AddressToTrace, DWORD IdParameter);
|
||||
__declspec(dllexport) long __stdcall TracerFixRedirectionViaImpRecPlugin(HANDLE hProcess, char* szPluginName, ULONG_PTR AddressToTrace);
|
||||
__declspec(dllexport) void TracerInit();
|
||||
__declspec(dllexport) long long TracerLevel1(HANDLE hProcess, ULONG_PTR AddressToTrace);
|
||||
__declspec(dllexport) long long HashTracerLevel1(HANDLE hProcess, ULONG_PTR AddressToTrace, DWORD InputNumberOfInstructions);
|
||||
__declspec(dllexport) long TracerDetectRedirection(HANDLE hProcess, ULONG_PTR AddressToTrace);
|
||||
__declspec(dllexport) long long TracerFixKnownRedirection(HANDLE hProcess, ULONG_PTR AddressToTrace, DWORD RedirectionId);
|
||||
__declspec(dllexport) long long TracerFixRedirectionViaModule(HMODULE hModuleHandle, HANDLE hProcess, ULONG_PTR AddressToTrace, DWORD IdParameter);
|
||||
__declspec(dllexport) long TracerFixRedirectionViaImpRecPlugin(HANDLE hProcess, char* szPluginName, ULONG_PTR AddressToTrace);
|
||||
// TitanEngine.Exporter.functions:
|
||||
__declspec(dllexport) void __stdcall ExporterCleanup();
|
||||
__declspec(dllexport) void __stdcall ExporterSetImageBase(ULONG_PTR ImageBase);
|
||||
__declspec(dllexport) void __stdcall ExporterInit(DWORD MemorySize, ULONG_PTR ImageBase, DWORD ExportOrdinalBase, char* szExportModuleName);
|
||||
__declspec(dllexport) bool __stdcall ExporterAddNewExport(char* szExportName, DWORD ExportRelativeAddress);
|
||||
__declspec(dllexport) bool __stdcall ExporterAddNewOrdinalExport(DWORD OrdinalNumber, DWORD ExportRelativeAddress);
|
||||
__declspec(dllexport) long __stdcall ExporterGetAddedExportCount();
|
||||
__declspec(dllexport) long __stdcall ExporterEstimatedSize();
|
||||
__declspec(dllexport) bool __stdcall ExporterBuildExportTable(ULONG_PTR StorePlace, ULONG_PTR FileMapVA);
|
||||
__declspec(dllexport) bool __stdcall ExporterBuildExportTableEx(char* szExportFileName, char* szSectionName);
|
||||
__declspec(dllexport) bool __stdcall ExporterBuildExportTableExW(wchar_t* szExportFileName, char* szSectionName);
|
||||
__declspec(dllexport) bool __stdcall ExporterLoadExportTable(char* szFileName);
|
||||
__declspec(dllexport) bool __stdcall ExporterLoadExportTableW(wchar_t* szFileName);
|
||||
__declspec(dllexport) void ExporterCleanup();
|
||||
__declspec(dllexport) void ExporterSetImageBase(ULONG_PTR ImageBase);
|
||||
__declspec(dllexport) void ExporterInit(DWORD MemorySize, ULONG_PTR ImageBase, DWORD ExportOrdinalBase, char* szExportModuleName);
|
||||
__declspec(dllexport) bool ExporterAddNewExport(char* szExportName, DWORD ExportRelativeAddress);
|
||||
__declspec(dllexport) bool ExporterAddNewOrdinalExport(DWORD OrdinalNumber, DWORD ExportRelativeAddress);
|
||||
__declspec(dllexport) long ExporterGetAddedExportCount();
|
||||
__declspec(dllexport) long ExporterEstimatedSize();
|
||||
__declspec(dllexport) bool ExporterBuildExportTable(ULONG_PTR StorePlace, ULONG_PTR FileMapVA);
|
||||
__declspec(dllexport) bool ExporterBuildExportTableEx(char* szExportFileName, char* szSectionName);
|
||||
__declspec(dllexport) bool ExporterBuildExportTableExW(wchar_t* szExportFileName, char* szSectionName);
|
||||
__declspec(dllexport) bool ExporterLoadExportTable(char* szFileName);
|
||||
__declspec(dllexport) bool ExporterLoadExportTableW(wchar_t* szFileName);
|
||||
// TitanEngine.Librarian.functions:
|
||||
__declspec(dllexport) bool __stdcall LibrarianSetBreakPoint(char* szLibraryName, DWORD bpxType, bool SingleShoot, LPVOID bpxCallBack);
|
||||
__declspec(dllexport) bool __stdcall LibrarianRemoveBreakPoint(char* szLibraryName, DWORD bpxType);
|
||||
__declspec(dllexport) void* __stdcall LibrarianGetLibraryInfo(char* szLibraryName);
|
||||
__declspec(dllexport) void* __stdcall LibrarianGetLibraryInfoW(wchar_t* szLibraryName);
|
||||
__declspec(dllexport) void* __stdcall LibrarianGetLibraryInfoEx(void* BaseOfDll);
|
||||
__declspec(dllexport) void* __stdcall LibrarianGetLibraryInfoExW(void* BaseOfDll);
|
||||
__declspec(dllexport) void __stdcall LibrarianEnumLibraryInfo(void* EnumCallBack);
|
||||
__declspec(dllexport) void __stdcall LibrarianEnumLibraryInfoW(void* EnumCallBack);
|
||||
__declspec(dllexport) bool LibrarianSetBreakPoint(char* szLibraryName, DWORD bpxType, bool SingleShoot, LPVOID bpxCallBack);
|
||||
__declspec(dllexport) bool LibrarianRemoveBreakPoint(char* szLibraryName, DWORD bpxType);
|
||||
__declspec(dllexport) void* LibrarianGetLibraryInfo(char* szLibraryName);
|
||||
__declspec(dllexport) void* LibrarianGetLibraryInfoW(wchar_t* szLibraryName);
|
||||
__declspec(dllexport) void* LibrarianGetLibraryInfoEx(void* BaseOfDll);
|
||||
__declspec(dllexport) void* LibrarianGetLibraryInfoExW(void* BaseOfDll);
|
||||
__declspec(dllexport) void LibrarianEnumLibraryInfo(void* EnumCallBack);
|
||||
__declspec(dllexport) void LibrarianEnumLibraryInfoW(void* EnumCallBack);
|
||||
// TitanEngine.Process.functions:
|
||||
__declspec(dllexport) long __stdcall GetActiveProcessId(char* szImageName);
|
||||
__declspec(dllexport) long __stdcall GetActiveProcessIdW(wchar_t* szImageName);
|
||||
__declspec(dllexport) void __stdcall EnumProcessesWithLibrary(char* szLibraryName, void* EnumFunction);
|
||||
__declspec(dllexport) long GetActiveProcessId(char* szImageName);
|
||||
__declspec(dllexport) long GetActiveProcessIdW(wchar_t* szImageName);
|
||||
__declspec(dllexport) void EnumProcessesWithLibrary(char* szLibraryName, void* EnumFunction);
|
||||
// TitanEngine.TLSFixer.functions:
|
||||
__declspec(dllexport) bool __stdcall TLSBreakOnCallBack(LPVOID ArrayOfCallBacks, DWORD NumberOfCallBacks, LPVOID bpxCallBack);
|
||||
__declspec(dllexport) bool __stdcall TLSGrabCallBackData(char* szFileName, LPVOID ArrayOfCallBacks, LPDWORD NumberOfCallBacks);
|
||||
__declspec(dllexport) bool __stdcall TLSGrabCallBackDataW(wchar_t* szFileName, LPVOID ArrayOfCallBacks, LPDWORD NumberOfCallBacks);
|
||||
__declspec(dllexport) bool __stdcall TLSBreakOnCallBackEx(char* szFileName, LPVOID bpxCallBack);
|
||||
__declspec(dllexport) bool __stdcall TLSBreakOnCallBackExW(wchar_t* szFileName, LPVOID bpxCallBack);
|
||||
__declspec(dllexport) bool __stdcall TLSRemoveCallback(char* szFileName);
|
||||
__declspec(dllexport) bool __stdcall TLSRemoveCallbackW(wchar_t* szFileName);
|
||||
__declspec(dllexport) bool __stdcall TLSRemoveTable(char* szFileName);
|
||||
__declspec(dllexport) bool __stdcall TLSRemoveTableW(wchar_t* szFileName);
|
||||
__declspec(dllexport) bool __stdcall TLSBackupData(char* szFileName);
|
||||
__declspec(dllexport) bool __stdcall TLSBackupDataW(wchar_t* szFileName);
|
||||
__declspec(dllexport) bool __stdcall TLSRestoreData();
|
||||
__declspec(dllexport) bool __stdcall TLSBuildNewTable(ULONG_PTR FileMapVA, ULONG_PTR StorePlace, ULONG_PTR StorePlaceRVA, LPVOID ArrayOfCallBacks, DWORD NumberOfCallBacks);
|
||||
__declspec(dllexport) bool __stdcall TLSBuildNewTableEx(char* szFileName, char* szSectionName, LPVOID ArrayOfCallBacks, DWORD NumberOfCallBacks);
|
||||
__declspec(dllexport) bool __stdcall TLSBuildNewTableExW(wchar_t* szFileName, char* szSectionName, LPVOID ArrayOfCallBacks, DWORD NumberOfCallBacks);
|
||||
__declspec(dllexport) bool TLSBreakOnCallBack(LPVOID ArrayOfCallBacks, DWORD NumberOfCallBacks, LPVOID bpxCallBack);
|
||||
__declspec(dllexport) bool TLSGrabCallBackData(char* szFileName, LPVOID ArrayOfCallBacks, LPDWORD NumberOfCallBacks);
|
||||
__declspec(dllexport) bool TLSGrabCallBackDataW(wchar_t* szFileName, LPVOID ArrayOfCallBacks, LPDWORD NumberOfCallBacks);
|
||||
__declspec(dllexport) bool TLSBreakOnCallBackEx(char* szFileName, LPVOID bpxCallBack);
|
||||
__declspec(dllexport) bool TLSBreakOnCallBackExW(wchar_t* szFileName, LPVOID bpxCallBack);
|
||||
__declspec(dllexport) bool TLSRemoveCallback(char* szFileName);
|
||||
__declspec(dllexport) bool TLSRemoveCallbackW(wchar_t* szFileName);
|
||||
__declspec(dllexport) bool TLSRemoveTable(char* szFileName);
|
||||
__declspec(dllexport) bool TLSRemoveTableW(wchar_t* szFileName);
|
||||
__declspec(dllexport) bool TLSBackupData(char* szFileName);
|
||||
__declspec(dllexport) bool TLSBackupDataW(wchar_t* szFileName);
|
||||
__declspec(dllexport) bool TLSRestoreData();
|
||||
__declspec(dllexport) bool TLSBuildNewTable(ULONG_PTR FileMapVA, ULONG_PTR StorePlace, ULONG_PTR StorePlaceRVA, LPVOID ArrayOfCallBacks, DWORD NumberOfCallBacks);
|
||||
__declspec(dllexport) bool TLSBuildNewTableEx(char* szFileName, char* szSectionName, LPVOID ArrayOfCallBacks, DWORD NumberOfCallBacks);
|
||||
__declspec(dllexport) bool TLSBuildNewTableExW(wchar_t* szFileName, char* szSectionName, LPVOID ArrayOfCallBacks, DWORD NumberOfCallBacks);
|
||||
// TitanEngine.TranslateName.functions:
|
||||
__declspec(dllexport) void* __stdcall TranslateNativeName(char* szNativeName);
|
||||
__declspec(dllexport) void* __stdcall TranslateNativeNameW(wchar_t* szNativeName);
|
||||
__declspec(dllexport) void* TranslateNativeName(char* szNativeName);
|
||||
__declspec(dllexport) void* TranslateNativeNameW(wchar_t* szNativeName);
|
||||
// TitanEngine.Handler.functions:
|
||||
__declspec(dllexport) long __stdcall HandlerGetActiveHandleCount(DWORD ProcessId);
|
||||
__declspec(dllexport) bool __stdcall HandlerIsHandleOpen(DWORD ProcessId, HANDLE hHandle);
|
||||
__declspec(dllexport) void* __stdcall HandlerGetHandleName(HANDLE hProcess, DWORD ProcessId, HANDLE hHandle, bool TranslateName);
|
||||
__declspec(dllexport) void* __stdcall HandlerGetHandleNameW(HANDLE hProcess, DWORD ProcessId, HANDLE hHandle, bool TranslateName);
|
||||
__declspec(dllexport) long __stdcall HandlerEnumerateOpenHandles(DWORD ProcessId, LPVOID HandleBuffer, DWORD MaxHandleCount);
|
||||
__declspec(dllexport) long long __stdcall HandlerGetHandleDetails(HANDLE hProcess, DWORD ProcessId, HANDLE hHandle, DWORD InformationReturn);
|
||||
__declspec(dllexport) bool __stdcall HandlerCloseRemoteHandle(HANDLE hProcess, HANDLE hHandle);
|
||||
__declspec(dllexport) long __stdcall HandlerEnumerateLockHandles(char* szFileOrFolderName, bool NameIsFolder, bool NameIsTranslated, LPVOID HandleDataBuffer, DWORD MaxHandleCount);
|
||||
__declspec(dllexport) long __stdcall HandlerEnumerateLockHandlesW(wchar_t* szFileOrFolderName, bool NameIsFolder, bool NameIsTranslated, LPVOID HandleDataBuffer, DWORD MaxHandleCount);
|
||||
__declspec(dllexport) bool __stdcall HandlerCloseAllLockHandles(char* szFileOrFolderName, bool NameIsFolder, bool NameIsTranslated);
|
||||
__declspec(dllexport) bool __stdcall HandlerCloseAllLockHandlesW(wchar_t* szFileOrFolderName, bool NameIsFolder, bool NameIsTranslated);
|
||||
__declspec(dllexport) bool __stdcall HandlerIsFileLocked(char* szFileOrFolderName, bool NameIsFolder, bool NameIsTranslated);
|
||||
__declspec(dllexport) bool __stdcall HandlerIsFileLockedW(wchar_t* szFileOrFolderName, bool NameIsFolder, bool NameIsTranslated);
|
||||
__declspec(dllexport) long HandlerGetActiveHandleCount(DWORD ProcessId);
|
||||
__declspec(dllexport) bool HandlerIsHandleOpen(DWORD ProcessId, HANDLE hHandle);
|
||||
__declspec(dllexport) void* HandlerGetHandleName(HANDLE hProcess, DWORD ProcessId, HANDLE hHandle, bool TranslateName);
|
||||
__declspec(dllexport) void* HandlerGetHandleNameW(HANDLE hProcess, DWORD ProcessId, HANDLE hHandle, bool TranslateName);
|
||||
__declspec(dllexport) long HandlerEnumerateOpenHandles(DWORD ProcessId, LPVOID HandleBuffer, DWORD MaxHandleCount);
|
||||
__declspec(dllexport) long long HandlerGetHandleDetails(HANDLE hProcess, DWORD ProcessId, HANDLE hHandle, DWORD InformationReturn);
|
||||
__declspec(dllexport) bool HandlerCloseRemoteHandle(HANDLE hProcess, HANDLE hHandle);
|
||||
__declspec(dllexport) long HandlerEnumerateLockHandles(char* szFileOrFolderName, bool NameIsFolder, bool NameIsTranslated, LPVOID HandleDataBuffer, DWORD MaxHandleCount);
|
||||
__declspec(dllexport) long HandlerEnumerateLockHandlesW(wchar_t* szFileOrFolderName, bool NameIsFolder, bool NameIsTranslated, LPVOID HandleDataBuffer, DWORD MaxHandleCount);
|
||||
__declspec(dllexport) bool HandlerCloseAllLockHandles(char* szFileOrFolderName, bool NameIsFolder, bool NameIsTranslated);
|
||||
__declspec(dllexport) bool HandlerCloseAllLockHandlesW(wchar_t* szFileOrFolderName, bool NameIsFolder, bool NameIsTranslated);
|
||||
__declspec(dllexport) bool HandlerIsFileLocked(char* szFileOrFolderName, bool NameIsFolder, bool NameIsTranslated);
|
||||
__declspec(dllexport) bool HandlerIsFileLockedW(wchar_t* szFileOrFolderName, bool NameIsFolder, bool NameIsTranslated);
|
||||
// TitanEngine.Handler[Mutex].functions:
|
||||
__declspec(dllexport) long __stdcall HandlerEnumerateOpenMutexes(HANDLE hProcess, DWORD ProcessId, LPVOID HandleBuffer, DWORD MaxHandleCount);
|
||||
__declspec(dllexport) long long __stdcall HandlerGetOpenMutexHandle(HANDLE hProcess, DWORD ProcessId, char* szMutexString);
|
||||
__declspec(dllexport) long long __stdcall HandlerGetOpenMutexHandleW(HANDLE hProcess, DWORD ProcessId, wchar_t* szMutexString);
|
||||
__declspec(dllexport) long __stdcall HandlerGetProcessIdWhichCreatedMutex(char* szMutexString);
|
||||
__declspec(dllexport) long __stdcall HandlerGetProcessIdWhichCreatedMutexW(wchar_t* szMutexString);
|
||||
__declspec(dllexport) long HandlerEnumerateOpenMutexes(HANDLE hProcess, DWORD ProcessId, LPVOID HandleBuffer, DWORD MaxHandleCount);
|
||||
__declspec(dllexport) long long HandlerGetOpenMutexHandle(HANDLE hProcess, DWORD ProcessId, char* szMutexString);
|
||||
__declspec(dllexport) long long HandlerGetOpenMutexHandleW(HANDLE hProcess, DWORD ProcessId, wchar_t* szMutexString);
|
||||
__declspec(dllexport) long HandlerGetProcessIdWhichCreatedMutex(char* szMutexString);
|
||||
__declspec(dllexport) long HandlerGetProcessIdWhichCreatedMutexW(wchar_t* szMutexString);
|
||||
// TitanEngine.Injector.functions:
|
||||
__declspec(dllexport) bool __stdcall RemoteLoadLibrary(HANDLE hProcess, char* szLibraryFile, bool WaitForThreadExit);
|
||||
__declspec(dllexport) bool __stdcall RemoteLoadLibraryW(HANDLE hProcess, wchar_t* szLibraryFile, bool WaitForThreadExit);
|
||||
__declspec(dllexport) bool __stdcall RemoteFreeLibrary(HANDLE hProcess, HMODULE hModule, char* szLibraryFile, bool WaitForThreadExit);
|
||||
__declspec(dllexport) bool __stdcall RemoteFreeLibraryW(HANDLE hProcess, HMODULE hModule, wchar_t* szLibraryFile, bool WaitForThreadExit);
|
||||
__declspec(dllexport) bool __stdcall RemoteExitProcess(HANDLE hProcess, DWORD ExitCode);
|
||||
__declspec(dllexport) bool RemoteLoadLibrary(HANDLE hProcess, char* szLibraryFile, bool WaitForThreadExit);
|
||||
__declspec(dllexport) bool RemoteLoadLibraryW(HANDLE hProcess, wchar_t* szLibraryFile, bool WaitForThreadExit);
|
||||
__declspec(dllexport) bool RemoteFreeLibrary(HANDLE hProcess, HMODULE hModule, char* szLibraryFile, bool WaitForThreadExit);
|
||||
__declspec(dllexport) bool RemoteFreeLibraryW(HANDLE hProcess, HMODULE hModule, wchar_t* szLibraryFile, bool WaitForThreadExit);
|
||||
__declspec(dllexport) bool RemoteExitProcess(HANDLE hProcess, DWORD ExitCode);
|
||||
// TitanEngine.StaticUnpacker.functions:
|
||||
__declspec(dllexport) bool __stdcall StaticFileLoad(char* szFileName, DWORD DesiredAccess, bool SimulateLoad, LPHANDLE FileHandle, LPDWORD LoadedSize, LPHANDLE FileMap, PULONG_PTR FileMapVA);
|
||||
__declspec(dllexport) bool __stdcall StaticFileLoadW(wchar_t* szFileName, DWORD DesiredAccess, bool SimulateLoad, LPHANDLE FileHandle, LPDWORD LoadedSize, LPHANDLE FileMap, PULONG_PTR FileMapVA);
|
||||
__declspec(dllexport) bool __stdcall StaticFileUnload(char* szFileName, bool CommitChanges, HANDLE FileHandle, DWORD LoadedSize, HANDLE FileMap, ULONG_PTR FileMapVA);
|
||||
__declspec(dllexport) bool __stdcall StaticFileUnloadW(wchar_t* szFileName, bool CommitChanges, HANDLE FileHandle, DWORD LoadedSize, HANDLE FileMap, ULONG_PTR FileMapVA);
|
||||
__declspec(dllexport) bool __stdcall StaticFileOpen(char* szFileName, DWORD DesiredAccess, LPHANDLE FileHandle, LPDWORD FileSizeLow, LPDWORD FileSizeHigh);
|
||||
__declspec(dllexport) bool __stdcall StaticFileOpenW(wchar_t* szFileName, DWORD DesiredAccess, LPHANDLE FileHandle, LPDWORD FileSizeLow, LPDWORD FileSizeHigh);
|
||||
__declspec(dllexport) bool __stdcall StaticFileGetContent(HANDLE FileHandle, DWORD FilePositionLow, LPDWORD FilePositionHigh, void* Buffer, DWORD Size);
|
||||
__declspec(dllexport) void __stdcall StaticFileClose(HANDLE FileHandle);
|
||||
__declspec(dllexport) void __stdcall StaticMemoryDecrypt(LPVOID MemoryStart, DWORD MemorySize, DWORD DecryptionType, DWORD DecryptionKeySize, ULONG_PTR DecryptionKey);
|
||||
__declspec(dllexport) void __stdcall StaticMemoryDecryptEx(LPVOID MemoryStart, DWORD MemorySize, DWORD DecryptionKeySize, void* DecryptionCallBack);
|
||||
__declspec(dllexport) void __stdcall StaticMemoryDecryptSpecial(LPVOID MemoryStart, DWORD MemorySize, DWORD DecryptionKeySize, DWORD SpecDecryptionType, void* DecryptionCallBack);
|
||||
__declspec(dllexport) void __stdcall StaticSectionDecrypt(ULONG_PTR FileMapVA, DWORD SectionNumber, bool SimulateLoad, DWORD DecryptionType, DWORD DecryptionKeySize, ULONG_PTR DecryptionKey);
|
||||
__declspec(dllexport) bool __stdcall StaticMemoryDecompress(void* Source, DWORD SourceSize, void* Destination, DWORD DestinationSize, int Algorithm);
|
||||
__declspec(dllexport) bool __stdcall StaticRawMemoryCopy(HANDLE hFile, ULONG_PTR FileMapVA, ULONG_PTR VitualAddressToCopy, DWORD Size, bool AddressIsRVA, char* szDumpFileName);
|
||||
__declspec(dllexport) bool __stdcall StaticRawMemoryCopyW(HANDLE hFile, ULONG_PTR FileMapVA, ULONG_PTR VitualAddressToCopy, DWORD Size, bool AddressIsRVA, wchar_t* szDumpFileName);
|
||||
__declspec(dllexport) bool __stdcall StaticRawMemoryCopyEx(HANDLE hFile, DWORD RawAddressToCopy, DWORD Size, char* szDumpFileName);
|
||||
__declspec(dllexport) bool __stdcall StaticRawMemoryCopyExW(HANDLE hFile, DWORD RawAddressToCopy, DWORD Size, wchar_t* szDumpFileName);
|
||||
__declspec(dllexport) bool __stdcall StaticRawMemoryCopyEx64(HANDLE hFile, DWORD64 RawAddressToCopy, DWORD64 Size, char* szDumpFileName);
|
||||
__declspec(dllexport) bool __stdcall StaticRawMemoryCopyEx64W(HANDLE hFile, DWORD64 RawAddressToCopy, DWORD64 Size, wchar_t* szDumpFileName);
|
||||
__declspec(dllexport) bool __stdcall StaticHashMemory(void* MemoryToHash, DWORD SizeOfMemory, void* HashDigest, bool OutputString, int Algorithm);
|
||||
__declspec(dllexport) bool __stdcall StaticHashFileW(wchar_t* szFileName, char* HashDigest, bool OutputString, int Algorithm);
|
||||
__declspec(dllexport) bool __stdcall StaticHashFile(char* szFileName, char* HashDigest, bool OutputString, int Algorithm);
|
||||
__declspec(dllexport) bool StaticFileLoad(char* szFileName, DWORD DesiredAccess, bool SimulateLoad, LPHANDLE FileHandle, LPDWORD LoadedSize, LPHANDLE FileMap, PULONG_PTR FileMapVA);
|
||||
__declspec(dllexport) bool StaticFileLoadW(wchar_t* szFileName, DWORD DesiredAccess, bool SimulateLoad, LPHANDLE FileHandle, LPDWORD LoadedSize, LPHANDLE FileMap, PULONG_PTR FileMapVA);
|
||||
__declspec(dllexport) bool StaticFileUnload(char* szFileName, bool CommitChanges, HANDLE FileHandle, DWORD LoadedSize, HANDLE FileMap, ULONG_PTR FileMapVA);
|
||||
__declspec(dllexport) bool StaticFileUnloadW(wchar_t* szFileName, bool CommitChanges, HANDLE FileHandle, DWORD LoadedSize, HANDLE FileMap, ULONG_PTR FileMapVA);
|
||||
__declspec(dllexport) bool StaticFileOpen(char* szFileName, DWORD DesiredAccess, LPHANDLE FileHandle, LPDWORD FileSizeLow, LPDWORD FileSizeHigh);
|
||||
__declspec(dllexport) bool StaticFileOpenW(wchar_t* szFileName, DWORD DesiredAccess, LPHANDLE FileHandle, LPDWORD FileSizeLow, LPDWORD FileSizeHigh);
|
||||
__declspec(dllexport) bool StaticFileGetContent(HANDLE FileHandle, DWORD FilePositionLow, LPDWORD FilePositionHigh, void* Buffer, DWORD Size);
|
||||
__declspec(dllexport) void StaticFileClose(HANDLE FileHandle);
|
||||
__declspec(dllexport) void StaticMemoryDecrypt(LPVOID MemoryStart, DWORD MemorySize, DWORD DecryptionType, DWORD DecryptionKeySize, ULONG_PTR DecryptionKey);
|
||||
__declspec(dllexport) void StaticMemoryDecryptEx(LPVOID MemoryStart, DWORD MemorySize, DWORD DecryptionKeySize, void* DecryptionCallBack);
|
||||
__declspec(dllexport) void StaticMemoryDecryptSpecial(LPVOID MemoryStart, DWORD MemorySize, DWORD DecryptionKeySize, DWORD SpecDecryptionType, void* DecryptionCallBack);
|
||||
__declspec(dllexport) void StaticSectionDecrypt(ULONG_PTR FileMapVA, DWORD SectionNumber, bool SimulateLoad, DWORD DecryptionType, DWORD DecryptionKeySize, ULONG_PTR DecryptionKey);
|
||||
__declspec(dllexport) bool StaticMemoryDecompress(void* Source, DWORD SourceSize, void* Destination, DWORD DestinationSize, int Algorithm);
|
||||
__declspec(dllexport) bool StaticRawMemoryCopy(HANDLE hFile, ULONG_PTR FileMapVA, ULONG_PTR VitualAddressToCopy, DWORD Size, bool AddressIsRVA, char* szDumpFileName);
|
||||
__declspec(dllexport) bool StaticRawMemoryCopyW(HANDLE hFile, ULONG_PTR FileMapVA, ULONG_PTR VitualAddressToCopy, DWORD Size, bool AddressIsRVA, wchar_t* szDumpFileName);
|
||||
__declspec(dllexport) bool StaticRawMemoryCopyEx(HANDLE hFile, DWORD RawAddressToCopy, DWORD Size, char* szDumpFileName);
|
||||
__declspec(dllexport) bool StaticRawMemoryCopyExW(HANDLE hFile, DWORD RawAddressToCopy, DWORD Size, wchar_t* szDumpFileName);
|
||||
__declspec(dllexport) bool StaticRawMemoryCopyEx64(HANDLE hFile, DWORD64 RawAddressToCopy, DWORD64 Size, char* szDumpFileName);
|
||||
__declspec(dllexport) bool StaticRawMemoryCopyEx64W(HANDLE hFile, DWORD64 RawAddressToCopy, DWORD64 Size, wchar_t* szDumpFileName);
|
||||
__declspec(dllexport) bool StaticHashMemory(void* MemoryToHash, DWORD SizeOfMemory, void* HashDigest, bool OutputString, int Algorithm);
|
||||
__declspec(dllexport) bool StaticHashFileW(wchar_t* szFileName, char* HashDigest, bool OutputString, int Algorithm);
|
||||
__declspec(dllexport) bool StaticHashFile(char* szFileName, char* HashDigest, bool OutputString, int Algorithm);
|
||||
// TitanEngine.Engine.functions:
|
||||
__declspec(dllexport) void __stdcall EngineUnpackerInitialize(char* szFileName, char* szUnpackedFileName, bool DoLogData, bool DoRealignFile, bool DoMoveOverlay, void* EntryCallBack);
|
||||
__declspec(dllexport) void __stdcall EngineUnpackerInitializeW(wchar_t* szFileName, wchar_t* szUnpackedFileName, bool DoLogData, bool DoRealignFile, bool DoMoveOverlay, void* EntryCallBack);
|
||||
__declspec(dllexport) bool __stdcall EngineUnpackerSetBreakCondition(void* SearchStart, DWORD SearchSize, void* SearchPattern, DWORD PatternSize, DWORD PatternDelta, ULONG_PTR BreakType, bool SingleBreak, DWORD Parameter1, DWORD Parameter2);
|
||||
__declspec(dllexport) void __stdcall EngineUnpackerSetEntryPointAddress(ULONG_PTR UnpackedEntryPointAddress);
|
||||
__declspec(dllexport) void __stdcall EngineUnpackerFinalizeUnpacking();
|
||||
__declspec(dllexport) void EngineUnpackerInitialize(char* szFileName, char* szUnpackedFileName, bool DoLogData, bool DoRealignFile, bool DoMoveOverlay, void* EntryCallBack);
|
||||
__declspec(dllexport) void EngineUnpackerInitializeW(wchar_t* szFileName, wchar_t* szUnpackedFileName, bool DoLogData, bool DoRealignFile, bool DoMoveOverlay, void* EntryCallBack);
|
||||
__declspec(dllexport) bool EngineUnpackerSetBreakCondition(void* SearchStart, DWORD SearchSize, void* SearchPattern, DWORD PatternSize, DWORD PatternDelta, ULONG_PTR BreakType, bool SingleBreak, DWORD Parameter1, DWORD Parameter2);
|
||||
__declspec(dllexport) void EngineUnpackerSetEntryPointAddress(ULONG_PTR UnpackedEntryPointAddress);
|
||||
__declspec(dllexport) void EngineUnpackerFinalizeUnpacking();
|
||||
// TitanEngine.Engine.functions:
|
||||
__declspec(dllexport) void __stdcall SetEngineVariable(DWORD VariableId, bool VariableSet);
|
||||
__declspec(dllexport) bool __stdcall EngineCreateMissingDependencies(char* szFileName, char* szOutputFolder, bool LogCreatedFiles);
|
||||
__declspec(dllexport) bool __stdcall EngineCreateMissingDependenciesW(wchar_t* szFileName, wchar_t* szOutputFolder, bool LogCreatedFiles);
|
||||
__declspec(dllexport) bool __stdcall EngineFakeMissingDependencies(HANDLE hProcess);
|
||||
__declspec(dllexport) bool __stdcall EngineDeleteCreatedDependencies();
|
||||
__declspec(dllexport) bool __stdcall EngineCreateUnpackerWindow(char* WindowUnpackerTitle, char* WindowUnpackerLongTitle, char* WindowUnpackerName, char* WindowUnpackerAuthor, void* StartUnpackingCallBack);
|
||||
__declspec(dllexport) void __stdcall EngineAddUnpackerWindowLogMessage(char* szLogMessage);
|
||||
__declspec(dllexport) void SetEngineVariable(DWORD VariableId, bool VariableSet);
|
||||
__declspec(dllexport) bool EngineCreateMissingDependencies(char* szFileName, char* szOutputFolder, bool LogCreatedFiles);
|
||||
__declspec(dllexport) bool EngineCreateMissingDependenciesW(wchar_t* szFileName, wchar_t* szOutputFolder, bool LogCreatedFiles);
|
||||
__declspec(dllexport) bool EngineFakeMissingDependencies(HANDLE hProcess);
|
||||
__declspec(dllexport) bool EngineDeleteCreatedDependencies();
|
||||
__declspec(dllexport) bool EngineCreateUnpackerWindow(char* WindowUnpackerTitle, char* WindowUnpackerLongTitle, char* WindowUnpackerName, char* WindowUnpackerAuthor, void* StartUnpackingCallBack);
|
||||
__declspec(dllexport) void EngineAddUnpackerWindowLogMessage(char* szLogMessage);
|
||||
// Global.Engine.Extension.Functions:
|
||||
__declspec(dllexport) bool __stdcall ExtensionManagerIsPluginLoaded(char* szPluginName);
|
||||
__declspec(dllexport) bool __stdcall ExtensionManagerIsPluginEnabled(char* szPluginName);
|
||||
__declspec(dllexport) bool __stdcall ExtensionManagerDisableAllPlugins();
|
||||
__declspec(dllexport) bool __stdcall ExtensionManagerDisablePlugin(char* szPluginName);
|
||||
__declspec(dllexport) bool __stdcall ExtensionManagerEnableAllPlugins();
|
||||
__declspec(dllexport) bool __stdcall ExtensionManagerEnablePlugin(char* szPluginName);
|
||||
__declspec(dllexport) bool __stdcall ExtensionManagerUnloadAllPlugins();
|
||||
__declspec(dllexport) bool __stdcall ExtensionManagerUnloadPlugin(char* szPluginName);
|
||||
__declspec(dllexport) void* __stdcall ExtensionManagerGetPluginInfo(char* szPluginName);
|
||||
__declspec(dllexport) bool ExtensionManagerIsPluginLoaded(char* szPluginName);
|
||||
__declspec(dllexport) bool ExtensionManagerIsPluginEnabled(char* szPluginName);
|
||||
__declspec(dllexport) bool ExtensionManagerDisableAllPlugins();
|
||||
__declspec(dllexport) bool ExtensionManagerDisablePlugin(char* szPluginName);
|
||||
__declspec(dllexport) bool ExtensionManagerEnableAllPlugins();
|
||||
__declspec(dllexport) bool ExtensionManagerEnablePlugin(char* szPluginName);
|
||||
__declspec(dllexport) bool ExtensionManagerUnloadAllPlugins();
|
||||
__declspec(dllexport) bool ExtensionManagerUnloadPlugin(char* szPluginName);
|
||||
__declspec(dllexport) void* ExtensionManagerGetPluginInfo(char* szPluginName);
|
||||
|
||||
#if !defined (_WIN64)
|
||||
#ifdef __cplusplus
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif /*__cplusplus*/
|
||||
#endif
|
||||
#endif /*__cplusplus*/
|
||||
#endif
|
||||
|
|
|
|||
|
|
@ -15,7 +15,7 @@
|
|||
#include <Winternl.h>
|
||||
|
||||
#if !defined(_WIN64)
|
||||
#include "aplib.h"
|
||||
#include "aplib.h"
|
||||
#endif
|
||||
#include "LzmaDec.h"
|
||||
|
||||
|
|
@ -52,199 +52,219 @@
|
|||
#define UE_OPTION_IMPORTER_RETURN_NEAREST_APINAME 12
|
||||
#define UE_OPTION_IMPORTER_RETURN_API_ORDINAL_NUMBER 13
|
||||
|
||||
typedef struct{
|
||||
char PluginName[64];
|
||||
DWORD PluginMajorVersion;
|
||||
DWORD PluginMinorVersion;
|
||||
HMODULE PluginBaseAddress;
|
||||
void* TitanDebuggingCallBack;
|
||||
void* TitanRegisterPlugin;
|
||||
void* TitanReleasePlugin;
|
||||
void* TitanResetPlugin;
|
||||
bool PluginDisabled;
|
||||
}PluginInformation, *PPluginInformation;
|
||||
typedef struct
|
||||
{
|
||||
char PluginName[64];
|
||||
DWORD PluginMajorVersion;
|
||||
DWORD PluginMinorVersion;
|
||||
HMODULE PluginBaseAddress;
|
||||
void* TitanDebuggingCallBack;
|
||||
void* TitanRegisterPlugin;
|
||||
void* TitanReleasePlugin;
|
||||
void* TitanResetPlugin;
|
||||
bool PluginDisabled;
|
||||
} PluginInformation, *PPluginInformation;
|
||||
|
||||
typedef struct{
|
||||
ULONG_PTR BreakPointAddress;
|
||||
ULONG_PTR Parameter1;
|
||||
ULONG_PTR Parameter2;
|
||||
int SnapShotNumber;
|
||||
bool SingleBreak;
|
||||
}UnpackerInformation, *PUnpackerInformation;
|
||||
typedef struct
|
||||
{
|
||||
ULONG_PTR BreakPointAddress;
|
||||
ULONG_PTR Parameter1;
|
||||
ULONG_PTR Parameter2;
|
||||
int SnapShotNumber;
|
||||
bool SingleBreak;
|
||||
} UnpackerInformation, *PUnpackerInformation;
|
||||
|
||||
typedef struct{
|
||||
bool ExpertModeActive;
|
||||
wchar_t* szFileName;
|
||||
bool ReserveModuleBase;
|
||||
wchar_t* szCommandLine;
|
||||
wchar_t* szCurrentFolder;
|
||||
LPVOID EntryCallBack;
|
||||
}ExpertDebug, *PExpertDebug;
|
||||
typedef struct
|
||||
{
|
||||
bool ExpertModeActive;
|
||||
wchar_t* szFileName;
|
||||
bool ReserveModuleBase;
|
||||
wchar_t* szCommandLine;
|
||||
wchar_t* szCurrentFolder;
|
||||
LPVOID EntryCallBack;
|
||||
} ExpertDebug, *PExpertDebug;
|
||||
|
||||
typedef struct{
|
||||
ULONG_PTR fLoadLibrary;
|
||||
ULONG_PTR fFreeLibrary;
|
||||
ULONG_PTR fGetModuleHandle;
|
||||
ULONG_PTR fGetProcAddress;
|
||||
ULONG_PTR fVirtualFree;
|
||||
ULONG_PTR fExitProcess;
|
||||
HMODULE fFreeLibraryHandle;
|
||||
DWORD fExitProcessCode;
|
||||
}InjectCodeData, *PInjectCodeData;
|
||||
typedef struct
|
||||
{
|
||||
ULONG_PTR fLoadLibrary;
|
||||
ULONG_PTR fFreeLibrary;
|
||||
ULONG_PTR fGetModuleHandle;
|
||||
ULONG_PTR fGetProcAddress;
|
||||
ULONG_PTR fVirtualFree;
|
||||
ULONG_PTR fExitProcess;
|
||||
HMODULE fFreeLibraryHandle;
|
||||
DWORD fExitProcessCode;
|
||||
} InjectCodeData, *PInjectCodeData;
|
||||
|
||||
typedef struct{
|
||||
ULONG_PTR fTrace;
|
||||
ULONG_PTR fCreateFileA;
|
||||
ULONG_PTR fCloseHandle;
|
||||
ULONG_PTR fCreateFileMappingA;
|
||||
ULONG_PTR AddressToTrace;
|
||||
}InjectImpRecCodeData, *PInjectImpRecCodeData;
|
||||
typedef struct
|
||||
{
|
||||
ULONG_PTR fTrace;
|
||||
ULONG_PTR fCreateFileA;
|
||||
ULONG_PTR fCloseHandle;
|
||||
ULONG_PTR fCreateFileMappingA;
|
||||
ULONG_PTR AddressToTrace;
|
||||
} InjectImpRecCodeData, *PInjectImpRecCodeData;
|
||||
|
||||
#define UE_MAX_BREAKPOINT_SIZE 2
|
||||
#define UE_BREAKPOINT_INT3 1
|
||||
#define UE_BREAKPOINT_LONG_INT3 2
|
||||
#define UE_BREAKPOINT_UD2 3
|
||||
|
||||
typedef struct{
|
||||
BYTE BreakPointActive;
|
||||
ULONG_PTR BreakPointAddress;
|
||||
DWORD BreakPointSize;
|
||||
BYTE OriginalByte[10];
|
||||
int BreakPointType;
|
||||
int AdvancedBreakPointType;
|
||||
int MemoryBpxRestoreOnHit;
|
||||
DWORD NumberOfExecutions;
|
||||
DWORD CmpRegister;
|
||||
int CmpCondition;
|
||||
ULONG_PTR CmpValue;
|
||||
ULONG_PTR ExecuteCallBack;
|
||||
ULONG_PTR CompareCallBack;
|
||||
ULONG_PTR RemoveCallBack;
|
||||
DWORD UniqueLinkId;
|
||||
}BreakPointDetail, *PBreakPointDetail;
|
||||
typedef struct
|
||||
{
|
||||
BYTE BreakPointActive;
|
||||
ULONG_PTR BreakPointAddress;
|
||||
DWORD BreakPointSize;
|
||||
BYTE OriginalByte[10];
|
||||
int BreakPointType;
|
||||
int AdvancedBreakPointType;
|
||||
int MemoryBpxRestoreOnHit;
|
||||
DWORD NumberOfExecutions;
|
||||
DWORD CmpRegister;
|
||||
int CmpCondition;
|
||||
ULONG_PTR CmpValue;
|
||||
ULONG_PTR ExecuteCallBack;
|
||||
ULONG_PTR CompareCallBack;
|
||||
ULONG_PTR RemoveCallBack;
|
||||
DWORD UniqueLinkId;
|
||||
} BreakPointDetail, *PBreakPointDetail;
|
||||
|
||||
typedef struct{
|
||||
bool DrxEnabled;
|
||||
bool DrxExecution;
|
||||
DWORD DrxBreakPointType;
|
||||
DWORD DrxBreakPointSize;
|
||||
ULONG_PTR DrxBreakAddress;
|
||||
ULONG_PTR DrxCallBack;
|
||||
}HARDWARE_DATA, *PHARDWARE_DATA;
|
||||
typedef struct
|
||||
{
|
||||
bool DrxEnabled;
|
||||
bool DrxExecution;
|
||||
DWORD DrxBreakPointType;
|
||||
DWORD DrxBreakPointSize;
|
||||
ULONG_PTR DrxBreakAddress;
|
||||
ULONG_PTR DrxCallBack;
|
||||
} HARDWARE_DATA, *PHARDWARE_DATA;
|
||||
|
||||
typedef struct{
|
||||
ULONG_PTR chBreakPoint;
|
||||
ULONG_PTR chSingleStep;
|
||||
ULONG_PTR chAccessViolation;
|
||||
ULONG_PTR chIllegalInstruction;
|
||||
ULONG_PTR chNonContinuableException;
|
||||
ULONG_PTR chArrayBoundsException;
|
||||
ULONG_PTR chFloatDenormalOperand;
|
||||
ULONG_PTR chFloatDevideByZero;
|
||||
ULONG_PTR chIntegerDevideByZero;
|
||||
ULONG_PTR chIntegerOverflow;
|
||||
ULONG_PTR chPrivilegedInstruction;
|
||||
ULONG_PTR chPageGuard;
|
||||
ULONG_PTR chEverythingElse;
|
||||
ULONG_PTR chCreateThread;
|
||||
ULONG_PTR chExitThread;
|
||||
ULONG_PTR chCreateProcess;
|
||||
ULONG_PTR chExitProcess;
|
||||
ULONG_PTR chLoadDll;
|
||||
ULONG_PTR chUnloadDll;
|
||||
ULONG_PTR chOutputDebugString;
|
||||
ULONG_PTR chAfterException;
|
||||
ULONG_PTR chSystemBreakpoint;
|
||||
ULONG_PTR chUnhandledException;
|
||||
ULONG_PTR chAfterUnhandledException;
|
||||
}CustomHandler, *PCustomHandler;
|
||||
typedef struct
|
||||
{
|
||||
ULONG_PTR chBreakPoint;
|
||||
ULONG_PTR chSingleStep;
|
||||
ULONG_PTR chAccessViolation;
|
||||
ULONG_PTR chIllegalInstruction;
|
||||
ULONG_PTR chNonContinuableException;
|
||||
ULONG_PTR chArrayBoundsException;
|
||||
ULONG_PTR chFloatDenormalOperand;
|
||||
ULONG_PTR chFloatDevideByZero;
|
||||
ULONG_PTR chIntegerDevideByZero;
|
||||
ULONG_PTR chIntegerOverflow;
|
||||
ULONG_PTR chPrivilegedInstruction;
|
||||
ULONG_PTR chPageGuard;
|
||||
ULONG_PTR chEverythingElse;
|
||||
ULONG_PTR chCreateThread;
|
||||
ULONG_PTR chExitThread;
|
||||
ULONG_PTR chCreateProcess;
|
||||
ULONG_PTR chExitProcess;
|
||||
ULONG_PTR chLoadDll;
|
||||
ULONG_PTR chUnloadDll;
|
||||
ULONG_PTR chOutputDebugString;
|
||||
ULONG_PTR chAfterException;
|
||||
ULONG_PTR chSystemBreakpoint;
|
||||
ULONG_PTR chUnhandledException;
|
||||
ULONG_PTR chAfterUnhandledException;
|
||||
} CustomHandler, *PCustomHandler;
|
||||
|
||||
typedef struct{
|
||||
DWORD OrdinalBase;
|
||||
DWORD NumberOfExportFunctions;
|
||||
char FileName[512];
|
||||
}EXPORT_DATA, *PEXPORT_DATA;
|
||||
typedef struct
|
||||
{
|
||||
DWORD OrdinalBase;
|
||||
DWORD NumberOfExportFunctions;
|
||||
char FileName[512];
|
||||
} EXPORT_DATA, *PEXPORT_DATA;
|
||||
|
||||
typedef struct{
|
||||
DWORD ExportedItem;
|
||||
}EXPORTED_DATA, *PEXPORTED_DATA;
|
||||
typedef struct
|
||||
{
|
||||
DWORD ExportedItem;
|
||||
} EXPORTED_DATA, *PEXPORTED_DATA;
|
||||
|
||||
typedef struct{
|
||||
WORD OrdinalNumber;
|
||||
}EXPORTED_DATA_WORD, *PEXPORTED_DATA_WORD;
|
||||
typedef struct
|
||||
{
|
||||
WORD OrdinalNumber;
|
||||
} EXPORTED_DATA_WORD, *PEXPORTED_DATA_WORD;
|
||||
|
||||
typedef struct{
|
||||
BYTE DataByte[50];
|
||||
}MEMORY_CMP_HANDLER, *PMEMORY_CMP_HANDLER;
|
||||
typedef struct
|
||||
{
|
||||
BYTE DataByte[50];
|
||||
} MEMORY_CMP_HANDLER, *PMEMORY_CMP_HANDLER;
|
||||
|
||||
typedef struct{
|
||||
BYTE DataByte;
|
||||
}MEMORY_CMP_BYTE_HANDLER, *PMEMORY_CMP_BYTE_HANDLER;
|
||||
typedef struct
|
||||
{
|
||||
BYTE DataByte;
|
||||
} MEMORY_CMP_BYTE_HANDLER, *PMEMORY_CMP_BYTE_HANDLER;
|
||||
|
||||
typedef struct MEMORY_COMPARE_HANDLER{
|
||||
union {
|
||||
BYTE bArrayEntry[1];
|
||||
WORD wArrayEntry[1];
|
||||
DWORD dwArrayEntry[1];
|
||||
DWORD64 qwArrayEntry[1];
|
||||
} Array;
|
||||
}MEMORY_COMPARE_HANDLER, *PMEMORY_COMPARE_HANDLER;
|
||||
typedef struct MEMORY_COMPARE_HANDLER
|
||||
{
|
||||
union
|
||||
{
|
||||
BYTE bArrayEntry[1];
|
||||
WORD wArrayEntry[1];
|
||||
DWORD dwArrayEntry[1];
|
||||
DWORD64 qwArrayEntry[1];
|
||||
} Array;
|
||||
} MEMORY_COMPARE_HANDLER, *PMEMORY_COMPARE_HANDLER;
|
||||
|
||||
#define MAX_DEBUG_DATA 512
|
||||
|
||||
typedef struct{
|
||||
HANDLE hThread;
|
||||
DWORD dwThreadId;
|
||||
void* ThreadStartAddress;
|
||||
void* ThreadLocalBase;
|
||||
}THREAD_ITEM_DATA, *PTHREAD_ITEM_DATA;
|
||||
typedef struct
|
||||
{
|
||||
HANDLE hThread;
|
||||
DWORD dwThreadId;
|
||||
void* ThreadStartAddress;
|
||||
void* ThreadLocalBase;
|
||||
} THREAD_ITEM_DATA, *PTHREAD_ITEM_DATA;
|
||||
|
||||
typedef struct{
|
||||
HANDLE hProcess;
|
||||
DWORD dwProcessId;
|
||||
HANDLE hThread;
|
||||
DWORD dwThreadId;
|
||||
HANDLE hFile;
|
||||
void* BaseOfImage;
|
||||
void* ThreadStartAddress;
|
||||
void* ThreadLocalBase;
|
||||
}PROCESS_ITEM_DATA, *PPROCESS_ITEM_DATA;
|
||||
|
||||
typedef struct{
|
||||
typedef struct
|
||||
{
|
||||
HANDLE hProcess;
|
||||
DWORD dwProcessId;
|
||||
HANDLE hThread;
|
||||
DWORD dwThreadId;
|
||||
HANDLE hFile;
|
||||
void* BaseOfDll;
|
||||
HANDLE hFileMapping;
|
||||
void* hFileMappingView;
|
||||
char szLibraryPath[MAX_PATH];
|
||||
char szLibraryName[MAX_PATH];
|
||||
}LIBRARY_ITEM_DATA, *PLIBRARY_ITEM_DATA;
|
||||
void* BaseOfImage;
|
||||
void* ThreadStartAddress;
|
||||
void* ThreadLocalBase;
|
||||
} PROCESS_ITEM_DATA, *PPROCESS_ITEM_DATA;
|
||||
|
||||
typedef struct{
|
||||
typedef struct
|
||||
{
|
||||
HANDLE hFile;
|
||||
void* BaseOfDll;
|
||||
HANDLE hFileMapping;
|
||||
void* hFileMappingView;
|
||||
wchar_t szLibraryPath[MAX_PATH];
|
||||
wchar_t szLibraryName[MAX_PATH];
|
||||
}LIBRARY_ITEM_DATAW, *PLIBRARY_ITEM_DATAW;
|
||||
void* BaseOfDll;
|
||||
HANDLE hFileMapping;
|
||||
void* hFileMappingView;
|
||||
char szLibraryPath[MAX_PATH];
|
||||
char szLibraryName[MAX_PATH];
|
||||
} LIBRARY_ITEM_DATA, *PLIBRARY_ITEM_DATA;
|
||||
|
||||
typedef struct
|
||||
{
|
||||
HANDLE hFile;
|
||||
void* BaseOfDll;
|
||||
HANDLE hFileMapping;
|
||||
void* hFileMappingView;
|
||||
wchar_t szLibraryPath[MAX_PATH];
|
||||
wchar_t szLibraryName[MAX_PATH];
|
||||
} LIBRARY_ITEM_DATAW, *PLIBRARY_ITEM_DATAW;
|
||||
|
||||
#define MAX_LIBRARY_BPX 64
|
||||
#define UE_ON_LIB_LOAD 1
|
||||
#define UE_ON_LIB_UNLOAD 2
|
||||
#define UE_ON_LIB_ALL 3
|
||||
|
||||
typedef struct{
|
||||
char szLibraryName[128];
|
||||
void* bpxCallBack;
|
||||
bool bpxSingleShoot;
|
||||
int bpxType;
|
||||
}LIBRARY_BREAK_DATA, *PLIBRARY_BREAK_DATA;
|
||||
typedef struct
|
||||
{
|
||||
char szLibraryName[128];
|
||||
void* bpxCallBack;
|
||||
bool bpxSingleShoot;
|
||||
int bpxType;
|
||||
} LIBRARY_BREAK_DATA, *PLIBRARY_BREAK_DATA;
|
||||
|
||||
#define TEE_MAXIMUM_HOOK_SIZE 14
|
||||
#if defined(_WIN64)
|
||||
#define TEE_MAXIMUM_HOOK_INSERT_SIZE 14
|
||||
#define TEE_MAXIMUM_HOOK_INSERT_SIZE 14
|
||||
#else
|
||||
#define TEE_MAXIMUM_HOOK_INSERT_SIZE 5
|
||||
#define TEE_MAXIMUM_HOOK_INSERT_SIZE 5
|
||||
#endif
|
||||
|
||||
#define TEE_HOOK_NRM_JUMP 1
|
||||
|
|
@ -252,22 +272,23 @@ typedef struct{
|
|||
#define TEE_HOOK_IAT 5
|
||||
#define TEE_MAXIMUM_HOOK_RELOCS 7
|
||||
|
||||
typedef struct HOOK_ENTRY{
|
||||
bool IATHook;
|
||||
BYTE HookType;
|
||||
DWORD HookSize;
|
||||
void* HookAddress;
|
||||
void* RedirectionAddress;
|
||||
BYTE HookBytes[TEE_MAXIMUM_HOOK_SIZE];
|
||||
BYTE OriginalBytes[TEE_MAXIMUM_HOOK_SIZE];
|
||||
void* IATHookModuleBase;
|
||||
DWORD IATHookNameHash;
|
||||
bool HookIsEnabled;
|
||||
bool HookIsRemote;
|
||||
void* PatchedEntry;
|
||||
DWORD RelocationInfo[TEE_MAXIMUM_HOOK_RELOCS];
|
||||
int RelocationCount;
|
||||
}HOOK_ENTRY, *PHOOK_ENTRY;
|
||||
typedef struct HOOK_ENTRY
|
||||
{
|
||||
bool IATHook;
|
||||
BYTE HookType;
|
||||
DWORD HookSize;
|
||||
void* HookAddress;
|
||||
void* RedirectionAddress;
|
||||
BYTE HookBytes[TEE_MAXIMUM_HOOK_SIZE];
|
||||
BYTE OriginalBytes[TEE_MAXIMUM_HOOK_SIZE];
|
||||
void* IATHookModuleBase;
|
||||
DWORD IATHookNameHash;
|
||||
bool HookIsEnabled;
|
||||
bool HookIsRemote;
|
||||
void* PatchedEntry;
|
||||
DWORD RelocationInfo[TEE_MAXIMUM_HOOK_RELOCS];
|
||||
int RelocationCount;
|
||||
} HOOK_ENTRY, *PHOOK_ENTRY;
|
||||
|
||||
// Engine.External:
|
||||
#define UE_ACCESS_READ 0
|
||||
|
|
@ -378,10 +399,11 @@ typedef struct HOOK_ENTRY{
|
|||
#define UE_OPTION_HANDLER_RETURN_TYPENAME 4
|
||||
#define UE_OPTION_HANDLER_RETURN_TYPENAME_UNICODE 5
|
||||
|
||||
typedef struct{
|
||||
ULONG ProcessId;
|
||||
HANDLE hHandle;
|
||||
}HandlerArray, *PHandlerArray;
|
||||
typedef struct
|
||||
{
|
||||
ULONG ProcessId;
|
||||
HANDLE hHandle;
|
||||
} HandlerArray, *PHandlerArray;
|
||||
|
||||
#define UE_BPXREMOVED 0
|
||||
#define UE_BPXACTIVE 1
|
||||
|
|
@ -487,17 +509,18 @@ typedef struct{
|
|||
#define UE_SEG_CS 41
|
||||
#define UE_SEG_SS 42
|
||||
|
||||
typedef struct{
|
||||
DWORD PE32Offset;
|
||||
DWORD ImageBase;
|
||||
typedef struct
|
||||
{
|
||||
DWORD PE32Offset;
|
||||
DWORD ImageBase;
|
||||
DWORD OriginalEntryPoint;
|
||||
DWORD NtSizeOfImage;
|
||||
DWORD NtSizeOfHeaders;
|
||||
WORD SizeOfOptionalHeaders;
|
||||
DWORD FileAlignment;
|
||||
DWORD FileAlignment;
|
||||
DWORD SectionAligment;
|
||||
DWORD ImportTableAddress;
|
||||
DWORD ImportTableSize;
|
||||
DWORD ImportTableSize;
|
||||
DWORD ResourceTableAddress;
|
||||
DWORD ResourceTableSize;
|
||||
DWORD ExportTableAddress;
|
||||
|
|
@ -509,22 +532,23 @@ typedef struct{
|
|||
DWORD TimeDateStamp;
|
||||
WORD SectionNumber;
|
||||
DWORD CheckSum;
|
||||
WORD SubSystem;
|
||||
WORD Characteristics;
|
||||
DWORD NumberOfRvaAndSizes;
|
||||
}PE32Struct, *PPE32Struct;
|
||||
WORD SubSystem;
|
||||
WORD Characteristics;
|
||||
DWORD NumberOfRvaAndSizes;
|
||||
} PE32Struct, *PPE32Struct;
|
||||
|
||||
typedef struct{
|
||||
DWORD PE64Offset;
|
||||
DWORD64 ImageBase;
|
||||
typedef struct
|
||||
{
|
||||
DWORD PE64Offset;
|
||||
DWORD64 ImageBase;
|
||||
DWORD OriginalEntryPoint;
|
||||
DWORD NtSizeOfImage;
|
||||
DWORD NtSizeOfHeaders;
|
||||
WORD SizeOfOptionalHeaders;
|
||||
DWORD FileAlignment;
|
||||
DWORD FileAlignment;
|
||||
DWORD SectionAligment;
|
||||
DWORD ImportTableAddress;
|
||||
DWORD ImportTableSize;
|
||||
DWORD ImportTableSize;
|
||||
DWORD ResourceTableAddress;
|
||||
DWORD ResourceTableSize;
|
||||
DWORD ExportTableAddress;
|
||||
|
|
@ -536,20 +560,21 @@ typedef struct{
|
|||
DWORD TimeDateStamp;
|
||||
WORD SectionNumber;
|
||||
DWORD CheckSum;
|
||||
WORD SubSystem;
|
||||
WORD Characteristics;
|
||||
DWORD NumberOfRvaAndSizes;
|
||||
}PE64Struct, *PPE64Struct;
|
||||
WORD SubSystem;
|
||||
WORD Characteristics;
|
||||
DWORD NumberOfRvaAndSizes;
|
||||
} PE64Struct, *PPE64Struct;
|
||||
|
||||
typedef struct{
|
||||
bool NewDll;
|
||||
int NumberOfImports;
|
||||
ULONG_PTR ImageBase;
|
||||
ULONG_PTR BaseImportThunk;
|
||||
ULONG_PTR ImportThunk;
|
||||
char* APIName;
|
||||
char* DLLName;
|
||||
}ImportEnumData, *PImportEnumData;
|
||||
typedef struct
|
||||
{
|
||||
bool NewDll;
|
||||
int NumberOfImports;
|
||||
ULONG_PTR ImageBase;
|
||||
ULONG_PTR BaseImportThunk;
|
||||
ULONG_PTR ImportThunk;
|
||||
char* APIName;
|
||||
char* DLLName;
|
||||
} ImportEnumData, *PImportEnumData;
|
||||
|
||||
#define UE_DEPTH_SURFACE 0
|
||||
#define UE_DEPTH_DEEP 1
|
||||
|
|
@ -577,101 +602,105 @@ typedef struct{
|
|||
#define UE_RESULT_FILE_INVALID_AND_NON_FIXABLE 12
|
||||
#define UE_RESULT_FILE_INVALID_FORMAT 13
|
||||
|
||||
typedef struct{
|
||||
BYTE OveralEvaluation;
|
||||
bool EvaluationTerminatedByException;
|
||||
bool FileIs64Bit;
|
||||
bool FileIsDLL;
|
||||
bool FileIsConsole;
|
||||
bool MissingDependencies;
|
||||
bool MissingDeclaredAPIs;
|
||||
BYTE SignatureMZ;
|
||||
BYTE SignaturePE;
|
||||
BYTE EntryPoint;
|
||||
BYTE ImageBase;
|
||||
BYTE SizeOfImage;
|
||||
BYTE FileAlignment;
|
||||
BYTE SectionAlignment;
|
||||
BYTE ExportTable;
|
||||
BYTE RelocationTable;
|
||||
BYTE ImportTable;
|
||||
BYTE ImportTableSection;
|
||||
BYTE ImportTableData;
|
||||
BYTE IATTable;
|
||||
BYTE TLSTable;
|
||||
BYTE LoadConfigTable;
|
||||
BYTE BoundImportTable;
|
||||
BYTE COMHeaderTable;
|
||||
BYTE ResourceTable;
|
||||
BYTE ResourceData;
|
||||
BYTE SectionTable;
|
||||
}FILE_STATUS_INFO, *PFILE_STATUS_INFO;
|
||||
typedef struct
|
||||
{
|
||||
BYTE OveralEvaluation;
|
||||
bool EvaluationTerminatedByException;
|
||||
bool FileIs64Bit;
|
||||
bool FileIsDLL;
|
||||
bool FileIsConsole;
|
||||
bool MissingDependencies;
|
||||
bool MissingDeclaredAPIs;
|
||||
BYTE SignatureMZ;
|
||||
BYTE SignaturePE;
|
||||
BYTE EntryPoint;
|
||||
BYTE ImageBase;
|
||||
BYTE SizeOfImage;
|
||||
BYTE FileAlignment;
|
||||
BYTE SectionAlignment;
|
||||
BYTE ExportTable;
|
||||
BYTE RelocationTable;
|
||||
BYTE ImportTable;
|
||||
BYTE ImportTableSection;
|
||||
BYTE ImportTableData;
|
||||
BYTE IATTable;
|
||||
BYTE TLSTable;
|
||||
BYTE LoadConfigTable;
|
||||
BYTE BoundImportTable;
|
||||
BYTE COMHeaderTable;
|
||||
BYTE ResourceTable;
|
||||
BYTE ResourceData;
|
||||
BYTE SectionTable;
|
||||
} FILE_STATUS_INFO, *PFILE_STATUS_INFO;
|
||||
|
||||
typedef struct{
|
||||
BYTE OveralEvaluation;
|
||||
bool FixingTerminatedByException;
|
||||
bool FileFixPerformed;
|
||||
bool StrippedRelocation;
|
||||
bool DontFixRelocations;
|
||||
DWORD OriginalRelocationTableAddress;
|
||||
DWORD OriginalRelocationTableSize;
|
||||
bool StrippedExports;
|
||||
bool DontFixExports;
|
||||
DWORD OriginalExportTableAddress;
|
||||
DWORD OriginalExportTableSize;
|
||||
bool StrippedResources;
|
||||
bool DontFixResources;
|
||||
DWORD OriginalResourceTableAddress;
|
||||
DWORD OriginalResourceTableSize;
|
||||
bool StrippedTLS;
|
||||
bool DontFixTLS;
|
||||
DWORD OriginalTLSTableAddress;
|
||||
DWORD OriginalTLSTableSize;
|
||||
bool StrippedLoadConfig;
|
||||
bool DontFixLoadConfig;
|
||||
DWORD OriginalLoadConfigTableAddress;
|
||||
DWORD OriginalLoadConfigTableSize;
|
||||
bool StrippedBoundImports;
|
||||
bool DontFixBoundImports;
|
||||
DWORD OriginalBoundImportTableAddress;
|
||||
DWORD OriginalBoundImportTableSize;
|
||||
bool StrippedIAT;
|
||||
bool DontFixIAT;
|
||||
DWORD OriginalImportAddressTableAddress;
|
||||
DWORD OriginalImportAddressTableSize;
|
||||
bool StrippedCOM;
|
||||
bool DontFixCOM;
|
||||
DWORD OriginalCOMTableAddress;
|
||||
DWORD OriginalCOMTableSize;
|
||||
}FILE_FIX_INFO, *PFILE_FIX_INFO;
|
||||
typedef struct
|
||||
{
|
||||
BYTE OveralEvaluation;
|
||||
bool FixingTerminatedByException;
|
||||
bool FileFixPerformed;
|
||||
bool StrippedRelocation;
|
||||
bool DontFixRelocations;
|
||||
DWORD OriginalRelocationTableAddress;
|
||||
DWORD OriginalRelocationTableSize;
|
||||
bool StrippedExports;
|
||||
bool DontFixExports;
|
||||
DWORD OriginalExportTableAddress;
|
||||
DWORD OriginalExportTableSize;
|
||||
bool StrippedResources;
|
||||
bool DontFixResources;
|
||||
DWORD OriginalResourceTableAddress;
|
||||
DWORD OriginalResourceTableSize;
|
||||
bool StrippedTLS;
|
||||
bool DontFixTLS;
|
||||
DWORD OriginalTLSTableAddress;
|
||||
DWORD OriginalTLSTableSize;
|
||||
bool StrippedLoadConfig;
|
||||
bool DontFixLoadConfig;
|
||||
DWORD OriginalLoadConfigTableAddress;
|
||||
DWORD OriginalLoadConfigTableSize;
|
||||
bool StrippedBoundImports;
|
||||
bool DontFixBoundImports;
|
||||
DWORD OriginalBoundImportTableAddress;
|
||||
DWORD OriginalBoundImportTableSize;
|
||||
bool StrippedIAT;
|
||||
bool DontFixIAT;
|
||||
DWORD OriginalImportAddressTableAddress;
|
||||
DWORD OriginalImportAddressTableSize;
|
||||
bool StrippedCOM;
|
||||
bool DontFixCOM;
|
||||
DWORD OriginalCOMTableAddress;
|
||||
DWORD OriginalCOMTableSize;
|
||||
} FILE_FIX_INFO, *PFILE_FIX_INFO;
|
||||
|
||||
typedef struct{
|
||||
void* AllocatedSection;
|
||||
DWORD SectionVirtualOffset;
|
||||
DWORD SectionVirtualSize;
|
||||
DWORD SectionAttributes;
|
||||
DWORD SectionDataHash;
|
||||
bool AccessedAlready;
|
||||
bool WriteCheckMode;
|
||||
}TracerSectionData, *PTracerSectionData;
|
||||
typedef struct
|
||||
{
|
||||
void* AllocatedSection;
|
||||
DWORD SectionVirtualOffset;
|
||||
DWORD SectionVirtualSize;
|
||||
DWORD SectionAttributes;
|
||||
DWORD SectionDataHash;
|
||||
bool AccessedAlready;
|
||||
bool WriteCheckMode;
|
||||
} TracerSectionData, *PTracerSectionData;
|
||||
|
||||
typedef struct{
|
||||
int SectionNumber;
|
||||
TracerSectionData SectionData[MAXIMUM_SECTION_NUMBER];
|
||||
int OriginalEntryPointNum;
|
||||
ULONG_PTR OriginalImageBase;
|
||||
ULONG_PTR OriginalEntryPoint;
|
||||
ULONG_PTR LoadedImageBase;
|
||||
ULONG_PTR SizeOfImage;
|
||||
ULONG_PTR CurrentIntructionPointer;
|
||||
ULONG_PTR MemoryAccessedFrom;
|
||||
ULONG_PTR MemoryAccessed;
|
||||
ULONG_PTR AccessType;
|
||||
void* InitCallBack;
|
||||
void* EPCallBack;
|
||||
bool FileIsDLL;
|
||||
bool FileIs64bit;
|
||||
}GenericOEPTracerData, *PGenericOEPTracerData;
|
||||
typedef struct
|
||||
{
|
||||
int SectionNumber;
|
||||
TracerSectionData SectionData[MAXIMUM_SECTION_NUMBER];
|
||||
int OriginalEntryPointNum;
|
||||
ULONG_PTR OriginalImageBase;
|
||||
ULONG_PTR OriginalEntryPoint;
|
||||
ULONG_PTR LoadedImageBase;
|
||||
ULONG_PTR SizeOfImage;
|
||||
ULONG_PTR CurrentIntructionPointer;
|
||||
ULONG_PTR MemoryAccessedFrom;
|
||||
ULONG_PTR MemoryAccessed;
|
||||
ULONG_PTR AccessType;
|
||||
void* InitCallBack;
|
||||
void* EPCallBack;
|
||||
bool FileIsDLL;
|
||||
bool FileIs64bit;
|
||||
} GenericOEPTracerData, *PGenericOEPTracerData;
|
||||
|
||||
// UnpackEngine.Handler:
|
||||
|
||||
|
|
@ -698,14 +727,15 @@ typedef struct{
|
|||
NonPagedPoolCacheAlignedMustSSession
|
||||
} POOL_TYPE;*/
|
||||
|
||||
typedef struct{
|
||||
ULONG ProcessId;
|
||||
UCHAR ObjectTypeNumber;
|
||||
UCHAR Flags; // 0x01 = PROTECT_FROM_CLOSE, 0x02 = INHERIT
|
||||
USHORT hHandle;
|
||||
PVOID Object;
|
||||
ACCESS_MASK GrantedAccess;
|
||||
}NTDLL_QUERY_HANDLE_INFO, *PNTDLL_QUERY_HANDLE_INFO;
|
||||
typedef struct
|
||||
{
|
||||
ULONG ProcessId;
|
||||
UCHAR ObjectTypeNumber;
|
||||
UCHAR Flags; // 0x01 = PROTECT_FROM_CLOSE, 0x02 = INHERIT
|
||||
USHORT hHandle;
|
||||
PVOID Object;
|
||||
ACCESS_MASK GrantedAccess;
|
||||
} NTDLL_QUERY_HANDLE_INFO, *PNTDLL_QUERY_HANDLE_INFO;
|
||||
|
||||
/*typedef struct _PUBLIC_OBJECT_BASIC_INFORMATION {
|
||||
ULONG Attributes;
|
||||
|
|
@ -721,8 +751,9 @@ typedef struct{
|
|||
LARGE_INTEGER CreateTime;
|
||||
} PUBLIC_OBJECT_BASIC_INFORMATION, *PPUBLIC_OBJECT_BASIC_INFORMATION;*/
|
||||
|
||||
typedef struct _PUBLIC_OBJECT_NAME_INFORMATION { // Information Class 1
|
||||
UNICODE_STRING Name;
|
||||
typedef struct _PUBLIC_OBJECT_NAME_INFORMATION // Information Class 1
|
||||
{
|
||||
UNICODE_STRING Name;
|
||||
} PUBLIC_OBJECT_NAME_INFORMATION, *PPUBLIC_OBJECT_NAME_INFORMATION;
|
||||
|
||||
/*typedef struct _PUBLIC_OBJECT_TYPE_INFORMATION { // Information Class 2
|
||||
|
|
@ -744,7 +775,7 @@ typedef struct _PUBLIC_OBJECT_NAME_INFORMATION { // Information Class 1
|
|||
} PUBLIC_OBJECT_TYPE_INFORMATION, *PPUBLIC_OBJECT_TYPE_INFORMATION;*/
|
||||
|
||||
typedef void (*PPEBLOCKROUTINE)(
|
||||
PVOID PebLock
|
||||
PVOID PebLock
|
||||
);
|
||||
|
||||
/*typedef struct _PEB_LDR_DATA {
|
||||
|
|
@ -795,59 +826,60 @@ typedef struct _RTL_USER_PROCESS_PARAMETERS {
|
|||
RTL_DRIVE_LETTER_CURDIR DLCurrentDirectory[0x20];
|
||||
} RTL_USER_PROCESS_PARAMETERS, *PRTL_USER_PROCESS_PARAMETERS;*/
|
||||
|
||||
typedef struct _NTPEB {
|
||||
BOOLEAN InheritedAddressSpace;
|
||||
BOOLEAN ReadImageFileExecOptions;
|
||||
BOOLEAN BeingDebugged;
|
||||
BOOLEAN Spare;
|
||||
HANDLE Mutant;
|
||||
PVOID ImageBaseAddress;
|
||||
PPEB_LDR_DATA LoaderData;
|
||||
PRTL_USER_PROCESS_PARAMETERS ProcessParameters;
|
||||
PVOID SubSystemData;
|
||||
PVOID ProcessHeap;
|
||||
PVOID FastPebLock;
|
||||
void* FastPebLockRoutine;
|
||||
void* FastPebUnlockRoutine;
|
||||
ULONG EnvironmentUpdateCount;
|
||||
PVOID* KernelCallbackTable;
|
||||
PVOID EventLogSection;
|
||||
PVOID EventLog;
|
||||
void* FreeList;
|
||||
ULONG TlsExpansionCounter;
|
||||
PVOID TlsBitmap;
|
||||
ULONG TlsBitmapBits[0x2];
|
||||
PVOID ReadOnlySharedMemoryBase;
|
||||
PVOID ReadOnlySharedMemoryHeap;
|
||||
PVOID* ReadOnlyStaticServerData;
|
||||
PVOID AnsiCodePageData;
|
||||
PVOID OemCodePageData;
|
||||
PVOID UnicodeCaseTableData;
|
||||
ULONG NumberOfProcessors;
|
||||
ULONG NtGlobalFlag;
|
||||
BYTE Spare2[0x4];
|
||||
LARGE_INTEGER CriticalSectionTimeout;
|
||||
ULONG HeapSegmentReserve;
|
||||
ULONG HeapSegmentCommit;
|
||||
ULONG HeapDeCommitTotalFreeThreshold;
|
||||
ULONG HeapDeCommitFreeBlockThreshold;
|
||||
ULONG NumberOfHeaps;
|
||||
ULONG MaximumNumberOfHeaps;
|
||||
PVOID* *ProcessHeaps;
|
||||
PVOID GdiSharedHandleTable;
|
||||
PVOID ProcessStarterHelper;
|
||||
PVOID GdiDCAttributeList;
|
||||
PVOID LoaderLock;
|
||||
ULONG OSMajorVersion;
|
||||
ULONG OSMinorVersion;
|
||||
ULONG OSBuildNumber;
|
||||
ULONG OSPlatformId;
|
||||
ULONG ImageSubSystem;
|
||||
ULONG ImageSubSystemMajorVersion;
|
||||
ULONG ImageSubSystemMinorVersion;
|
||||
ULONG GdiHandleBuffer[0x22];
|
||||
ULONG PostProcessInitRoutine;
|
||||
ULONG TlsExpansionBitmap;
|
||||
BYTE TlsExpansionBitmapBits[0x80];
|
||||
ULONG SessionId;
|
||||
typedef struct _NTPEB
|
||||
{
|
||||
BOOLEAN InheritedAddressSpace;
|
||||
BOOLEAN ReadImageFileExecOptions;
|
||||
BOOLEAN BeingDebugged;
|
||||
BOOLEAN Spare;
|
||||
HANDLE Mutant;
|
||||
PVOID ImageBaseAddress;
|
||||
PPEB_LDR_DATA LoaderData;
|
||||
PRTL_USER_PROCESS_PARAMETERS ProcessParameters;
|
||||
PVOID SubSystemData;
|
||||
PVOID ProcessHeap;
|
||||
PVOID FastPebLock;
|
||||
void* FastPebLockRoutine;
|
||||
void* FastPebUnlockRoutine;
|
||||
ULONG EnvironmentUpdateCount;
|
||||
PVOID* KernelCallbackTable;
|
||||
PVOID EventLogSection;
|
||||
PVOID EventLog;
|
||||
void* FreeList;
|
||||
ULONG TlsExpansionCounter;
|
||||
PVOID TlsBitmap;
|
||||
ULONG TlsBitmapBits[0x2];
|
||||
PVOID ReadOnlySharedMemoryBase;
|
||||
PVOID ReadOnlySharedMemoryHeap;
|
||||
PVOID* ReadOnlyStaticServerData;
|
||||
PVOID AnsiCodePageData;
|
||||
PVOID OemCodePageData;
|
||||
PVOID UnicodeCaseTableData;
|
||||
ULONG NumberOfProcessors;
|
||||
ULONG NtGlobalFlag;
|
||||
BYTE Spare2[0x4];
|
||||
LARGE_INTEGER CriticalSectionTimeout;
|
||||
ULONG HeapSegmentReserve;
|
||||
ULONG HeapSegmentCommit;
|
||||
ULONG HeapDeCommitTotalFreeThreshold;
|
||||
ULONG HeapDeCommitFreeBlockThreshold;
|
||||
ULONG NumberOfHeaps;
|
||||
ULONG MaximumNumberOfHeaps;
|
||||
PVOID* *ProcessHeaps;
|
||||
PVOID GdiSharedHandleTable;
|
||||
PVOID ProcessStarterHelper;
|
||||
PVOID GdiDCAttributeList;
|
||||
PVOID LoaderLock;
|
||||
ULONG OSMajorVersion;
|
||||
ULONG OSMinorVersion;
|
||||
ULONG OSBuildNumber;
|
||||
ULONG OSPlatformId;
|
||||
ULONG ImageSubSystem;
|
||||
ULONG ImageSubSystemMajorVersion;
|
||||
ULONG ImageSubSystemMinorVersion;
|
||||
ULONG GdiHandleBuffer[0x22];
|
||||
ULONG PostProcessInitRoutine;
|
||||
ULONG TlsExpansionBitmap;
|
||||
BYTE TlsExpansionBitmapBits[0x80];
|
||||
ULONG SessionId;
|
||||
} NTPEB, *PNTPEB;
|
||||
|
|
|
|||
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
|
|
@ -0,0 +1,5 @@
|
|||
@echo off
|
||||
set PATH=c:\MinGW64\bin
|
||||
gendef TitanEngine.dll
|
||||
dlltool --as-flags=--64 -m i386:x86-64 -k --output-lib TitanEngine_x64.a --input-def TitanEngine.def
|
||||
del TitanEngine.def
|
||||
Loading…
Reference in New Issue