mirror of https://github.com/x64dbg/TitanEngine
Remove unused SDKs
This commit is contained in:
parent
160d66919e
commit
43caf023f8
|
|
@ -1,964 +0,0 @@
|
|||
#ifndef TITANENGINE
|
||||
#define TITANENGINE
|
||||
|
||||
#define TITCALL
|
||||
|
||||
#if _MSC_VER > 1000
|
||||
#pragma once
|
||||
#endif
|
||||
|
||||
#include <windows.h>
|
||||
|
||||
#pragma pack(push, 1)
|
||||
|
||||
// Global.Constant.Structure.Declaration:
|
||||
// Engine.External:
|
||||
const BYTE UE_STRUCT_PE32STRUCT = 1;
|
||||
const BYTE UE_STRUCT_PE64STRUCT = 2;
|
||||
const BYTE UE_STRUCT_PESTRUCT = 3;
|
||||
const BYTE UE_STRUCT_IMPORTENUMDATA = 4;
|
||||
const BYTE UE_STRUCT_THREAD_ITEM_DATA = 5;
|
||||
const BYTE UE_STRUCT_LIBRARY_ITEM_DATA = 6;
|
||||
const BYTE UE_STRUCT_LIBRARY_ITEM_DATAW = 7;
|
||||
const BYTE UE_STRUCT_PROCESS_ITEM_DATA = 8;
|
||||
const BYTE UE_STRUCT_HANDLERARRAY = 9;
|
||||
const BYTE UE_STRUCT_PLUGININFORMATION = 10;
|
||||
const BYTE UE_STRUCT_HOOK_ENTRY = 11;
|
||||
const BYTE UE_STRUCT_FILE_STATUS_INFO = 12;
|
||||
const BYTE UE_STRUCT_FILE_FIX_INFO = 13;
|
||||
|
||||
const BYTE UE_ACCESS_READ = 0;
|
||||
const BYTE UE_ACCESS_WRITE = 1;
|
||||
const BYTE UE_ACCESS_ALL = 2;
|
||||
|
||||
const BYTE UE_HIDE_PEBONLY = 0;
|
||||
const BYTE UE_HIDE_BASIC = 1;
|
||||
|
||||
const BYTE UE_PLUGIN_CALL_REASON_PREDEBUG = 1;
|
||||
const BYTE UE_PLUGIN_CALL_REASON_EXCEPTION = 2;
|
||||
const BYTE UE_PLUGIN_CALL_REASON_POSTDEBUG = 3;
|
||||
const BYTE UE_PLUGIN_CALL_REASON_UNHANDLEDEXCEPTION = 4;
|
||||
|
||||
const BYTE TEE_HOOK_NRM_JUMP = 1;
|
||||
const BYTE TEE_HOOK_NRM_CALL = 3;
|
||||
const BYTE TEE_HOOK_IAT = 5;
|
||||
|
||||
const BYTE UE_ENGINE_ALOW_MODULE_LOADING = 1;
|
||||
const BYTE UE_ENGINE_AUTOFIX_FORWARDERS = 2;
|
||||
const BYTE UE_ENGINE_PASS_ALL_EXCEPTIONS = 3;
|
||||
const BYTE UE_ENGINE_NO_CONSOLE_WINDOW = 4;
|
||||
const BYTE UE_ENGINE_BACKUP_FOR_CRITICAL_FUNCTIONS = 5;
|
||||
const BYTE UE_ENGINE_CALL_PLUGIN_CALLBACK = 6;
|
||||
const BYTE UE_ENGINE_RESET_CUSTOM_HANDLER = 7;
|
||||
const BYTE UE_ENGINE_CALL_PLUGIN_DEBUG_CALLBACK = 8;
|
||||
const BYTE UE_ENGINE_SET_DEBUG_PRIVILEGE = 9;
|
||||
const BYTE UE_ENGINE_SAFE_ATTACH = 10;
|
||||
const BYTE UE_ENGINE_MEMBP_ALT = 11;
|
||||
|
||||
const BYTE UE_OPTION_REMOVEALL = 1;
|
||||
const BYTE UE_OPTION_DISABLEALL = 2;
|
||||
const BYTE UE_OPTION_REMOVEALLDISABLED = 3;
|
||||
const BYTE UE_OPTION_REMOVEALLENABLED = 4;
|
||||
|
||||
const BYTE UE_STATIC_DECRYPTOR_XOR = 1;
|
||||
const BYTE UE_STATIC_DECRYPTOR_SUB = 2;
|
||||
const BYTE UE_STATIC_DECRYPTOR_ADD = 3;
|
||||
|
||||
const BYTE UE_STATIC_DECRYPTOR_FOREWARD = 1;
|
||||
const BYTE UE_STATIC_DECRYPTOR_BACKWARD = 2;
|
||||
|
||||
const BYTE UE_STATIC_KEY_SIZE_1 = 1;
|
||||
const BYTE UE_STATIC_KEY_SIZE_2 = 2;
|
||||
const BYTE UE_STATIC_KEY_SIZE_4 = 4;
|
||||
const BYTE UE_STATIC_KEY_SIZE_8 = 8;
|
||||
|
||||
const BYTE UE_STATIC_APLIB = 1;
|
||||
const BYTE UE_STATIC_APLIB_DEPACK = 2;
|
||||
const BYTE UE_STATIC_LZMA = 3;
|
||||
|
||||
const BYTE UE_STATIC_HASH_MD5 = 1;
|
||||
const BYTE UE_STATIC_HASH_SHA1 = 2;
|
||||
const BYTE UE_STATIC_HASH_CRC32 = 3;
|
||||
|
||||
const DWORD UE_RESOURCE_LANGUAGE_ANY = -1;
|
||||
|
||||
const BYTE UE_PE_OFFSET = 0;
|
||||
const BYTE UE_IMAGEBASE = 1;
|
||||
const BYTE UE_OEP = 2;
|
||||
const BYTE UE_SIZEOFIMAGE = 3;
|
||||
const BYTE UE_SIZEOFHEADERS = 4;
|
||||
const BYTE UE_SIZEOFOPTIONALHEADER = 5;
|
||||
const BYTE UE_SECTIONALIGNMENT = 6;
|
||||
const BYTE UE_IMPORTTABLEADDRESS = 7;
|
||||
const BYTE UE_IMPORTTABLESIZE = 8;
|
||||
const BYTE UE_RESOURCETABLEADDRESS = 9;
|
||||
const BYTE UE_RESOURCETABLESIZE = 10;
|
||||
const BYTE UE_EXPORTTABLEADDRESS = 11;
|
||||
const BYTE UE_EXPORTTABLESIZE = 12;
|
||||
const BYTE UE_TLSTABLEADDRESS = 13;
|
||||
const BYTE UE_TLSTABLESIZE = 14;
|
||||
const BYTE UE_RELOCATIONTABLEADDRESS = 15;
|
||||
const BYTE UE_RELOCATIONTABLESIZE = 16;
|
||||
const BYTE UE_TIMEDATESTAMP = 17;
|
||||
const BYTE UE_SECTIONNUMBER = 18;
|
||||
const BYTE UE_CHECKSUM = 19;
|
||||
const BYTE UE_SUBSYSTEM = 20;
|
||||
const BYTE UE_CHARACTERISTICS = 21;
|
||||
const BYTE UE_NUMBEROFRVAANDSIZES = 22;
|
||||
const BYTE UE_BASEOFCODE = 23;
|
||||
const BYTE UE_BASEOFDATA = 24;
|
||||
const BYTE UE_DLLCHARACTERISTICS = 25;
|
||||
//leaving some enum space here for future additions
|
||||
const BYTE UE_SECTIONNAME = 40;
|
||||
const BYTE UE_SECTIONVIRTUALOFFSET = 41;
|
||||
const BYTE UE_SECTIONVIRTUALSIZE = 42;
|
||||
const BYTE UE_SECTIONRAWOFFSET = 43;
|
||||
const BYTE UE_SECTIONRAWSIZE = 44;
|
||||
const BYTE UE_SECTIONFLAGS = 45;
|
||||
|
||||
const long UE_VANOTFOUND = -2;
|
||||
|
||||
const BYTE UE_CH_BREAKPOINT = 1;
|
||||
const BYTE UE_CH_SINGLESTEP = 2;
|
||||
const BYTE UE_CH_ACCESSVIOLATION = 3;
|
||||
const BYTE UE_CH_ILLEGALINSTRUCTION = 4;
|
||||
const BYTE UE_CH_NONCONTINUABLEEXCEPTION = 5;
|
||||
const BYTE UE_CH_ARRAYBOUNDSEXCEPTION = 6;
|
||||
const BYTE UE_CH_FLOATDENORMALOPERAND = 7;
|
||||
const BYTE UE_CH_FLOATDEVIDEBYZERO = 8;
|
||||
const BYTE UE_CH_INTEGERDEVIDEBYZERO = 9;
|
||||
const BYTE UE_CH_INTEGEROVERFLOW = 10;
|
||||
const BYTE UE_CH_PRIVILEGEDINSTRUCTION = 11;
|
||||
const BYTE UE_CH_PAGEGUARD = 12;
|
||||
const BYTE UE_CH_EVERYTHINGELSE = 13;
|
||||
const BYTE UE_CH_CREATETHREAD = 14;
|
||||
const BYTE UE_CH_EXITTHREAD = 15;
|
||||
const BYTE UE_CH_CREATEPROCESS = 16;
|
||||
const BYTE UE_CH_EXITPROCESS = 17;
|
||||
const BYTE UE_CH_LOADDLL = 18;
|
||||
const BYTE UE_CH_UNLOADDLL = 19;
|
||||
const BYTE UE_CH_OUTPUTDEBUGSTRING = 20;
|
||||
const BYTE UE_CH_AFTEREXCEPTIONPROCESSING = 21;
|
||||
const BYTE UE_CH_SYSTEMBREAKPOINT = 23;
|
||||
const BYTE UE_CH_UNHANDLEDEXCEPTION = 24;
|
||||
const BYTE UE_CH_RIPEVENT = 25;
|
||||
const BYTE UE_CH_DEBUGEVENT = 26;
|
||||
|
||||
const BYTE UE_OPTION_HANDLER_RETURN_HANDLECOUNT = 1;
|
||||
const BYTE UE_OPTION_HANDLER_RETURN_ACCESS = 2;
|
||||
const BYTE UE_OPTION_HANDLER_RETURN_FLAGS = 3;
|
||||
const BYTE UE_OPTION_HANDLER_RETURN_TYPENAME = 4;
|
||||
|
||||
const BYTE UE_BREAKPOINT_INT3 = 1;
|
||||
const BYTE UE_BREAKPOINT_LONG_INT3 = 2;
|
||||
const BYTE UE_BREAKPOINT_UD2 = 3;
|
||||
|
||||
const BYTE UE_BPXREMOVED = 0;
|
||||
const BYTE UE_BPXACTIVE = 1;
|
||||
const BYTE UE_BPXINACTIVE = 2;
|
||||
|
||||
const BYTE UE_BREAKPOINT = 0;
|
||||
const BYTE UE_SINGLESHOOT = 1;
|
||||
const BYTE UE_HARDWARE = 2;
|
||||
const BYTE UE_MEMORY = 3;
|
||||
const BYTE UE_MEMORY_READ = 4;
|
||||
const BYTE UE_MEMORY_WRITE = 5;
|
||||
const BYTE UE_MEMORY_EXECUTE = 6;
|
||||
const DWORD UE_BREAKPOINT_TYPE_INT3 = 0x10000000;
|
||||
const DWORD UE_BREAKPOINT_TYPE_LONG_INT3 = 0x20000000;
|
||||
const DWORD UE_BREAKPOINT_TYPE_UD2 = 0x30000000;
|
||||
|
||||
const BYTE UE_HARDWARE_EXECUTE = 4;
|
||||
const BYTE UE_HARDWARE_WRITE = 5;
|
||||
const BYTE UE_HARDWARE_READWRITE = 6;
|
||||
|
||||
const BYTE UE_HARDWARE_SIZE_1 = 7;
|
||||
const BYTE UE_HARDWARE_SIZE_2 = 8;
|
||||
const BYTE UE_HARDWARE_SIZE_4 = 9;
|
||||
const BYTE UE_HARDWARE_SIZE_8 = 10;
|
||||
|
||||
const BYTE UE_ON_LIB_LOAD = 1;
|
||||
const BYTE UE_ON_LIB_UNLOAD = 2;
|
||||
const BYTE UE_ON_LIB_ALL = 3;
|
||||
|
||||
const BYTE UE_APISTART = 0;
|
||||
const BYTE UE_APIEND = 1;
|
||||
|
||||
const BYTE UE_PLATFORM_x86 = 1;
|
||||
const BYTE UE_PLATFORM_x64 = 2;
|
||||
const BYTE UE_PLATFORM_ALL = 3;
|
||||
|
||||
const BYTE UE_FUNCTION_STDCALL = 1;
|
||||
const BYTE UE_FUNCTION_CCALL = 2;
|
||||
const BYTE UE_FUNCTION_FASTCALL = 3;
|
||||
const BYTE UE_FUNCTION_STDCALL_RET = 4;
|
||||
const BYTE UE_FUNCTION_CCALL_RET = 5;
|
||||
const BYTE UE_FUNCTION_FASTCALL_RET = 6;
|
||||
const BYTE UE_FUNCTION_STDCALL_CALL = 7;
|
||||
const BYTE UE_FUNCTION_CCALL_CALL = 8;
|
||||
const BYTE UE_FUNCTION_FASTCALL_CALL = 9;
|
||||
const BYTE UE_PARAMETER_BYTE = 0;
|
||||
const BYTE UE_PARAMETER_WORD = 1;
|
||||
const BYTE UE_PARAMETER_DWORD = 2;
|
||||
const BYTE UE_PARAMETER_QWORD = 3;
|
||||
const BYTE UE_PARAMETER_PTR_BYTE = 4;
|
||||
const BYTE UE_PARAMETER_PTR_WORD = 5;
|
||||
const BYTE UE_PARAMETER_PTR_DWORD = 6;
|
||||
const BYTE UE_PARAMETER_PTR_QWORD = 7;
|
||||
const BYTE UE_PARAMETER_STRING = 8;
|
||||
const BYTE UE_PARAMETER_UNICODE = 9;
|
||||
|
||||
const BYTE UE_EAX = 1;
|
||||
const BYTE UE_EBX = 2;
|
||||
const BYTE UE_ECX = 3;
|
||||
const BYTE UE_EDX = 4;
|
||||
const BYTE UE_EDI = 5;
|
||||
const BYTE UE_ESI = 6;
|
||||
const BYTE UE_EBP = 7;
|
||||
const BYTE UE_ESP = 8;
|
||||
const BYTE UE_EIP = 9;
|
||||
const BYTE UE_EFLAGS = 10;
|
||||
const BYTE UE_DR0 = 11;
|
||||
const BYTE UE_DR1 = 12;
|
||||
const BYTE UE_DR2 = 13;
|
||||
const BYTE UE_DR3 = 14;
|
||||
const BYTE UE_DR6 = 15;
|
||||
const BYTE UE_DR7 = 16;
|
||||
const BYTE UE_RAX = 17;
|
||||
const BYTE UE_RBX = 18;
|
||||
const BYTE UE_RCX = 19;
|
||||
const BYTE UE_RDX = 20;
|
||||
const BYTE UE_RDI = 21;
|
||||
const BYTE UE_RSI = 22;
|
||||
const BYTE UE_RBP = 23;
|
||||
const BYTE UE_RSP = 24;
|
||||
const BYTE UE_RIP = 25;
|
||||
const BYTE UE_RFLAGS = 26;
|
||||
const BYTE UE_R8 = 27;
|
||||
const BYTE UE_R9 = 28;
|
||||
const BYTE UE_R10 = 29;
|
||||
const BYTE UE_R11 = 30;
|
||||
const BYTE UE_R12 = 31;
|
||||
const BYTE UE_R13 = 32;
|
||||
const BYTE UE_R14 = 33;
|
||||
const BYTE UE_R15 = 34;
|
||||
const BYTE UE_CIP = 35;
|
||||
const BYTE UE_CSP = 36;
|
||||
#ifdef _WIN64
|
||||
const BYTE UE_CFLAGS = UE_RFLAGS;
|
||||
#else
|
||||
const BYTE UE_CFLAGS = UE_EFLAGS;
|
||||
#endif
|
||||
const BYTE UE_SEG_GS = 37;
|
||||
const BYTE UE_SEG_FS = 38;
|
||||
const BYTE UE_SEG_ES = 39;
|
||||
const BYTE UE_SEG_DS = 40;
|
||||
const BYTE UE_SEG_CS = 41;
|
||||
const BYTE UE_SEG_SS = 42;
|
||||
|
||||
typedef struct
|
||||
{
|
||||
DWORD PE32Offset;
|
||||
DWORD ImageBase;
|
||||
DWORD OriginalEntryPoint;
|
||||
DWORD BaseOfCode;
|
||||
DWORD BaseOfData;
|
||||
DWORD NtSizeOfImage;
|
||||
DWORD NtSizeOfHeaders;
|
||||
WORD SizeOfOptionalHeaders;
|
||||
DWORD FileAlignment;
|
||||
DWORD SectionAligment;
|
||||
DWORD ImportTableAddress;
|
||||
DWORD ImportTableSize;
|
||||
DWORD ResourceTableAddress;
|
||||
DWORD ResourceTableSize;
|
||||
DWORD ExportTableAddress;
|
||||
DWORD ExportTableSize;
|
||||
DWORD TLSTableAddress;
|
||||
DWORD TLSTableSize;
|
||||
DWORD RelocationTableAddress;
|
||||
DWORD RelocationTableSize;
|
||||
DWORD TimeDateStamp;
|
||||
WORD SectionNumber;
|
||||
DWORD CheckSum;
|
||||
WORD SubSystem;
|
||||
WORD Characteristics;
|
||||
DWORD NumberOfRvaAndSizes;
|
||||
} PE32Struct, *PPE32Struct;
|
||||
|
||||
typedef struct
|
||||
{
|
||||
DWORD PE64Offset;
|
||||
DWORD64 ImageBase;
|
||||
DWORD OriginalEntryPoint;
|
||||
DWORD BaseOfCode;
|
||||
DWORD BaseOfData;
|
||||
DWORD NtSizeOfImage;
|
||||
DWORD NtSizeOfHeaders;
|
||||
WORD SizeOfOptionalHeaders;
|
||||
DWORD FileAlignment;
|
||||
DWORD SectionAligment;
|
||||
DWORD ImportTableAddress;
|
||||
DWORD ImportTableSize;
|
||||
DWORD ResourceTableAddress;
|
||||
DWORD ResourceTableSize;
|
||||
DWORD ExportTableAddress;
|
||||
DWORD ExportTableSize;
|
||||
DWORD TLSTableAddress;
|
||||
DWORD TLSTableSize;
|
||||
DWORD RelocationTableAddress;
|
||||
DWORD RelocationTableSize;
|
||||
DWORD TimeDateStamp;
|
||||
WORD SectionNumber;
|
||||
DWORD CheckSum;
|
||||
WORD SubSystem;
|
||||
WORD Characteristics;
|
||||
DWORD NumberOfRvaAndSizes;
|
||||
} PE64Struct, *PPE64Struct;
|
||||
|
||||
#if defined(_WIN64)
|
||||
typedef PE64Struct PEStruct;
|
||||
#else
|
||||
typedef PE32Struct PEStruct;
|
||||
#endif
|
||||
|
||||
typedef struct
|
||||
{
|
||||
bool NewDll;
|
||||
int NumberOfImports;
|
||||
ULONG_PTR ImageBase;
|
||||
ULONG_PTR BaseImportThunk;
|
||||
ULONG_PTR ImportThunk;
|
||||
char* APIName;
|
||||
char* DLLName;
|
||||
} ImportEnumData, *PImportEnumData;
|
||||
|
||||
typedef struct
|
||||
{
|
||||
HANDLE hThread;
|
||||
DWORD dwThreadId;
|
||||
void* ThreadStartAddress;
|
||||
void* ThreadLocalBase;
|
||||
void* TebAddress;
|
||||
ULONG WaitTime;
|
||||
LONG Priority;
|
||||
LONG BasePriority;
|
||||
ULONG ContextSwitches;
|
||||
ULONG ThreadState;
|
||||
ULONG WaitReason;
|
||||
} THREAD_ITEM_DATA, *PTHREAD_ITEM_DATA;
|
||||
|
||||
typedef struct
|
||||
{
|
||||
HANDLE hFile;
|
||||
void* BaseOfDll;
|
||||
HANDLE hFileMapping;
|
||||
void* hFileMappingView;
|
||||
char szLibraryPath[MAX_PATH];
|
||||
char szLibraryName[MAX_PATH];
|
||||
} LIBRARY_ITEM_DATA, *PLIBRARY_ITEM_DATA;
|
||||
|
||||
typedef struct
|
||||
{
|
||||
HANDLE hFile;
|
||||
void* BaseOfDll;
|
||||
HANDLE hFileMapping;
|
||||
void* hFileMappingView;
|
||||
wchar_t szLibraryPath[MAX_PATH];
|
||||
wchar_t szLibraryName[MAX_PATH];
|
||||
} LIBRARY_ITEM_DATAW, *PLIBRARY_ITEM_DATAW;
|
||||
|
||||
typedef struct
|
||||
{
|
||||
HANDLE hProcess;
|
||||
DWORD dwProcessId;
|
||||
HANDLE hThread;
|
||||
DWORD dwThreadId;
|
||||
HANDLE hFile;
|
||||
void* BaseOfImage;
|
||||
void* ThreadStartAddress;
|
||||
void* ThreadLocalBase;
|
||||
} PROCESS_ITEM_DATA, *PPROCESS_ITEM_DATA;
|
||||
|
||||
typedef struct
|
||||
{
|
||||
ULONG ProcessId;
|
||||
HANDLE hHandle;
|
||||
} HandlerArray, *PHandlerArray;
|
||||
|
||||
typedef struct
|
||||
{
|
||||
char PluginName[64];
|
||||
DWORD PluginMajorVersion;
|
||||
DWORD PluginMinorVersion;
|
||||
HMODULE PluginBaseAddress;
|
||||
void* TitanDebuggingCallBack;
|
||||
void* TitanRegisterPlugin;
|
||||
void* TitanReleasePlugin;
|
||||
void* TitanResetPlugin;
|
||||
bool PluginDisabled;
|
||||
} PluginInformation, *PPluginInformation;
|
||||
|
||||
const size_t TEE_MAXIMUM_HOOK_SIZE = 14;
|
||||
const size_t TEE_MAXIMUM_HOOK_RELOCS = 7;
|
||||
#if defined(_WIN64)
|
||||
const size_t TEE_MAXIMUM_HOOK_INSERT_SIZE = 14;
|
||||
#else
|
||||
const size_t TEE_MAXIMUM_HOOK_INSERT_SIZE = 5;
|
||||
#endif
|
||||
|
||||
typedef struct HOOK_ENTRY
|
||||
{
|
||||
bool IATHook;
|
||||
BYTE HookType;
|
||||
DWORD HookSize;
|
||||
void* HookAddress;
|
||||
void* RedirectionAddress;
|
||||
BYTE HookBytes[TEE_MAXIMUM_HOOK_SIZE];
|
||||
BYTE OriginalBytes[TEE_MAXIMUM_HOOK_SIZE];
|
||||
void* IATHookModuleBase;
|
||||
DWORD IATHookNameHash;
|
||||
bool HookIsEnabled;
|
||||
bool HookIsRemote;
|
||||
void* PatchedEntry;
|
||||
DWORD RelocationInfo[TEE_MAXIMUM_HOOK_RELOCS];
|
||||
int RelocationCount;
|
||||
} HOOK_ENTRY, *PHOOK_ENTRY;
|
||||
|
||||
const BYTE UE_DEPTH_SURFACE = 0;
|
||||
const BYTE UE_DEPTH_DEEP = 1;
|
||||
|
||||
const BYTE UE_UNPACKER_CONDITION_SEARCH_FROM_EP = 1;
|
||||
|
||||
const BYTE UE_UNPACKER_CONDITION_LOADLIBRARY = 1;
|
||||
const BYTE UE_UNPACKER_CONDITION_GETPROCADDRESS = 2;
|
||||
const BYTE UE_UNPACKER_CONDITION_ENTRYPOINTBREAK = 3;
|
||||
const BYTE UE_UNPACKER_CONDITION_RELOCSNAPSHOT1 = 4;
|
||||
const BYTE UE_UNPACKER_CONDITION_RELOCSNAPSHOT2 = 5;
|
||||
|
||||
const BYTE UE_FIELD_OK = 0;
|
||||
const BYTE UE_FIELD_BROKEN_NON_FIXABLE = 1;
|
||||
const BYTE UE_FIELD_BROKEN_NON_CRITICAL = 2;
|
||||
const BYTE UE_FIELD_BROKEN_FIXABLE_FOR_STATIC_USE = 3;
|
||||
const BYTE UE_FIELD_BROKEN_BUT_CAN_BE_EMULATED = 4;
|
||||
const BYTE UE_FIELD_FIXABLE_NON_CRITICAL = 5;
|
||||
const BYTE UE_FIELD_FIXABLE_CRITICAL = 6;
|
||||
const BYTE UE_FIELD_NOT_PRESET = 7;
|
||||
const BYTE UE_FIELD_NOT_PRESET_WARNING = 8;
|
||||
|
||||
const BYTE UE_RESULT_FILE_OK = 10;
|
||||
const BYTE UE_RESULT_FILE_INVALID_BUT_FIXABLE = 11;
|
||||
const BYTE UE_RESULT_FILE_INVALID_AND_NON_FIXABLE = 12;
|
||||
const BYTE UE_RESULT_FILE_INVALID_FORMAT = 13;
|
||||
|
||||
typedef struct
|
||||
{
|
||||
BYTE OveralEvaluation;
|
||||
bool EvaluationTerminatedByException;
|
||||
bool FileIs64Bit;
|
||||
bool FileIsDLL;
|
||||
bool FileIsConsole;
|
||||
bool MissingDependencies;
|
||||
bool MissingDeclaredAPIs;
|
||||
BYTE SignatureMZ;
|
||||
BYTE SignaturePE;
|
||||
BYTE EntryPoint;
|
||||
BYTE ImageBase;
|
||||
BYTE SizeOfImage;
|
||||
BYTE FileAlignment;
|
||||
BYTE SectionAlignment;
|
||||
BYTE ExportTable;
|
||||
BYTE RelocationTable;
|
||||
BYTE ImportTable;
|
||||
BYTE ImportTableSection;
|
||||
BYTE ImportTableData;
|
||||
BYTE IATTable;
|
||||
BYTE TLSTable;
|
||||
BYTE LoadConfigTable;
|
||||
BYTE BoundImportTable;
|
||||
BYTE COMHeaderTable;
|
||||
BYTE ResourceTable;
|
||||
BYTE ResourceData;
|
||||
BYTE SectionTable;
|
||||
} FILE_STATUS_INFO, *PFILE_STATUS_INFO;
|
||||
|
||||
typedef struct
|
||||
{
|
||||
BYTE OveralEvaluation;
|
||||
bool FixingTerminatedByException;
|
||||
bool FileFixPerformed;
|
||||
bool StrippedRelocation;
|
||||
bool DontFixRelocations;
|
||||
DWORD OriginalRelocationTableAddress;
|
||||
DWORD OriginalRelocationTableSize;
|
||||
bool StrippedExports;
|
||||
bool DontFixExports;
|
||||
DWORD OriginalExportTableAddress;
|
||||
DWORD OriginalExportTableSize;
|
||||
bool StrippedResources;
|
||||
bool DontFixResources;
|
||||
DWORD OriginalResourceTableAddress;
|
||||
DWORD OriginalResourceTableSize;
|
||||
bool StrippedTLS;
|
||||
bool DontFixTLS;
|
||||
DWORD OriginalTLSTableAddress;
|
||||
DWORD OriginalTLSTableSize;
|
||||
bool StrippedLoadConfig;
|
||||
bool DontFixLoadConfig;
|
||||
DWORD OriginalLoadConfigTableAddress;
|
||||
DWORD OriginalLoadConfigTableSize;
|
||||
bool StrippedBoundImports;
|
||||
bool DontFixBoundImports;
|
||||
DWORD OriginalBoundImportTableAddress;
|
||||
DWORD OriginalBoundImportTableSize;
|
||||
bool StrippedIAT;
|
||||
bool DontFixIAT;
|
||||
DWORD OriginalImportAddressTableAddress;
|
||||
DWORD OriginalImportAddressTableSize;
|
||||
bool StrippedCOM;
|
||||
bool DontFixCOM;
|
||||
DWORD OriginalCOMTableAddress;
|
||||
DWORD OriginalCOMTableSize;
|
||||
} FILE_FIX_INFO, *PFILE_FIX_INFO;
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif /*__cplusplus*/
|
||||
|
||||
// Global.Function.Declaration:
|
||||
// TitanEngine.Dumper.functions:
|
||||
__declspec(dllimport) bool TITCALL DumpProcess(HANDLE hProcess, LPVOID ImageBase, char* szDumpFileName, ULONG_PTR EntryPoint);
|
||||
__declspec(dllimport) bool TITCALL DumpProcessW(HANDLE hProcess, LPVOID ImageBase, wchar_t* szDumpFileName, ULONG_PTR EntryPoint);
|
||||
__declspec(dllimport) bool TITCALL DumpProcessEx(DWORD ProcessId, LPVOID ImageBase, char* szDumpFileName, ULONG_PTR EntryPoint);
|
||||
__declspec(dllimport) bool TITCALL DumpProcessExW(DWORD ProcessId, LPVOID ImageBase, wchar_t* szDumpFileName, ULONG_PTR EntryPoint);
|
||||
__declspec(dllimport) bool TITCALL DumpMemory(HANDLE hProcess, LPVOID MemoryStart, ULONG_PTR MemorySize, char* szDumpFileName);
|
||||
__declspec(dllimport) bool TITCALL DumpMemoryW(HANDLE hProcess, LPVOID MemoryStart, ULONG_PTR MemorySize, wchar_t* szDumpFileName);
|
||||
__declspec(dllimport) bool TITCALL DumpMemoryEx(DWORD ProcessId, LPVOID MemoryStart, ULONG_PTR MemorySize, char* szDumpFileName);
|
||||
__declspec(dllimport) bool TITCALL DumpMemoryExW(DWORD ProcessId, LPVOID MemoryStart, ULONG_PTR MemorySize, wchar_t* szDumpFileName);
|
||||
__declspec(dllimport) bool TITCALL DumpRegions(HANDLE hProcess, char* szDumpFolder, bool DumpAboveImageBaseOnly);
|
||||
__declspec(dllimport) bool TITCALL DumpRegionsW(HANDLE hProcess, wchar_t* szDumpFolder, bool DumpAboveImageBaseOnly);
|
||||
__declspec(dllimport) bool TITCALL DumpRegionsEx(DWORD ProcessId, char* szDumpFolder, bool DumpAboveImageBaseOnly);
|
||||
__declspec(dllimport) bool TITCALL DumpRegionsExW(DWORD ProcessId, wchar_t* szDumpFolder, bool DumpAboveImageBaseOnly);
|
||||
__declspec(dllimport) bool TITCALL DumpModule(HANDLE hProcess, LPVOID ModuleBase, char* szDumpFileName);
|
||||
__declspec(dllimport) bool TITCALL DumpModuleW(HANDLE hProcess, LPVOID ModuleBase, wchar_t* szDumpFileName);
|
||||
__declspec(dllimport) bool TITCALL DumpModuleEx(DWORD ProcessId, LPVOID ModuleBase, char* szDumpFileName);
|
||||
__declspec(dllimport) bool TITCALL DumpModuleExW(DWORD ProcessId, LPVOID ModuleBase, wchar_t* szDumpFileName);
|
||||
__declspec(dllimport) bool TITCALL PastePEHeader(HANDLE hProcess, LPVOID ImageBase, char* szDebuggedFileName);
|
||||
__declspec(dllimport) bool TITCALL PastePEHeaderW(HANDLE hProcess, LPVOID ImageBase, wchar_t* szDebuggedFileName);
|
||||
__declspec(dllimport) bool TITCALL ExtractSection(char* szFileName, char* szDumpFileName, DWORD SectionNumber);
|
||||
__declspec(dllimport) bool TITCALL ExtractSectionW(wchar_t* szFileName, wchar_t* szDumpFileName, DWORD SectionNumber);
|
||||
__declspec(dllimport) bool TITCALL ResortFileSections(char* szFileName);
|
||||
__declspec(dllimport) bool TITCALL ResortFileSectionsW(wchar_t* szFileName);
|
||||
__declspec(dllimport) bool TITCALL FindOverlay(char* szFileName, LPDWORD OverlayStart, LPDWORD OverlaySize);
|
||||
__declspec(dllimport) bool TITCALL FindOverlayW(wchar_t* szFileName, LPDWORD OverlayStart, LPDWORD OverlaySize);
|
||||
__declspec(dllimport) bool TITCALL ExtractOverlay(char* szFileName, char* szExtractedFileName);
|
||||
__declspec(dllimport) bool TITCALL ExtractOverlayW(wchar_t* szFileName, wchar_t* szExtractedFileName);
|
||||
__declspec(dllimport) bool TITCALL AddOverlay(char* szFileName, char* szOverlayFileName);
|
||||
__declspec(dllimport) bool TITCALL AddOverlayW(wchar_t* szFileName, wchar_t* szOverlayFileName);
|
||||
__declspec(dllimport) bool TITCALL CopyOverlay(char* szInFileName, char* szOutFileName);
|
||||
__declspec(dllimport) bool TITCALL CopyOverlayW(wchar_t* szInFileName, wchar_t* szOutFileName);
|
||||
__declspec(dllimport) bool TITCALL RemoveOverlay(char* szFileName);
|
||||
__declspec(dllimport) bool TITCALL RemoveOverlayW(wchar_t* szFileName);
|
||||
__declspec(dllimport) bool TITCALL MakeAllSectionsRWE(char* szFileName);
|
||||
__declspec(dllimport) bool TITCALL MakeAllSectionsRWEW(wchar_t* szFileName);
|
||||
__declspec(dllimport) long TITCALL AddNewSectionEx(char* szFileName, char* szSectionName, DWORD SectionSize, DWORD SectionAttributes, LPVOID SectionContent, DWORD ContentSize);
|
||||
__declspec(dllimport) long TITCALL AddNewSectionExW(wchar_t* szFileName, char* szSectionName, DWORD SectionSize, DWORD SectionAttributes, LPVOID SectionContent, DWORD ContentSize);
|
||||
__declspec(dllimport) long TITCALL AddNewSection(char* szFileName, char* szSectionName, DWORD SectionSize);
|
||||
__declspec(dllimport) long TITCALL AddNewSectionW(wchar_t* szFileName, char* szSectionName, DWORD SectionSize);
|
||||
__declspec(dllimport) bool TITCALL ResizeLastSection(char* szFileName, DWORD NumberOfExpandBytes, bool AlignResizeData);
|
||||
__declspec(dllimport) bool TITCALL ResizeLastSectionW(wchar_t* szFileName, DWORD NumberOfExpandBytes, bool AlignResizeData);
|
||||
__declspec(dllimport) void TITCALL SetSharedOverlay(char* szFileName);
|
||||
__declspec(dllimport) void TITCALL SetSharedOverlayW(wchar_t* szFileName);
|
||||
__declspec(dllimport) char* TITCALL GetSharedOverlay();
|
||||
__declspec(dllimport) wchar_t* TITCALL GetSharedOverlayW();
|
||||
__declspec(dllimport) bool TITCALL DeleteLastSection(char* szFileName);
|
||||
__declspec(dllimport) bool TITCALL DeleteLastSectionW(wchar_t* szFileName);
|
||||
__declspec(dllimport) bool TITCALL DeleteLastSectionEx(char* szFileName, DWORD NumberOfSections);
|
||||
__declspec(dllimport) bool TITCALL DeleteLastSectionExW(wchar_t* szFileName, DWORD NumberOfSections);
|
||||
__declspec(dllimport) ULONG_PTR TITCALL GetPE32DataFromMappedFile(ULONG_PTR FileMapVA, DWORD WhichSection, DWORD WhichData);
|
||||
__declspec(dllimport) ULONG_PTR TITCALL GetPE32Data(char* szFileName, DWORD WhichSection, DWORD WhichData);
|
||||
__declspec(dllimport) ULONG_PTR TITCALL GetPE32DataW(const wchar_t* szFileName, DWORD WhichSection, DWORD WhichData);
|
||||
__declspec(dllimport) bool TITCALL GetPE32DataFromMappedFileEx(ULONG_PTR FileMapVA, LPVOID DataStorage);
|
||||
__declspec(dllimport) bool TITCALL GetPE32DataEx(char* szFileName, LPVOID DataStorage);
|
||||
__declspec(dllimport) bool TITCALL GetPE32DataExW(wchar_t* szFileName, LPVOID DataStorage);
|
||||
__declspec(dllimport) bool TITCALL SetPE32DataForMappedFile(ULONG_PTR FileMapVA, DWORD WhichSection, DWORD WhichData, ULONG_PTR NewDataValue);
|
||||
__declspec(dllimport) bool TITCALL SetPE32Data(char* szFileName, DWORD WhichSection, DWORD WhichData, ULONG_PTR NewDataValue);
|
||||
__declspec(dllimport) bool TITCALL SetPE32DataW(wchar_t* szFileName, DWORD WhichSection, DWORD WhichData, ULONG_PTR NewDataValue);
|
||||
__declspec(dllimport) bool TITCALL SetPE32DataForMappedFileEx(ULONG_PTR FileMapVA, LPVOID DataStorage);
|
||||
__declspec(dllimport) bool TITCALL SetPE32DataEx(char* szFileName, LPVOID DataStorage);
|
||||
__declspec(dllimport) bool TITCALL SetPE32DataExW(wchar_t* szFileName, LPVOID DataStorage);
|
||||
__declspec(dllimport) long TITCALL GetPE32SectionNumberFromVA(ULONG_PTR FileMapVA, ULONG_PTR AddressToConvert);
|
||||
__declspec(dllimport) ULONG_PTR TITCALL ConvertVAtoFileOffset(ULONG_PTR FileMapVA, ULONG_PTR AddressToConvert, bool ReturnType);
|
||||
__declspec(dllimport) ULONG_PTR TITCALL ConvertVAtoFileOffsetEx(ULONG_PTR FileMapVA, DWORD FileSize, ULONG_PTR ImageBase, ULONG_PTR AddressToConvert, bool AddressIsRVA, bool ReturnType);
|
||||
__declspec(dllimport) ULONG_PTR TITCALL ConvertFileOffsetToVA(ULONG_PTR FileMapVA, ULONG_PTR AddressToConvert, bool ReturnType);
|
||||
__declspec(dllimport) ULONG_PTR TITCALL ConvertFileOffsetToVAEx(ULONG_PTR FileMapVA, DWORD FileSize, ULONG_PTR ImageBase, ULONG_PTR AddressToConvert, bool ReturnType);
|
||||
__declspec(dllimport) bool TITCALL MemoryReadSafe(HANDLE hProcess, LPVOID lpBaseAddress, LPVOID lpBuffer, SIZE_T nSize, SIZE_T* lpNumberOfBytesRead);
|
||||
__declspec(dllimport) bool TITCALL MemoryWriteSafe(HANDLE hProcess, LPVOID lpBaseAddress, LPCVOID lpBuffer, SIZE_T nSize, SIZE_T* lpNumberOfBytesWritten);
|
||||
// TitanEngine.Realigner.functions:
|
||||
__declspec(dllimport) bool TITCALL FixHeaderCheckSum(char* szFileName);
|
||||
__declspec(dllimport) bool TITCALL FixHeaderCheckSumW(wchar_t* szFileName);
|
||||
__declspec(dllimport) long TITCALL RealignPE(ULONG_PTR FileMapVA, DWORD FileSize, DWORD RealingMode);
|
||||
__declspec(dllimport) long TITCALL RealignPEEx(char* szFileName, DWORD RealingFileSize, DWORD ForcedFileAlignment);
|
||||
__declspec(dllimport) long TITCALL RealignPEExW(wchar_t* szFileName, DWORD RealingFileSize, DWORD ForcedFileAlignment);
|
||||
__declspec(dllimport) bool TITCALL WipeSection(char* szFileName, int WipeSectionNumber, bool RemovePhysically);
|
||||
__declspec(dllimport) bool TITCALL WipeSectionW(wchar_t* szFileName, int WipeSectionNumber, bool RemovePhysically);
|
||||
__declspec(dllimport) bool TITCALL IsPE32FileValidEx(char* szFileName, DWORD CheckDepth, LPVOID FileStatusInfo);
|
||||
__declspec(dllimport) bool TITCALL IsPE32FileValidExW(wchar_t* szFileName, DWORD CheckDepth, LPVOID FileStatusInfo);
|
||||
__declspec(dllimport) bool TITCALL FixBrokenPE32FileEx(char* szFileName, LPVOID FileStatusInfo, LPVOID FileFixInfo);
|
||||
__declspec(dllimport) bool TITCALL FixBrokenPE32FileExW(wchar_t* szFileName, LPVOID FileStatusInfo, LPVOID FileFixInfo);
|
||||
__declspec(dllimport) bool TITCALL IsFileDLL(char* szFileName, ULONG_PTR FileMapVA);
|
||||
__declspec(dllimport) bool TITCALL IsFileDLLW(wchar_t* szFileName, ULONG_PTR FileMapVA);
|
||||
// TitanEngine.Hider.functions:
|
||||
__declspec(dllimport) void* TITCALL GetPEBLocation(HANDLE hProcess);
|
||||
__declspec(dllimport) void* TITCALL GetPEBLocation64(HANDLE hProcess);
|
||||
__declspec(dllimport) void* TITCALL GetTEBLocation(HANDLE hThread);
|
||||
__declspec(dllimport) void* TITCALL GetTEBLocation64(HANDLE hThread);
|
||||
__declspec(dllimport) bool TITCALL HideDebugger(HANDLE hProcess, DWORD PatchAPILevel);
|
||||
__declspec(dllimport) bool TITCALL UnHideDebugger(HANDLE hProcess, DWORD PatchAPILevel);
|
||||
// TitanEngine.Relocater.functions:
|
||||
__declspec(dllimport) void TITCALL RelocaterCleanup();
|
||||
__declspec(dllimport) void TITCALL RelocaterInit(DWORD MemorySize, ULONG_PTR OldImageBase, ULONG_PTR NewImageBase);
|
||||
__declspec(dllimport) void TITCALL RelocaterAddNewRelocation(HANDLE hProcess, ULONG_PTR RelocateAddress, DWORD RelocateState);
|
||||
__declspec(dllimport) long TITCALL RelocaterEstimatedSize();
|
||||
__declspec(dllimport) bool TITCALL RelocaterExportRelocation(ULONG_PTR StorePlace, DWORD StorePlaceRVA, ULONG_PTR FileMapVA);
|
||||
__declspec(dllimport) bool TITCALL RelocaterExportRelocationEx(char* szFileName, char* szSectionName);
|
||||
__declspec(dllimport) bool TITCALL RelocaterExportRelocationExW(wchar_t* szFileName, char* szSectionName);
|
||||
__declspec(dllimport) bool TITCALL RelocaterGrabRelocationTable(HANDLE hProcess, ULONG_PTR MemoryStart, DWORD MemorySize);
|
||||
__declspec(dllimport) bool TITCALL RelocaterGrabRelocationTableEx(HANDLE hProcess, ULONG_PTR MemoryStart, ULONG_PTR MemorySize, DWORD NtSizeOfImage);
|
||||
__declspec(dllimport) bool TITCALL RelocaterMakeSnapshot(HANDLE hProcess, char* szSaveFileName, LPVOID MemoryStart, ULONG_PTR MemorySize);
|
||||
__declspec(dllimport) bool TITCALL RelocaterMakeSnapshotW(HANDLE hProcess, wchar_t* szSaveFileName, LPVOID MemoryStart, ULONG_PTR MemorySize);
|
||||
__declspec(dllimport) bool TITCALL RelocaterCompareTwoSnapshots(HANDLE hProcess, ULONG_PTR LoadedImageBase, ULONG_PTR NtSizeOfImage, char* szDumpFile1, char* szDumpFile2, ULONG_PTR MemStart);
|
||||
__declspec(dllimport) bool TITCALL RelocaterCompareTwoSnapshotsW(HANDLE hProcess, ULONG_PTR LoadedImageBase, ULONG_PTR NtSizeOfImage, wchar_t* szDumpFile1, wchar_t* szDumpFile2, ULONG_PTR MemStart);
|
||||
__declspec(dllimport) bool TITCALL RelocaterChangeFileBase(char* szFileName, ULONG_PTR NewImageBase);
|
||||
__declspec(dllimport) bool TITCALL RelocaterChangeFileBaseW(wchar_t* szFileName, ULONG_PTR NewImageBase);
|
||||
__declspec(dllimport) bool TITCALL RelocaterRelocateMemoryBlock(ULONG_PTR FileMapVA, ULONG_PTR MemoryLocation, void* RelocateMemory, DWORD RelocateMemorySize, ULONG_PTR CurrentLoadedBase, ULONG_PTR RelocateBase);
|
||||
__declspec(dllimport) bool TITCALL RelocaterWipeRelocationTable(char* szFileName);
|
||||
__declspec(dllimport) bool TITCALL RelocaterWipeRelocationTableW(wchar_t* szFileName);
|
||||
// TitanEngine.Resourcer.functions:
|
||||
__declspec(dllimport) ULONG_PTR TITCALL ResourcerLoadFileForResourceUse(char* szFileName);
|
||||
__declspec(dllimport) ULONG_PTR TITCALL ResourcerLoadFileForResourceUseW(wchar_t* szFileName);
|
||||
__declspec(dllimport) bool TITCALL ResourcerFreeLoadedFile(LPVOID LoadedFileBase);
|
||||
__declspec(dllimport) bool TITCALL ResourcerExtractResourceFromFileEx(HMODULE hFile, char* szResourceType, char* szResourceName, char* szExtractedFileName);
|
||||
__declspec(dllimport) bool TITCALL ResourcerExtractResourceFromFile(char* szFileName, char* szResourceType, char* szResourceName, char* szExtractedFileName);
|
||||
__declspec(dllimport) bool TITCALL ResourcerExtractResourceFromFileW(wchar_t* szFileName, char* szResourceType, char* szResourceName, char* szExtractedFileName);
|
||||
__declspec(dllimport) bool TITCALL ResourcerFindResource(char* szFileName, char* szResourceType, DWORD ResourceType, char* szResourceName, DWORD ResourceName, DWORD ResourceLanguage, PULONG_PTR pResourceData, LPDWORD pResourceSize);
|
||||
__declspec(dllimport) bool TITCALL ResourcerFindResourceW(wchar_t* szFileName, wchar_t* szResourceType, DWORD ResourceType, wchar_t* szResourceName, DWORD ResourceName, DWORD ResourceLanguage, PULONG_PTR pResourceData, LPDWORD pResourceSize);
|
||||
__declspec(dllimport) bool TITCALL ResourcerFindResourceEx(ULONG_PTR FileMapVA, DWORD FileSize, wchar_t* szResourceType, DWORD ResourceType, wchar_t* szResourceName, DWORD ResourceName, DWORD ResourceLanguage, PULONG_PTR pResourceData, LPDWORD pResourceSize);
|
||||
__declspec(dllimport) void TITCALL ResourcerEnumerateResource(char* szFileName, void* CallBack);
|
||||
__declspec(dllimport) void TITCALL ResourcerEnumerateResourceW(wchar_t* szFileName, void* CallBack);
|
||||
__declspec(dllimport) void TITCALL ResourcerEnumerateResourceEx(ULONG_PTR FileMapVA, DWORD FileSize, void* CallBack);
|
||||
// TitanEngine.Threader.functions:
|
||||
__declspec(dllimport) bool TITCALL ThreaderImportRunningThreadData(DWORD ProcessId);
|
||||
__declspec(dllimport) void* TITCALL ThreaderGetThreadInfo(HANDLE hThread, DWORD ThreadId);
|
||||
__declspec(dllimport) void TITCALL ThreaderEnumThreadInfo(void* EnumCallBack);
|
||||
__declspec(dllimport) bool TITCALL ThreaderPauseThread(HANDLE hThread);
|
||||
__declspec(dllimport) bool TITCALL ThreaderResumeThread(HANDLE hThread);
|
||||
__declspec(dllimport) bool TITCALL ThreaderTerminateThread(HANDLE hThread, DWORD ThreadExitCode);
|
||||
__declspec(dllimport) bool TITCALL ThreaderPauseAllThreads(bool LeaveMainRunning);
|
||||
__declspec(dllimport) bool TITCALL ThreaderResumeAllThreads(bool LeaveMainPaused);
|
||||
__declspec(dllimport) bool TITCALL ThreaderPauseProcess();
|
||||
__declspec(dllimport) bool TITCALL ThreaderResumeProcess();
|
||||
__declspec(dllimport) ULONG_PTR TITCALL ThreaderCreateRemoteThread(ULONG_PTR ThreadStartAddress, bool AutoCloseTheHandle, LPVOID ThreadPassParameter, LPDWORD ThreadId);
|
||||
__declspec(dllimport) bool TITCALL ThreaderInjectAndExecuteCode(LPVOID InjectCode, DWORD StartDelta, DWORD InjectSize);
|
||||
__declspec(dllimport) ULONG_PTR TITCALL ThreaderCreateRemoteThreadEx(HANDLE hProcess, ULONG_PTR ThreadStartAddress, bool AutoCloseTheHandle, LPVOID ThreadPassParameter, LPDWORD ThreadId);
|
||||
__declspec(dllimport) bool TITCALL ThreaderInjectAndExecuteCodeEx(HANDLE hProcess, LPVOID InjectCode, DWORD StartDelta, DWORD InjectSize);
|
||||
__declspec(dllimport) void TITCALL ThreaderSetCallBackForNextExitThreadEvent(LPVOID exitThreadCallBack);
|
||||
__declspec(dllimport) bool TITCALL ThreaderIsThreadStillRunning(HANDLE hThread);
|
||||
__declspec(dllimport) bool TITCALL ThreaderIsThreadActive(HANDLE hThread);
|
||||
__declspec(dllimport) bool TITCALL ThreaderIsAnyThreadActive();
|
||||
__declspec(dllimport) bool TITCALL ThreaderExecuteOnlyInjectedThreads();
|
||||
__declspec(dllimport) ULONG_PTR TITCALL ThreaderGetOpenHandleForThread(DWORD ThreadId);
|
||||
__declspec(dllimport) bool TITCALL ThreaderIsExceptionInMainThread();
|
||||
// TitanEngine.Debugger.functions:
|
||||
__declspec(dllimport) void* TITCALL StaticDisassembleEx(ULONG_PTR DisassmStart, LPVOID DisassmAddress);
|
||||
__declspec(dllimport) void* TITCALL StaticDisassemble(LPVOID DisassmAddress);
|
||||
__declspec(dllimport) void* TITCALL DisassembleEx(HANDLE hProcess, LPVOID DisassmAddress, bool ReturnInstructionType);
|
||||
__declspec(dllimport) void* TITCALL Disassemble(LPVOID DisassmAddress);
|
||||
__declspec(dllimport) long TITCALL StaticLengthDisassemble(LPVOID DisassmAddress);
|
||||
__declspec(dllimport) long TITCALL LengthDisassembleEx(HANDLE hProcess, LPVOID DisassmAddress);
|
||||
__declspec(dllimport) long TITCALL LengthDisassemble(LPVOID DisassmAddress);
|
||||
__declspec(dllimport) void* TITCALL InitDebug(char* szFileName, char* szCommandLine, char* szCurrentFolder);
|
||||
__declspec(dllimport) void* TITCALL InitDebugW(wchar_t* szFileName, wchar_t* szCommandLine, wchar_t* szCurrentFolder);
|
||||
__declspec(dllimport) void* TITCALL InitNativeDebug(char* szFileName, char* szCommandLine, char* szCurrentFolder);
|
||||
__declspec(dllimport) void* TITCALL InitNativeDebugW(wchar_t* szFileName, wchar_t* szCommandLine, wchar_t* szCurrentFolder);
|
||||
__declspec(dllimport) void* TITCALL InitDebugEx(char* szFileName, char* szCommandLine, char* szCurrentFolder, LPVOID EntryCallBack);
|
||||
__declspec(dllimport) void* TITCALL InitDebugExW(wchar_t* szFileName, wchar_t* szCommandLine, wchar_t* szCurrentFolder, LPVOID EntryCallBack);
|
||||
__declspec(dllimport) void* TITCALL InitDLLDebug(char* szFileName, bool ReserveModuleBase, char* szCommandLine, char* szCurrentFolder, LPVOID EntryCallBack);
|
||||
__declspec(dllimport) void* TITCALL InitDLLDebugW(wchar_t* szFileName, bool ReserveModuleBase, wchar_t* szCommandLine, wchar_t* szCurrentFolder, LPVOID EntryCallBack);
|
||||
__declspec(dllimport) bool TITCALL StopDebug();
|
||||
__declspec(dllimport) void TITCALL SetBPXOptions(long DefaultBreakPointType);
|
||||
__declspec(dllimport) bool TITCALL IsBPXEnabled(ULONG_PTR bpxAddress);
|
||||
__declspec(dllimport) bool TITCALL EnableBPX(ULONG_PTR bpxAddress);
|
||||
__declspec(dllimport) bool TITCALL DisableBPX(ULONG_PTR bpxAddress);
|
||||
__declspec(dllimport) bool TITCALL SetBPX(ULONG_PTR bpxAddress, DWORD bpxType, LPVOID bpxCallBack);
|
||||
__declspec(dllimport) bool TITCALL DeleteBPX(ULONG_PTR bpxAddress);
|
||||
__declspec(dllimport) bool TITCALL SafeDeleteBPX(ULONG_PTR bpxAddress);
|
||||
__declspec(dllimport) bool TITCALL SetAPIBreakPoint(const char* szDLLName, const char* szAPIName, DWORD bpxType, DWORD bpxPlace, LPVOID bpxCallBack);
|
||||
__declspec(dllimport) bool TITCALL DeleteAPIBreakPoint(const char* szDLLName, const char* szAPIName, DWORD bpxPlace);
|
||||
__declspec(dllimport) bool TITCALL SafeDeleteAPIBreakPoint(const char* szDLLName, const char* szAPIName, DWORD bpxPlace);
|
||||
__declspec(dllimport) bool TITCALL SetMemoryBPX(ULONG_PTR MemoryStart, SIZE_T SizeOfMemory, LPVOID bpxCallBack);
|
||||
__declspec(dllimport) bool TITCALL SetMemoryBPXEx(ULONG_PTR MemoryStart, SIZE_T SizeOfMemory, DWORD BreakPointType, bool RestoreOnHit, LPVOID bpxCallBack);
|
||||
__declspec(dllimport) bool TITCALL RemoveMemoryBPX(ULONG_PTR MemoryStart, SIZE_T SizeOfMemory);
|
||||
__declspec(dllimport) bool TITCALL GetContextFPUDataEx(HANDLE hActiveThread, void* FPUSaveArea);
|
||||
__declspec(dllimport) ULONG_PTR TITCALL GetContextDataEx(HANDLE hActiveThread, DWORD IndexOfRegister);
|
||||
__declspec(dllimport) ULONG_PTR TITCALL GetContextData(DWORD IndexOfRegister);
|
||||
__declspec(dllimport) bool TITCALL SetContextFPUDataEx(HANDLE hActiveThread, void* FPUSaveArea);
|
||||
__declspec(dllimport) bool TITCALL SetContextDataEx(HANDLE hActiveThread, DWORD IndexOfRegister, ULONG_PTR NewRegisterValue);
|
||||
__declspec(dllimport) bool TITCALL SetContextData(DWORD IndexOfRegister, ULONG_PTR NewRegisterValue);
|
||||
__declspec(dllimport) void TITCALL ClearExceptionNumber();
|
||||
__declspec(dllimport) long TITCALL CurrentExceptionNumber();
|
||||
__declspec(dllimport) bool TITCALL MatchPatternEx(HANDLE hProcess, void* MemoryToCheck, int SizeOfMemoryToCheck, void* PatternToMatch, int SizeOfPatternToMatch, PBYTE WildCard);
|
||||
__declspec(dllimport) bool TITCALL MatchPattern(void* MemoryToCheck, int SizeOfMemoryToCheck, void* PatternToMatch, int SizeOfPatternToMatch, PBYTE WildCard);
|
||||
__declspec(dllimport) ULONG_PTR TITCALL FindEx(HANDLE hProcess, LPVOID MemoryStart, DWORD MemorySize, LPVOID SearchPattern, DWORD PatternSize, LPBYTE WildCard);
|
||||
__declspec(dllimport) ULONG_PTR TITCALL Find(LPVOID MemoryStart, DWORD MemorySize, LPVOID SearchPattern, DWORD PatternSize, LPBYTE WildCard);
|
||||
__declspec(dllimport) bool TITCALL FillEx(HANDLE hProcess, LPVOID MemoryStart, DWORD MemorySize, PBYTE FillByte);
|
||||
__declspec(dllimport) bool TITCALL Fill(LPVOID MemoryStart, DWORD MemorySize, PBYTE FillByte);
|
||||
__declspec(dllimport) bool TITCALL PatchEx(HANDLE hProcess, LPVOID MemoryStart, DWORD MemorySize, LPVOID ReplacePattern, DWORD ReplaceSize, bool AppendNOP, bool PrependNOP);
|
||||
__declspec(dllimport) bool TITCALL Patch(LPVOID MemoryStart, DWORD MemorySize, LPVOID ReplacePattern, DWORD ReplaceSize, bool AppendNOP, bool PrependNOP);
|
||||
__declspec(dllimport) bool TITCALL ReplaceEx(HANDLE hProcess, LPVOID MemoryStart, DWORD MemorySize, LPVOID SearchPattern, DWORD PatternSize, DWORD NumberOfRepetitions, LPVOID ReplacePattern, DWORD ReplaceSize, PBYTE WildCard);
|
||||
__declspec(dllimport) bool TITCALL Replace(LPVOID MemoryStart, DWORD MemorySize, LPVOID SearchPattern, DWORD PatternSize, DWORD NumberOfRepetitions, LPVOID ReplacePattern, DWORD ReplaceSize, PBYTE WildCard);
|
||||
__declspec(dllimport) void* TITCALL GetDebugData();
|
||||
__declspec(dllimport) void* TITCALL GetTerminationData();
|
||||
__declspec(dllimport) long TITCALL GetExitCode();
|
||||
__declspec(dllimport) ULONG_PTR TITCALL GetDebuggedDLLBaseAddress();
|
||||
__declspec(dllimport) ULONG_PTR TITCALL GetDebuggedFileBaseAddress();
|
||||
__declspec(dllimport) bool TITCALL GetRemoteString(HANDLE hProcess, LPVOID StringAddress, LPVOID StringStorage, int MaximumStringSize);
|
||||
__declspec(dllimport) ULONG_PTR TITCALL GetFunctionParameter(HANDLE hProcess, DWORD FunctionType, DWORD ParameterNumber, DWORD ParameterType);
|
||||
__declspec(dllimport) ULONG_PTR TITCALL GetJumpDestinationEx(HANDLE hProcess, ULONG_PTR InstructionAddress, bool JustJumps);
|
||||
__declspec(dllimport) ULONG_PTR TITCALL GetJumpDestination(HANDLE hProcess, ULONG_PTR InstructionAddress);
|
||||
__declspec(dllimport) bool TITCALL IsJumpGoingToExecuteEx(HANDLE hProcess, HANDLE hThread, ULONG_PTR InstructionAddress, ULONG_PTR RegFlags);
|
||||
__declspec(dllimport) bool TITCALL IsJumpGoingToExecute();
|
||||
__declspec(dllimport) void TITCALL SetCustomHandler(DWORD ExceptionId, LPVOID CallBack);
|
||||
__declspec(dllimport) void TITCALL ForceClose();
|
||||
__declspec(dllimport) void TITCALL StepInto(LPVOID traceCallBack);
|
||||
__declspec(dllimport) void TITCALL StepOver(LPVOID traceCallBack);
|
||||
__declspec(dllimport) void TITCALL StepOut(LPVOID StepOut, bool StepFinal);
|
||||
__declspec(dllimport) void TITCALL SingleStep(DWORD StepCount, LPVOID StepCallBack);
|
||||
__declspec(dllimport) bool TITCALL GetUnusedHardwareBreakPointRegister(LPDWORD RegisterIndex);
|
||||
__declspec(dllimport) bool TITCALL SetHardwareBreakPointEx(HANDLE hActiveThread, ULONG_PTR bpxAddress, DWORD IndexOfRegister, DWORD bpxType, DWORD bpxSize, LPVOID bpxCallBack, LPDWORD IndexOfSelectedRegister);
|
||||
__declspec(dllimport) bool TITCALL SetHardwareBreakPoint(ULONG_PTR bpxAddress, DWORD IndexOfRegister, DWORD bpxType, DWORD bpxSize, LPVOID bpxCallBack);
|
||||
__declspec(dllimport) bool TITCALL DeleteHardwareBreakPoint(DWORD IndexOfRegister);
|
||||
__declspec(dllimport) bool TITCALL RemoveAllBreakPoints(DWORD RemoveOption);
|
||||
__declspec(dllexport) PROCESS_INFORMATION* TITCALL TitanGetProcessInformation();
|
||||
__declspec(dllexport) STARTUPINFOW* TITCALL TitanGetStartupInformation();
|
||||
__declspec(dllimport) void TITCALL DebugLoop();
|
||||
__declspec(dllimport) void TITCALL SetDebugLoopTimeOut(DWORD TimeOut);
|
||||
__declspec(dllimport) void TITCALL SetNextDbgContinueStatus(DWORD SetDbgCode);
|
||||
__declspec(dllimport) bool TITCALL AttachDebugger(DWORD ProcessId, bool KillOnExit, LPVOID DebugInfo, LPVOID CallBack);
|
||||
__declspec(dllimport) bool TITCALL DetachDebugger(DWORD ProcessId);
|
||||
__declspec(dllimport) bool TITCALL DetachDebuggerEx(DWORD ProcessId);
|
||||
__declspec(dllimport) void TITCALL DebugLoopEx(DWORD TimeOut);
|
||||
__declspec(dllimport) void TITCALL AutoDebugEx(char* szFileName, bool ReserveModuleBase, char* szCommandLine, char* szCurrentFolder, DWORD TimeOut, LPVOID EntryCallBack);
|
||||
__declspec(dllimport) void TITCALL AutoDebugExW(wchar_t* szFileName, bool ReserveModuleBase, wchar_t* szCommandLine, wchar_t* szCurrentFolder, DWORD TimeOut, LPVOID EntryCallBack);
|
||||
__declspec(dllimport) bool TITCALL IsFileBeingDebugged();
|
||||
__declspec(dllimport) void TITCALL SetErrorModel(bool DisplayErrorMessages);
|
||||
// TitanEngine.FindOEP.functions:
|
||||
__declspec(dllimport) void TITCALL FindOEPInit();
|
||||
__declspec(dllimport) bool TITCALL FindOEPGenerically(char* szFileName, LPVOID TraceInitCallBack, LPVOID CallBack);
|
||||
__declspec(dllimport) bool TITCALL FindOEPGenericallyW(wchar_t* szFileName, LPVOID TraceInitCallBack, LPVOID CallBack);
|
||||
// TitanEngine.Importer.functions:
|
||||
__declspec(dllimport) void TITCALL ImporterAddNewDll(char* szDLLName, ULONG_PTR FirstThunk);
|
||||
__declspec(dllimport) void TITCALL ImporterAddNewAPI(char* szAPIName, ULONG_PTR ThunkValue);
|
||||
__declspec(dllimport) void TITCALL ImporterAddNewOrdinalAPI(ULONG_PTR OrdinalNumber, ULONG_PTR ThunkValue);
|
||||
__declspec(dllimport) long TITCALL ImporterGetAddedDllCount();
|
||||
__declspec(dllimport) long TITCALL ImporterGetAddedAPICount();
|
||||
__declspec(dllimport) bool TITCALL ImporterExportIAT(ULONG_PTR StorePlace, ULONG_PTR FileMapVA, HANDLE hFileMap);
|
||||
__declspec(dllimport) long TITCALL ImporterEstimatedSize();
|
||||
__declspec(dllimport) bool TITCALL ImporterExportIATEx(char* szDumpFileName, char* szExportFileName, char* szSectionName);
|
||||
__declspec(dllimport) bool TITCALL ImporterExportIATExW(wchar_t* szDumpFileName, wchar_t* szExportFileName, wchar_t* szSectionName = L".RL!TEv2");
|
||||
__declspec(dllimport) ULONG_PTR TITCALL ImporterFindAPIWriteLocation(char* szAPIName);
|
||||
__declspec(dllimport) ULONG_PTR TITCALL ImporterFindOrdinalAPIWriteLocation(ULONG_PTR OrdinalNumber);
|
||||
__declspec(dllimport) ULONG_PTR TITCALL ImporterFindAPIByWriteLocation(ULONG_PTR APIWriteLocation);
|
||||
__declspec(dllimport) ULONG_PTR TITCALL ImporterFindDLLByWriteLocation(ULONG_PTR APIWriteLocation);
|
||||
__declspec(dllimport) void* TITCALL ImporterGetDLLName(ULONG_PTR APIAddress);
|
||||
__declspec(dllimport) void* TITCALL ImporterGetDLLNameW(ULONG_PTR APIAddress);
|
||||
__declspec(dllimport) void* TITCALL ImporterGetAPIName(ULONG_PTR APIAddress);
|
||||
__declspec(dllimport) ULONG_PTR TITCALL ImporterGetAPIOrdinalNumber(ULONG_PTR APIAddress);
|
||||
__declspec(dllimport) void* TITCALL ImporterGetAPINameEx(ULONG_PTR APIAddress, ULONG_PTR DLLBasesList);
|
||||
__declspec(dllimport) ULONG_PTR TITCALL ImporterGetRemoteAPIAddress(HANDLE hProcess, ULONG_PTR APIAddress);
|
||||
__declspec(dllimport) ULONG_PTR TITCALL ImporterGetRemoteAPIAddressEx(char* szDLLName, char* szAPIName);
|
||||
__declspec(dllimport) ULONG_PTR TITCALL ImporterGetLocalAPIAddress(HANDLE hProcess, ULONG_PTR APIAddress);
|
||||
__declspec(dllimport) void* TITCALL ImporterGetDLLNameFromDebugee(HANDLE hProcess, ULONG_PTR APIAddress);
|
||||
__declspec(dllimport) void* TITCALL ImporterGetDLLNameFromDebugeeW(HANDLE hProcess, ULONG_PTR APIAddress);
|
||||
__declspec(dllimport) void* TITCALL ImporterGetAPINameFromDebugee(HANDLE hProcess, ULONG_PTR APIAddress);
|
||||
__declspec(dllimport) ULONG_PTR TITCALL ImporterGetAPIOrdinalNumberFromDebugee(HANDLE hProcess, ULONG_PTR APIAddress);
|
||||
__declspec(dllimport) long TITCALL ImporterGetDLLIndexEx(ULONG_PTR APIAddress, ULONG_PTR DLLBasesList);
|
||||
__declspec(dllimport) long TITCALL ImporterGetDLLIndex(HANDLE hProcess, ULONG_PTR APIAddress, ULONG_PTR DLLBasesList);
|
||||
__declspec(dllimport) ULONG_PTR TITCALL ImporterGetRemoteDLLBase(HANDLE hProcess, HMODULE LocalModuleBase);
|
||||
__declspec(dllimport) ULONG_PTR TITCALL ImporterGetRemoteDLLBaseEx(HANDLE hProcess, char* szModuleName);
|
||||
__declspec(dllimport) void* TITCALL ImporterGetRemoteDLLBaseExW(HANDLE hProcess, wchar_t* szModuleName);
|
||||
__declspec(dllimport) bool TITCALL ImporterIsForwardedAPI(HANDLE hProcess, ULONG_PTR APIAddress);
|
||||
__declspec(dllimport) void* TITCALL ImporterGetForwardedAPIName(HANDLE hProcess, ULONG_PTR APIAddress);
|
||||
__declspec(dllimport) void* TITCALL ImporterGetForwardedDLLName(HANDLE hProcess, ULONG_PTR APIAddress);
|
||||
__declspec(dllimport) long TITCALL ImporterGetForwardedDLLIndex(HANDLE hProcess, ULONG_PTR APIAddress, ULONG_PTR DLLBasesList);
|
||||
__declspec(dllimport) ULONG_PTR TITCALL ImporterGetForwardedAPIOrdinalNumber(HANDLE hProcess, ULONG_PTR APIAddress);
|
||||
__declspec(dllimport) ULONG_PTR TITCALL ImporterGetNearestAPIAddress(HANDLE hProcess, ULONG_PTR APIAddress);
|
||||
__declspec(dllimport) void* TITCALL ImporterGetNearestAPIName(HANDLE hProcess, ULONG_PTR APIAddress);
|
||||
__declspec(dllimport) bool TITCALL ImporterCopyOriginalIAT(char* szOriginalFile, char* szDumpFile);
|
||||
__declspec(dllimport) bool TITCALL ImporterCopyOriginalIATW(wchar_t* szOriginalFile, wchar_t* szDumpFile);
|
||||
__declspec(dllimport) bool TITCALL ImporterLoadImportTable(char* szFileName);
|
||||
__declspec(dllimport) bool TITCALL ImporterLoadImportTableW(wchar_t* szFileName);
|
||||
__declspec(dllimport) bool TITCALL ImporterMoveOriginalIAT(char* szOriginalFile, char* szDumpFile, char* szSectionName);
|
||||
__declspec(dllimport) bool TITCALL ImporterMoveOriginalIATW(wchar_t* szOriginalFile, wchar_t* szDumpFile, char* szSectionName);
|
||||
__declspec(dllimport) void TITCALL ImporterAutoSearchIAT(DWORD ProcessId, char* szFileName, ULONG_PTR SearchStart, LPVOID pIATStart, LPVOID pIATSize);
|
||||
__declspec(dllimport) void TITCALL ImporterAutoSearchIATW(DWORD ProcessIds, wchar_t* szFileName, ULONG_PTR SearchStart, LPVOID pIATStart, LPVOID pIATSize);
|
||||
__declspec(dllimport) void TITCALL ImporterAutoSearchIATEx(DWORD ProcessId, ULONG_PTR ImageBase, ULONG_PTR SearchStart, LPVOID pIATStart, LPVOID pIATSize);
|
||||
__declspec(dllimport) void TITCALL ImporterEnumAddedData(LPVOID EnumCallBack);
|
||||
__declspec(dllimport) long TITCALL ImporterAutoFixIATEx(DWORD ProcessId, char* szDumpedFile, char* szSectionName, bool DumpRunningProcess, bool RealignFile, ULONG_PTR EntryPointAddress, ULONG_PTR ImageBase, ULONG_PTR SearchStart, bool TryAutoFix, bool FixEliminations, LPVOID UnknownPointerFixCallback);
|
||||
__declspec(dllimport) long TITCALL ImporterAutoFixIATExW(DWORD ProcessId, wchar_t* szDumpedFile, char* szSectionName, bool DumpRunningProcess, bool RealignFile, ULONG_PTR EntryPointAddress, ULONG_PTR ImageBase, ULONG_PTR SearchStart, bool TryAutoFix, bool FixEliminations, LPVOID UnknownPointerFixCallback);
|
||||
__declspec(dllimport) long TITCALL ImporterAutoFixIAT(DWORD ProcessId, char* szDumpedFile, ULONG_PTR SearchStart);
|
||||
__declspec(dllimport) long TITCALL ImporterAutoFixIATW(DWORD ProcessId, wchar_t* szDumpedFile, ULONG_PTR SearchStart);
|
||||
__declspec(dllimport) bool TITCALL ImporterDeleteAPI(DWORD_PTR apiAddr);
|
||||
// Global.Engine.Hook.functions:
|
||||
__declspec(dllimport) bool TITCALL HooksSafeTransitionEx(LPVOID HookAddressArray, int NumberOfHooks, bool TransitionStart);
|
||||
__declspec(dllimport) bool TITCALL HooksSafeTransition(LPVOID HookAddress, bool TransitionStart);
|
||||
__declspec(dllimport) bool TITCALL HooksIsAddressRedirected(LPVOID HookAddress);
|
||||
__declspec(dllimport) void* TITCALL HooksGetTrampolineAddress(LPVOID HookAddress);
|
||||
__declspec(dllimport) void* TITCALL HooksGetHookEntryDetails(LPVOID HookAddress);
|
||||
__declspec(dllimport) bool TITCALL HooksInsertNewRedirection(LPVOID HookAddress, LPVOID RedirectTo, int HookType);
|
||||
__declspec(dllimport) bool TITCALL HooksInsertNewIATRedirectionEx(ULONG_PTR FileMapVA, ULONG_PTR LoadedModuleBase, char* szHookFunction, LPVOID RedirectTo);
|
||||
__declspec(dllimport) bool TITCALL HooksInsertNewIATRedirection(char* szModuleName, char* szHookFunction, LPVOID RedirectTo);
|
||||
__declspec(dllimport) bool TITCALL HooksRemoveRedirection(LPVOID HookAddress, bool RemoveAll);
|
||||
__declspec(dllimport) bool TITCALL HooksRemoveRedirectionsForModule(HMODULE ModuleBase);
|
||||
__declspec(dllimport) bool TITCALL HooksRemoveIATRedirection(char* szModuleName, char* szHookFunction, bool RemoveAll);
|
||||
__declspec(dllimport) bool TITCALL HooksDisableRedirection(LPVOID HookAddress, bool DisableAll);
|
||||
__declspec(dllimport) bool TITCALL HooksDisableRedirectionsForModule(HMODULE ModuleBase);
|
||||
__declspec(dllimport) bool TITCALL HooksDisableIATRedirection(char* szModuleName, char* szHookFunction, bool DisableAll);
|
||||
__declspec(dllimport) bool TITCALL HooksEnableRedirection(LPVOID HookAddress, bool EnableAll);
|
||||
__declspec(dllimport) bool TITCALL HooksEnableRedirectionsForModule(HMODULE ModuleBase);
|
||||
__declspec(dllimport) bool TITCALL HooksEnableIATRedirection(char* szModuleName, char* szHookFunction, bool EnableAll);
|
||||
__declspec(dllimport) void TITCALL HooksScanModuleMemory(HMODULE ModuleBase, LPVOID CallBack);
|
||||
__declspec(dllimport) void TITCALL HooksScanEntireProcessMemory(LPVOID CallBack);
|
||||
__declspec(dllimport) void TITCALL HooksScanEntireProcessMemoryEx();
|
||||
// TitanEngine.Tracer.functions:
|
||||
__declspec(dllimport) void TITCALL TracerInit();
|
||||
__declspec(dllimport) ULONG_PTR TITCALL TracerLevel1(HANDLE hProcess, ULONG_PTR AddressToTrace);
|
||||
__declspec(dllimport) ULONG_PTR TITCALL HashTracerLevel1(HANDLE hProcess, ULONG_PTR AddressToTrace, DWORD InputNumberOfInstructions);
|
||||
__declspec(dllimport) long TITCALL TracerDetectRedirection(HANDLE hProcess, ULONG_PTR AddressToTrace);
|
||||
__declspec(dllimport) ULONG_PTR TITCALL TracerFixKnownRedirection(HANDLE hProcess, ULONG_PTR AddressToTrace, DWORD RedirectionId);
|
||||
__declspec(dllimport) ULONG_PTR TITCALL TracerFixRedirectionViaModule(HMODULE hModuleHandle, HANDLE hProcess, ULONG_PTR AddressToTrace, DWORD IdParameter);
|
||||
__declspec(dllimport) ULONG_PTR TITCALL TracerDetectRedirectionViaModule(HMODULE hModuleHandle, HANDLE hProcess, ULONG_PTR AddressToTrace, PDWORD ReturnedId);
|
||||
__declspec(dllimport) long TITCALL TracerFixRedirectionViaImpRecPlugin(HANDLE hProcess, char* szPluginName, ULONG_PTR AddressToTrace);
|
||||
// TitanEngine.Exporter.functions:
|
||||
__declspec(dllimport) void TITCALL ExporterCleanup();
|
||||
__declspec(dllimport) void TITCALL ExporterSetImageBase(ULONG_PTR ImageBase);
|
||||
__declspec(dllimport) void TITCALL ExporterInit(DWORD MemorySize, ULONG_PTR ImageBase, DWORD ExportOrdinalBase, char* szExportModuleName);
|
||||
__declspec(dllimport) bool TITCALL ExporterAddNewExport(char* szExportName, DWORD ExportRelativeAddress);
|
||||
__declspec(dllimport) bool TITCALL ExporterAddNewOrdinalExport(DWORD OrdinalNumber, DWORD ExportRelativeAddress);
|
||||
__declspec(dllimport) long TITCALL ExporterGetAddedExportCount();
|
||||
__declspec(dllimport) long TITCALL ExporterEstimatedSize();
|
||||
__declspec(dllimport) bool TITCALL ExporterBuildExportTable(ULONG_PTR StorePlace, ULONG_PTR FileMapVA);
|
||||
__declspec(dllimport) bool TITCALL ExporterBuildExportTableEx(char* szExportFileName, char* szSectionName);
|
||||
__declspec(dllimport) bool TITCALL ExporterBuildExportTableExW(wchar_t* szExportFileName, char* szSectionName);
|
||||
__declspec(dllimport) bool TITCALL ExporterLoadExportTable(char* szFileName);
|
||||
__declspec(dllimport) bool TITCALL ExporterLoadExportTableW(wchar_t* szFileName);
|
||||
// TitanEngine.Librarian.functions:
|
||||
__declspec(dllimport) bool TITCALL LibrarianSetBreakPoint(char* szLibraryName, DWORD bpxType, bool SingleShoot, LPVOID bpxCallBack);
|
||||
__declspec(dllimport) bool TITCALL LibrarianRemoveBreakPoint(char* szLibraryName, DWORD bpxType);
|
||||
__declspec(dllimport) void* TITCALL LibrarianGetLibraryInfo(char* szLibraryName);
|
||||
__declspec(dllimport) void* TITCALL LibrarianGetLibraryInfoW(wchar_t* szLibraryName);
|
||||
__declspec(dllimport) void* TITCALL LibrarianGetLibraryInfoEx(void* BaseOfDll);
|
||||
__declspec(dllimport) void* TITCALL LibrarianGetLibraryInfoExW(void* BaseOfDll);
|
||||
__declspec(dllimport) void TITCALL LibrarianEnumLibraryInfo(void* EnumCallBack);
|
||||
__declspec(dllimport) void TITCALL LibrarianEnumLibraryInfoW(void* EnumCallBack);
|
||||
// TitanEngine.Process.functions:
|
||||
__declspec(dllimport) long TITCALL GetActiveProcessId(char* szImageName);
|
||||
__declspec(dllimport) long TITCALL GetActiveProcessIdW(wchar_t* szImageName);
|
||||
__declspec(dllimport) void TITCALL EnumProcessesWithLibrary(char* szLibraryName, void* EnumFunction);
|
||||
__declspec(dllimport) HANDLE TITCALL TitanOpenProcess(DWORD dwDesiredAccess, bool bInheritHandle, DWORD dwProcessId);
|
||||
__declspec(dllexport) HANDLE TITCALL TitanOpenThread(DWORD dwDesiredAccess, bool bInheritHandle, DWORD dwThreadId);
|
||||
// TitanEngine.TLSFixer.functions:
|
||||
__declspec(dllimport) bool TITCALL TLSBreakOnCallBack(LPVOID ArrayOfCallBacks, DWORD NumberOfCallBacks, LPVOID bpxCallBack);
|
||||
__declspec(dllimport) bool TITCALL TLSGrabCallBackData(char* szFileName, LPVOID ArrayOfCallBacks, LPDWORD NumberOfCallBacks);
|
||||
__declspec(dllimport) bool TITCALL TLSGrabCallBackDataW(wchar_t* szFileName, LPVOID ArrayOfCallBacks, LPDWORD NumberOfCallBacks);
|
||||
__declspec(dllimport) bool TITCALL TLSBreakOnCallBackEx(char* szFileName, LPVOID bpxCallBack);
|
||||
__declspec(dllimport) bool TITCALL TLSBreakOnCallBackExW(wchar_t* szFileName, LPVOID bpxCallBack);
|
||||
__declspec(dllimport) bool TITCALL TLSRemoveCallback(char* szFileName);
|
||||
__declspec(dllimport) bool TITCALL TLSRemoveCallbackW(wchar_t* szFileName);
|
||||
__declspec(dllimport) bool TITCALL TLSRemoveTable(char* szFileName);
|
||||
__declspec(dllimport) bool TITCALL TLSRemoveTableW(wchar_t* szFileName);
|
||||
__declspec(dllimport) bool TITCALL TLSBackupData(char* szFileName);
|
||||
__declspec(dllimport) bool TITCALL TLSBackupDataW(wchar_t* szFileName);
|
||||
__declspec(dllimport) bool TITCALL TLSRestoreData();
|
||||
__declspec(dllimport) bool TITCALL TLSBuildNewTable(ULONG_PTR FileMapVA, ULONG_PTR StorePlace, ULONG_PTR StorePlaceRVA, LPVOID ArrayOfCallBacks, DWORD NumberOfCallBacks);
|
||||
__declspec(dllimport) bool TITCALL TLSBuildNewTableEx(char* szFileName, char* szSectionName, LPVOID ArrayOfCallBacks, DWORD NumberOfCallBacks);
|
||||
__declspec(dllimport) bool TITCALL TLSBuildNewTableExW(wchar_t* szFileName, char* szSectionName, LPVOID ArrayOfCallBacks, DWORD NumberOfCallBacks);
|
||||
// TitanEngine.TranslateName.functions:
|
||||
__declspec(dllimport) void* TITCALL TranslateNativeName(char* szNativeName);
|
||||
__declspec(dllimport) void* TITCALL TranslateNativeNameW(wchar_t* szNativeName);
|
||||
// TitanEngine.Handler.functions:
|
||||
__declspec(dllimport) long TITCALL HandlerGetActiveHandleCount(DWORD ProcessId);
|
||||
__declspec(dllimport) bool TITCALL HandlerIsHandleOpen(DWORD ProcessId, HANDLE hHandle);
|
||||
__declspec(dllimport) void* TITCALL HandlerGetHandleName(HANDLE hProcess, DWORD ProcessId, HANDLE hHandle, bool TranslateName);
|
||||
__declspec(dllimport) void* TITCALL HandlerGetHandleNameW(HANDLE hProcess, DWORD ProcessId, HANDLE hHandle, bool TranslateName);
|
||||
__declspec(dllimport) long TITCALL HandlerEnumerateOpenHandles(DWORD ProcessId, LPVOID HandleBuffer, DWORD MaxHandleCount);
|
||||
__declspec(dllimport) ULONG_PTR TITCALL HandlerGetHandleDetails(HANDLE hProcess, DWORD ProcessId, HANDLE hHandle, DWORD InformationReturn);
|
||||
__declspec(dllimport) bool TITCALL HandlerCloseRemoteHandle(HANDLE hProcess, HANDLE hHandle);
|
||||
__declspec(dllimport) long TITCALL HandlerEnumerateLockHandles(char* szFileOrFolderName, bool NameIsFolder, bool NameIsTranslated, LPVOID HandleDataBuffer, DWORD MaxHandleCount);
|
||||
__declspec(dllimport) long TITCALL HandlerEnumerateLockHandlesW(wchar_t* szFileOrFolderName, bool NameIsFolder, bool NameIsTranslated, LPVOID HandleDataBuffer, DWORD MaxHandleCount);
|
||||
__declspec(dllimport) bool TITCALL HandlerCloseAllLockHandles(char* szFileOrFolderName, bool NameIsFolder, bool NameIsTranslated);
|
||||
__declspec(dllimport) bool TITCALL HandlerCloseAllLockHandlesW(wchar_t* szFileOrFolderName, bool NameIsFolder, bool NameIsTranslated);
|
||||
__declspec(dllimport) bool TITCALL HandlerIsFileLocked(char* szFileOrFolderName, bool NameIsFolder, bool NameIsTranslated);
|
||||
__declspec(dllimport) bool TITCALL HandlerIsFileLockedW(wchar_t* szFileOrFolderName, bool NameIsFolder, bool NameIsTranslated);
|
||||
// TitanEngine.Handler[Mutex].functions:
|
||||
__declspec(dllimport) long TITCALL HandlerEnumerateOpenMutexes(HANDLE hProcess, DWORD ProcessId, LPVOID HandleBuffer, DWORD MaxHandleCount);
|
||||
__declspec(dllimport) ULONG_PTR TITCALL HandlerGetOpenMutexHandle(HANDLE hProcess, DWORD ProcessId, char* szMutexString);
|
||||
__declspec(dllimport) ULONG_PTR TITCALL HandlerGetOpenMutexHandleW(HANDLE hProcess, DWORD ProcessId, wchar_t* szMutexString);
|
||||
__declspec(dllimport) long TITCALL HandlerGetProcessIdWhichCreatedMutex(char* szMutexString);
|
||||
__declspec(dllimport) long TITCALL HandlerGetProcessIdWhichCreatedMutexW(wchar_t* szMutexString);
|
||||
// TitanEngine.Injector.functions:
|
||||
__declspec(dllimport) bool TITCALL RemoteLoadLibrary(HANDLE hProcess, char* szLibraryFile, bool WaitForThreadExit);
|
||||
__declspec(dllimport) bool TITCALL RemoteLoadLibraryW(HANDLE hProcess, wchar_t* szLibraryFile, bool WaitForThreadExit);
|
||||
__declspec(dllimport) bool TITCALL RemoteFreeLibrary(HANDLE hProcess, HMODULE hModule, char* szLibraryFile, bool WaitForThreadExit);
|
||||
__declspec(dllimport) bool TITCALL RemoteFreeLibraryW(HANDLE hProcess, HMODULE hModule, wchar_t* szLibraryFile, bool WaitForThreadExit);
|
||||
__declspec(dllimport) bool TITCALL RemoteExitProcess(HANDLE hProcess, DWORD ExitCode);
|
||||
// TitanEngine.StaticUnpacker.functions:
|
||||
__declspec(dllimport) bool TITCALL StaticFileLoad(char* szFileName, DWORD DesiredAccess, bool SimulateLoad, LPHANDLE FileHandle, LPDWORD LoadedSize, LPHANDLE FileMap, PULONG_PTR FileMapVA);
|
||||
__declspec(dllimport) bool TITCALL StaticFileLoadW(wchar_t* szFileName, DWORD DesiredAccess, bool SimulateLoad, LPHANDLE FileHandle, LPDWORD LoadedSize, LPHANDLE FileMap, PULONG_PTR FileMapVA);
|
||||
__declspec(dllimport) bool TITCALL StaticFileUnload(char* szFileName, bool CommitChanges, HANDLE FileHandle, DWORD LoadedSize, HANDLE FileMap, ULONG_PTR FileMapVA);
|
||||
__declspec(dllimport) bool TITCALL StaticFileUnloadW(wchar_t* szFileName, bool CommitChanges, HANDLE FileHandle, DWORD LoadedSize, HANDLE FileMap, ULONG_PTR FileMapVA);
|
||||
__declspec(dllimport) bool TITCALL StaticFileOpen(char* szFileName, DWORD DesiredAccess, LPHANDLE FileHandle, LPDWORD FileSizeLow, LPDWORD FileSizeHigh);
|
||||
__declspec(dllimport) bool TITCALL StaticFileOpenW(wchar_t* szFileName, DWORD DesiredAccess, LPHANDLE FileHandle, LPDWORD FileSizeLow, LPDWORD FileSizeHigh);
|
||||
__declspec(dllimport) bool TITCALL StaticFileGetContent(HANDLE FileHandle, DWORD FilePositionLow, LPDWORD FilePositionHigh, void* Buffer, DWORD Size);
|
||||
__declspec(dllimport) void TITCALL StaticFileClose(HANDLE FileHandle);
|
||||
__declspec(dllimport) void TITCALL StaticMemoryDecrypt(LPVOID MemoryStart, DWORD MemorySize, DWORD DecryptionType, DWORD DecryptionKeySize, ULONG_PTR DecryptionKey);
|
||||
__declspec(dllimport) void TITCALL StaticMemoryDecryptEx(LPVOID MemoryStart, DWORD MemorySize, DWORD DecryptionKeySize, void* DecryptionCallBack);
|
||||
__declspec(dllimport) void TITCALL StaticMemoryDecryptSpecial(LPVOID MemoryStart, DWORD MemorySize, DWORD DecryptionKeySize, DWORD SpecDecryptionType, void* DecryptionCallBack);
|
||||
__declspec(dllimport) void TITCALL StaticSectionDecrypt(ULONG_PTR FileMapVA, DWORD SectionNumber, bool SimulateLoad, DWORD DecryptionType, DWORD DecryptionKeySize, ULONG_PTR DecryptionKey);
|
||||
__declspec(dllimport) bool TITCALL StaticMemoryDecompress(void* Source, DWORD SourceSize, void* Destination, DWORD DestinationSize, int Algorithm);
|
||||
__declspec(dllimport) bool TITCALL StaticRawMemoryCopy(HANDLE hFile, ULONG_PTR FileMapVA, ULONG_PTR VitualAddressToCopy, DWORD Size, bool AddressIsRVA, char* szDumpFileName);
|
||||
__declspec(dllimport) bool TITCALL StaticRawMemoryCopyW(HANDLE hFile, ULONG_PTR FileMapVA, ULONG_PTR VitualAddressToCopy, DWORD Size, bool AddressIsRVA, wchar_t* szDumpFileName);
|
||||
__declspec(dllimport) bool TITCALL StaticRawMemoryCopyEx(HANDLE hFile, DWORD RawAddressToCopy, DWORD Size, char* szDumpFileName);
|
||||
__declspec(dllimport) bool TITCALL StaticRawMemoryCopyExW(HANDLE hFile, DWORD RawAddressToCopy, DWORD Size, wchar_t* szDumpFileName);
|
||||
__declspec(dllimport) bool TITCALL StaticRawMemoryCopyEx64(HANDLE hFile, DWORD64 RawAddressToCopy, DWORD64 Size, char* szDumpFileName);
|
||||
__declspec(dllimport) bool TITCALL StaticRawMemoryCopyEx64W(HANDLE hFile, DWORD64 RawAddressToCopy, DWORD64 Size, wchar_t* szDumpFileName);
|
||||
__declspec(dllimport) bool TITCALL StaticHashMemory(void* MemoryToHash, DWORD SizeOfMemory, void* HashDigest, bool OutputString, int Algorithm);
|
||||
__declspec(dllimport) bool TITCALL StaticHashFile(char* szFileName, char* HashDigest, bool OutputString, int Algorithm);
|
||||
__declspec(dllimport) bool TITCALL StaticHashFileW(wchar_t* szFileName, char* HashDigest, bool OutputString, int Algorithm);
|
||||
// TitanEngine.Engine.functions:
|
||||
__declspec(dllimport) void TITCALL SetEngineVariable(DWORD VariableId, bool VariableSet);
|
||||
__declspec(dllimport) bool TITCALL EngineCreateMissingDependencies(char* szFileName, char* szOutputFolder, bool LogCreatedFiles);
|
||||
__declspec(dllimport) bool TITCALL EngineCreateMissingDependenciesW(wchar_t* szFileName, wchar_t* szOutputFolder, bool LogCreatedFiles);
|
||||
__declspec(dllimport) bool TITCALL EngineFakeMissingDependencies(HANDLE hProcess);
|
||||
__declspec(dllimport) bool TITCALL EngineDeleteCreatedDependencies();
|
||||
__declspec(dllimport) bool TITCALL EngineCreateUnpackerWindow(char* WindowUnpackerTitle, char* WindowUnpackerLongTitle, char* WindowUnpackerName, char* WindowUnpackerAuthor, void* StartUnpackingCallBack);
|
||||
__declspec(dllimport) void TITCALL EngineAddUnpackerWindowLogMessage(char* szLogMessage);
|
||||
__declspec(dllimport) bool TITCALL EngineCheckStructAlignment(DWORD StructureType, ULONG_PTR StructureSize);
|
||||
// Global.Engine.Extension.Functions:
|
||||
__declspec(dllimport) bool TITCALL ExtensionManagerIsPluginLoaded(char* szPluginName);
|
||||
__declspec(dllimport) bool TITCALL ExtensionManagerIsPluginEnabled(char* szPluginName);
|
||||
__declspec(dllimport) bool TITCALL ExtensionManagerDisableAllPlugins();
|
||||
__declspec(dllimport) bool TITCALL ExtensionManagerDisablePlugin(char* szPluginName);
|
||||
__declspec(dllimport) bool TITCALL ExtensionManagerEnableAllPlugins();
|
||||
__declspec(dllimport) bool TITCALL ExtensionManagerEnablePlugin(char* szPluginName);
|
||||
__declspec(dllimport) bool TITCALL ExtensionManagerUnloadAllPlugins();
|
||||
__declspec(dllimport) bool TITCALL ExtensionManagerUnloadPlugin(char* szPluginName);
|
||||
__declspec(dllimport) void* TITCALL ExtensionManagerGetPluginInfo(char* szPluginName);
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif /*__cplusplus*/
|
||||
|
||||
#pragma pack(pop)
|
||||
|
||||
#endif /*TITANENGINE*/
|
||||
File diff suppressed because it is too large
Load Diff
|
|
@ -1,739 +0,0 @@
|
|||
unit TitanEngine;
|
||||
|
||||
interface
|
||||
|
||||
{TitanEngine Delphi SDK - 2.0.3}
|
||||
{http://www.reversinglabs.com/}
|
||||
{Types}
|
||||
type
|
||||
PE32Structure = ^PE_32_STRUCT;
|
||||
PE_32_STRUCT = packed record
|
||||
PE32Offset : LongInt;
|
||||
ImageBase : LongInt;
|
||||
OriginalEntryPoint : LongInt;
|
||||
NtSizeOfImage : LongInt;
|
||||
NtSizeOfHeaders : LongInt;
|
||||
SizeOfOptionalHeaders : SmallInt;
|
||||
FileAlignment : LongInt;
|
||||
SectionAligment : LongInt;
|
||||
ImportTableAddress : LongInt;
|
||||
ImportTableSize : LongInt;
|
||||
ResourceTableAddress : LongInt;
|
||||
ResourceTableSize : LongInt;
|
||||
ExportTableAddress : LongInt;
|
||||
ExportTableSize : LongInt;
|
||||
TLSTableAddress : LongInt;
|
||||
TLSTableSize : LongInt;
|
||||
RelocationTableAddress : LongInt;
|
||||
RelocationTableSize : LongInt;
|
||||
TimeDateStamp : LongInt;
|
||||
SectionNumber : SmallInt;
|
||||
CheckSum : LongInt;
|
||||
SubSystem : SmallInt;
|
||||
Characteristics : SmallInt;
|
||||
NumberOfRvaAndSizes : LongInt;
|
||||
end;
|
||||
|
||||
FileStatusInfo = ^FILE_STATUS_INFO;
|
||||
FILE_STATUS_INFO = packed record
|
||||
OveralEvaluation : BYTE;
|
||||
EvaluationTerminatedByException : boolean;
|
||||
FileIs64Bit : boolean;
|
||||
FileIsDLL : boolean;
|
||||
FileIsConsole : boolean;
|
||||
MissingDependencies : boolean;
|
||||
MissingDeclaredAPIs : boolean;
|
||||
SignatureMZ : BYTE;
|
||||
SignaturePE : BYTE;
|
||||
EntryPoint : BYTE;
|
||||
ImageBase : BYTE;
|
||||
SizeOfImage : BYTE;
|
||||
FileAlignment : BYTE;
|
||||
SectionAlignment : BYTE;
|
||||
ExportTable : BYTE;
|
||||
RelocationTable : BYTE;
|
||||
ImportTable : BYTE;
|
||||
ImportTableSection : BYTE;
|
||||
ImportTableData : BYTE;
|
||||
IATTable : BYTE;
|
||||
TLSTable : BYTE;
|
||||
LoadConfigTable : BYTE;
|
||||
BoundImportTable : BYTE;
|
||||
COMHeaderTable : BYTE;
|
||||
ResourceTable : BYTE;
|
||||
ResourceData : BYTE;
|
||||
SectionTable : BYTE;
|
||||
end;
|
||||
|
||||
FileFixInfo = ^FILE_FIX_INFO;
|
||||
FILE_FIX_INFO = packed record
|
||||
OveralEvaluation : BYTE;
|
||||
FixingTerminatedByException : boolean;
|
||||
FileFixPerformed : boolean;
|
||||
StrippedRelocation : boolean;
|
||||
DontFixRelocations : boolean;
|
||||
OriginalRelocationTableAddress : LongInt;
|
||||
OriginalRelocationTableSize : LongInt;
|
||||
StrippedExports : boolean;
|
||||
DontFixExports : boolean;
|
||||
OriginalExportTableAddress : LongInt;
|
||||
OriginalExportTableSize : LongInt;
|
||||
StrippedResources : boolean;
|
||||
DontFixResources : boolean;
|
||||
OriginalResourceTableAddress : LongInt;
|
||||
OriginalResourceTableSize : LongInt;
|
||||
StrippedTLS : boolean;
|
||||
DontFixTLS : boolean;
|
||||
OriginalTLSTableAddress : LongInt;
|
||||
OriginalTLSTableSize : LongInt;
|
||||
StrippedLoadConfig : boolean;
|
||||
DontFixLoadConfig : boolean;
|
||||
OriginalLoadConfigTableAddress : LongInt;
|
||||
OriginalLoadConfigTableSize : LongInt;
|
||||
StrippedBoundImports : boolean;
|
||||
DontFixBoundImports : boolean;
|
||||
OriginalBoundImportTableAddress : LongInt;
|
||||
OriginalBoundImportTableSize : LongInt;
|
||||
StrippedIAT : boolean;
|
||||
DontFixIAT : boolean;
|
||||
OriginalImportAddressTableAddress : LongInt;
|
||||
OriginalImportAddressTableSize : LongInt;
|
||||
StrippedCOM : boolean;
|
||||
DontFixCOM : boolean;
|
||||
OriginalCOMTableAddress : LongInt;
|
||||
OriginalCOMTableSize : LongInt;
|
||||
end;
|
||||
|
||||
ImportEnumData = ^IMPORT_ENUM_DATA;
|
||||
IMPORT_ENUM_DATA = packed record
|
||||
NewDll : boolean;
|
||||
NumberOfImports : LongInt;
|
||||
ImageBase : LongInt;
|
||||
BaseImportThunk : LongInt;
|
||||
ImportThunk : LongInt;
|
||||
APIName : PAnsiChar;
|
||||
DLLName : PAnsiChar;
|
||||
end;
|
||||
|
||||
ThreadItemData = ^THREAD_ITEM_DATA;
|
||||
THREAD_ITEM_DATA = packed record
|
||||
hThread : THandle;
|
||||
dwThreadId : LongInt;
|
||||
ThreadStartAddress : LongInt;
|
||||
ThreadLocalBase : LongInt;
|
||||
end;
|
||||
|
||||
LibraryItemData = ^LIBRARY_ITEM_DATA;
|
||||
LIBRARY_ITEM_DATA = packed record
|
||||
hFile : THandle;
|
||||
BaseOfDll : Pointer;
|
||||
hFileMapping : THandle;
|
||||
hFileMappingView : Pointer;
|
||||
szLibraryPath:array[1..260] of AnsiChar;
|
||||
szLibraryName:array[1..260] of AnsiChar;
|
||||
end;
|
||||
|
||||
ProcessItemData = ^PROCESS_ITEM_DATA;
|
||||
PROCESS_ITEM_DATA = packed record
|
||||
hProcess : THandle;
|
||||
dwProcessId : LongInt;
|
||||
hThread : THandle;
|
||||
dwThreadId : LongInt;
|
||||
hFile : THandle;
|
||||
BaseOfImage : Pointer;
|
||||
ThreadStartAddress : Pointer;
|
||||
ThreadLocalBase : Pointer;
|
||||
end;
|
||||
|
||||
HandlerArray = ^HANDLER_ARRAY;
|
||||
HANDLER_ARRAY = packed record
|
||||
ProcessId : LongInt;
|
||||
hHandle : THandle;
|
||||
end;
|
||||
|
||||
HookEntry = ^HOOK_ENTRY;
|
||||
HOOK_ENTRY = packed record
|
||||
IATHook : boolean;
|
||||
HookType : BYTE;
|
||||
HookSize : LongInt;
|
||||
HookAddress : Pointer;
|
||||
RedirectionAddress : Pointer;
|
||||
HookBytes:array[1..14] of BYTE;
|
||||
OriginalBytes:array[1..14] of BYTE;
|
||||
IATHookModuleBase : Pointer;
|
||||
IATHookNameHash : LongInt;
|
||||
HookIsEnabled : boolean;
|
||||
HookIsRemote : boolean;
|
||||
PatchedEntry : Pointer;
|
||||
RelocationInfo:array[1..7] of LongInt;
|
||||
RelocationCount : LongInt;
|
||||
end;
|
||||
|
||||
PluginInformation = ^PLUGIN_INFORMATION;
|
||||
PLUGIN_INFORMATION = packed record
|
||||
PluginName:array[1..64] of AnsiChar;
|
||||
PluginMajorVersion : LongInt;
|
||||
PluginMinorVersion : LongInt;
|
||||
PluginBaseAddress : LongInt;
|
||||
TitanDebuggingCallBack : Pointer;
|
||||
TitanRegisterPlugin : Pointer;
|
||||
TitanReleasePlugin : Pointer;
|
||||
TitanResetPlugin : Pointer;
|
||||
PluginDisabled : boolean;
|
||||
end;
|
||||
const
|
||||
{Registers}
|
||||
UE_EAX = 1;
|
||||
UE_EBX = 2;
|
||||
UE_ECX = 3;
|
||||
UE_EDX = 4;
|
||||
UE_EDI = 5;
|
||||
UE_ESI = 6;
|
||||
UE_EBP = 7;
|
||||
UE_ESP = 8;
|
||||
UE_EIP = 9;
|
||||
UE_EFLAGS = 10;
|
||||
UE_DR0 = 11;
|
||||
UE_DR1 = 12;
|
||||
UE_DR2 = 13;
|
||||
UE_DR3 = 14;
|
||||
UE_DR6 = 15;
|
||||
UE_DR7 = 16;
|
||||
UE_CIP = 35;
|
||||
UE_CSP = 36;
|
||||
UE_SEG_GS = 37;
|
||||
UE_SEG_FS = 38;
|
||||
UE_SEG_ES = 39;
|
||||
UE_SEG_DS = 40;
|
||||
UE_SEG_CS = 41;
|
||||
UE_SEG_SS = 42;
|
||||
{Constants}
|
||||
UE_PE_OFFSET = 0;
|
||||
UE_IMAGEBASE = 1;
|
||||
UE_OEP = 2;
|
||||
UE_SIZEOFIMAGE = 3;
|
||||
UE_SIZEOFHEADERS = 4;
|
||||
UE_SIZEOFOPTIONALHEADER = 5;
|
||||
UE_SECTIONALIGNMENT = 6;
|
||||
UE_IMPORTTABLEADDRESS = 7;
|
||||
UE_IMPORTTABLESIZE = 8;
|
||||
UE_RESOURCETABLEADDRESS = 9;
|
||||
UE_RESOURCETABLESIZE = 10;
|
||||
UE_EXPORTTABLEADDRESS = 11;
|
||||
UE_EXPORTTABLESIZE = 12;
|
||||
UE_TLSTABLEADDRESS = 13;
|
||||
UE_TLSTABLESIZE = 14;
|
||||
UE_RELOCATIONTABLEADDRESS = 15;
|
||||
UE_RELOCATIONTABLESIZE = 16;
|
||||
UE_TIMEDATESTAMP = 17;
|
||||
UE_SECTIONNUMBER = 18;
|
||||
UE_CHECKSUM = 19;
|
||||
UE_SUBSYSTEM = 20;
|
||||
UE_CHARACTERISTICS = 21;
|
||||
UE_NUMBEROFRVAANDSIZES = 22;
|
||||
UE_SECTIONNAME = 23;
|
||||
UE_SECTIONVIRTUALOFFSET = 24;
|
||||
UE_SECTIONVIRTUALSIZE = 25;
|
||||
UE_SECTIONRAWOFFSET = 26;
|
||||
UE_SECTIONRAWSIZE = 27;
|
||||
UE_SECTIONFLAGS = 28;
|
||||
|
||||
UE_CH_BREAKPOINT = 1;
|
||||
UE_CH_SINGLESTEP = 2;
|
||||
UE_CH_ACCESSVIOLATION = 3;
|
||||
UE_CH_ILLEGALINSTRUCTION = 4;
|
||||
UE_CH_NONCONTINUABLEEXCEPTION = 5;
|
||||
UE_CH_ARRAYBOUNDSEXCEPTION = 6;
|
||||
UE_CH_FLOATDENORMALOPERAND = 7;
|
||||
UE_CH_FLOATDEVIDEBYZERO = 8;
|
||||
UE_CH_INTEGERDEVIDEBYZERO = 9;
|
||||
UE_CH_INTEGEROVERFLOW = 10;
|
||||
UE_CH_PRIVILEGEDINSTRUCTION = 11;
|
||||
UE_CH_PAGEGUARD = 12;
|
||||
UE_CH_EVERYTHINGELSE = 13;
|
||||
UE_CH_CREATETHREAD = 14;
|
||||
UE_CH_EXITTHREAD = 15;
|
||||
UE_CH_CREATEPROCESS = 16;
|
||||
UE_CH_EXITPROCESS = 17;
|
||||
UE_CH_LOADDLL = 18;
|
||||
UE_CH_UNLOADDLL = 19;
|
||||
UE_CH_OUTPUTDEBUGSTRING = 20;
|
||||
UE_CH_AFTEREXCEPTIONPROCESSING = 21;
|
||||
UE_CH_SYSTEMBREAKPOINT = 23;
|
||||
UE_CH_UNHANDLEDEXCEPTION = 24;
|
||||
UE_CH_RIPEVENT = 25;
|
||||
UE_CH_DEBUGEVENT = 26;
|
||||
|
||||
UE_FUNCTION_STDCALL = 1;
|
||||
UE_FUNCTION_CCALL = 2;
|
||||
UE_FUNCTION_FASTCALL = 3;
|
||||
UE_FUNCTION_STDCALL_RET = 4;
|
||||
UE_FUNCTION_CCALL_RET = 5;
|
||||
UE_FUNCTION_FASTCALL_RET = 6;
|
||||
UE_FUNCTION_STDCALL_CALL = 7;
|
||||
UE_FUNCTION_CCALL_CALL = 8;
|
||||
UE_FUNCTION_FASTCALL_CALL = 9;
|
||||
UE_PARAMETER_BYTE = 0;
|
||||
UE_PARAMETER_WORD = 1;
|
||||
UE_PARAMETER_DWORD = 2;
|
||||
UE_PARAMETER_QWORD = 3;
|
||||
UE_PARAMETER_PTR_BYTE = 4;
|
||||
UE_PARAMETER_PTR_WORD = 5;
|
||||
UE_PARAMETER_PTR_DWORD = 6;
|
||||
UE_PARAMETER_PTR_QWORD = 7;
|
||||
UE_PARAMETER_STRING = 8;
|
||||
UE_PARAMETER_UNICODE = 9;
|
||||
|
||||
UE_BREAKPOINT_INT3 = 1;
|
||||
UE_BREAKPOINT_LONG_INT3 = 2;
|
||||
UE_BREAKPOINT_UD2 = 3;
|
||||
|
||||
UE_BPXREMOVED = 0;
|
||||
UE_BPXACTIVE = 1;
|
||||
UE_BPXINACTIVE = 2;
|
||||
|
||||
UE_BREAKPOINT = 0;
|
||||
UE_SINGLESHOOT = 1;
|
||||
UE_HARDWARE = 2;
|
||||
UE_MEMORY = 3;
|
||||
UE_MEMORY_READ = 4;
|
||||
UE_MEMORY_WRITE = 5;
|
||||
UE_MEMORY_EXECUTE = 6;
|
||||
UE_BREAKPOINT_TYPE_INT3 = $10000000;
|
||||
UE_BREAKPOINT_TYPE_LONG_INT3 = $20000000;
|
||||
UE_BREAKPOINT_TYPE_UD2 = $30000000;
|
||||
|
||||
UE_HARDWARE_EXECUTE = 4;
|
||||
UE_HARDWARE_WRITE = 5;
|
||||
UE_HARDWARE_READWRITE = 6;
|
||||
|
||||
UE_HARDWARE_SIZE_1 = 7;
|
||||
UE_HARDWARE_SIZE_2 = 8;
|
||||
UE_HARDWARE_SIZE_4 = 9;
|
||||
|
||||
UE_ON_LIB_LOAD = 1;
|
||||
UE_ON_LIB_UNLOAD = 2;
|
||||
UE_ON_LIB_ALL = 3;
|
||||
|
||||
UE_APISTART = 0;
|
||||
UE_APIEND = 1;
|
||||
|
||||
UE_PLATFORM_x86 = 1;
|
||||
UE_PLATFORM_x64 = 2;
|
||||
UE_PLATFORM_ALL = 3;
|
||||
|
||||
UE_ACCESS_READ = 0;
|
||||
UE_ACCESS_WRITE = 1;
|
||||
UE_ACCESS_ALL = 2;
|
||||
|
||||
UE_HIDE_BASIC = 1;
|
||||
|
||||
UE_ENGINE_ALOW_MODULE_LOADING = 1;
|
||||
UE_ENGINE_AUTOFIX_FORWARDERS = 2;
|
||||
UE_ENGINE_PASS_ALL_EXCEPTIONS = 3;
|
||||
UE_ENGINE_NO_CONSOLE_WINDOW = 4;
|
||||
UE_ENGINE_BACKUP_FOR_CRITICAL_FUNCTIONS = 5;
|
||||
UE_ENGINE_CALL_PLUGIN_CALLBACK = 6;
|
||||
UE_ENGINE_RESET_CUSTOM_HANDLER = 7;
|
||||
UE_ENGINE_CALL_PLUGIN_DEBUG_CALLBACK = 8;
|
||||
UE_ENGINE_SET_DEBUG_PRIVILEGE = 9;
|
||||
UE_ENGINE_SAFE_ATTACH = 10;
|
||||
|
||||
UE_OPTION_REMOVEALL = 1;
|
||||
UE_OPTION_DISABLEALL = 2;
|
||||
UE_OPTION_REMOVEALLDISABLED = 3;
|
||||
UE_OPTION_REMOVEALLENABLED = 4;
|
||||
|
||||
UE_STATIC_DECRYPTOR_XOR = 1;
|
||||
UE_STATIC_DECRYPTOR_SUB = 2;
|
||||
UE_STATIC_DECRYPTOR_ADD = 3;
|
||||
|
||||
UE_STATIC_DECRYPTOR_FOREWARD = 1;
|
||||
UE_STATIC_DECRYPTOR_BACKWARD = 2;
|
||||
|
||||
UE_STATIC_KEY_SIZE_1 = 1;
|
||||
UE_STATIC_KEY_SIZE_2 = 2;
|
||||
UE_STATIC_KEY_SIZE_4 = 4;
|
||||
UE_STATIC_KEY_SIZE_8 = 8;
|
||||
|
||||
UE_STATIC_APLIB = 1;
|
||||
UE_STATIC_APLIB_DEPACK = 2;
|
||||
UE_STATIC_LZMA = 3;
|
||||
|
||||
UE_STATIC_HASH_MD5 = 1;
|
||||
UE_STATIC_HASH_SHA1 = 2;
|
||||
UE_STATIC_HASH_CRC32 = 3;
|
||||
|
||||
UE_RESOURCE_LANGUAGE_ANY = -1;
|
||||
|
||||
UE_DEPTH_SURFACE = 0;
|
||||
UE_DEPTH_DEEP = 1;
|
||||
|
||||
UE_UNPACKER_CONDITION_SEARCH_FROM_EP = 1;
|
||||
|
||||
UE_UNPACKER_CONDITION_LOADLIBRARY = 1;
|
||||
UE_UNPACKER_CONDITION_GETPROCADDRESS = 2;
|
||||
UE_UNPACKER_CONDITION_ENTRYPOINTBREAK = 3;
|
||||
UE_UNPACKER_CONDITION_RELOCSNAPSHOT1 = 4;
|
||||
UE_UNPACKER_CONDITION_RELOCSNAPSHOT2 = 5;
|
||||
|
||||
UE_FIELD_OK = 0;
|
||||
UE_FIELD_BROKEN_NON_FIXABLE = 1;
|
||||
UE_FIELD_BROKEN_NON_CRITICAL = 2;
|
||||
UE_FIELD_BROKEN_FIXABLE_FOR_STATIC_USE = 3;
|
||||
UE_FIELD_BROKEN_BUT_CAN_BE_EMULATED = 4;
|
||||
UE_FIELD_FIXABLE_NON_CRITICAL = 5;
|
||||
UE_FILED_FIXABLE_CRITICAL = 6;
|
||||
UE_FIELD_NOT_PRESET = 7;
|
||||
UE_FIELD_NOT_PRESET_WARNING = 8;
|
||||
|
||||
UE_RESULT_FILE_OK = 10;
|
||||
UE_RESULT_FILE_INVALID_BUT_FIXABLE = 11;
|
||||
UE_RESULT_FILE_INVALID_AND_NON_FIXABLE = 12;
|
||||
UE_RESULT_FILE_INVALID_FORMAT = 13;
|
||||
|
||||
UE_PLUGIN_CALL_REASON_PREDEBUG = 1;
|
||||
UE_PLUGIN_CALL_REASON_EXCEPTION = 2;
|
||||
UE_PLUGIN_CALL_REASON_POSTDEBUG = 3;
|
||||
|
||||
TEE_HOOK_NRM_JUMP = 1;
|
||||
TEE_HOOK_NRM_CALL = 3;
|
||||
TEE_HOOK_IAT = 5;
|
||||
|
||||
{TitanEngine.Dumper.functions}
|
||||
function DumpProcess(hProcess:THandle; ImageBase:LongInt; szDumpFileName:PAnsiChar; EntryPoint:LongInt):boolean; stdcall; external 'TitanEngine.dll' name 'DumpProcess';
|
||||
function DumpProcessEx(ProcessId:LongInt; ImageBase:LongInt; szDumpFileName:PAnsiChar; EntryPoint:LongInt):boolean; stdcall; external 'TitanEngine.dll' name 'DumpProcessEx';
|
||||
function DumpMemory(hProcess:THandle; MemoryStart,MemorySize:LongInt; szDumpFileName:PAnsiChar):boolean; stdcall; external 'TitanEngine.dll' name 'DumpMemory';
|
||||
function DumpMemoryEx(ProcessId:LongInt; MemoryStart,MemorySize:LongInt; szDumpFileName:PAnsiChar):boolean; stdcall; external 'TitanEngine.dll' name 'DumpMemoryEx';
|
||||
function DumpRegions(hProcess:THandle; szDumpFolder:PAnsiChar; DumpAboveImageBaseOnly:boolean):boolean; stdcall; external 'TitanEngine.dll' name 'DumpRegions';
|
||||
function DumpRegionsEx(ProcessId:LongInt; szDumpFolder:PAnsiChar; DumpAboveImageBaseOnly:boolean):boolean; stdcall; external 'TitanEngine.dll' name 'DumpRegionsEx';
|
||||
function DumpModule(hProcess:THandle; ModuleBase:LongInt; szDumpFileName:PAnsiChar):boolean; stdcall; external 'TitanEngine.dll' name 'DumpModule';
|
||||
function DumpModuleEx(ProcessId:LongInt; ModuleBase:LongInt; szDumpFileName:PAnsiChar):boolean; stdcall; external 'TitanEngine.dll' name 'DumpModuleEx';
|
||||
function PastePEHeader(hProcess:THandle; ImageBase:LongInt; szDebuggedFileName:PAnsiChar):boolean; stdcall; external 'TitanEngine.dll' name 'PastePEHeader';
|
||||
function ExtractSection(szFileName,szDumpFileName:PAnsiChar; SectionNumber:LongInt):boolean; stdcall; external 'TitanEngine.dll' name 'ExtractSection';
|
||||
function ResortFileSections(szFileName:PAnsiChar):boolean; stdcall; external 'TitanEngine.dll' name 'ResortFileSections';
|
||||
function FindOverlay(szFileName:PAnsiChar; OverlayStart,OverlaySize:Pointer):boolean; stdcall; external 'TitanEngine.dll' name 'FindOverlay';
|
||||
function ExtractOverlay(szFileName,szExtactedFileName:PAnsiChar):boolean; stdcall; external 'TitanEngine.dll' name 'ExtractOverlay';
|
||||
function AddOverlay(szFileName,szOverlayFileName:PAnsiChar):boolean; stdcall; external 'TitanEngine.dll' name 'AddOverlay';
|
||||
function CopyOverlay(szInFileName,szOutFileName:PAnsiChar):boolean; stdcall; external 'TitanEngine.dll' name 'CopyOverlay';
|
||||
function RemoveOverlay(szFileName:PAnsiChar):boolean; stdcall; external 'TitanEngine.dll' name 'RemoveOverlay';
|
||||
function MakeAllSectionsRWE(szFileName:PAnsiChar):boolean; stdcall; external 'TitanEngine.dll' name 'MakeAllSectionsRWE';
|
||||
function AddNewSectionEx(szFileName,szSectionName:PAnsiChar; SectionSize,SectionAttributes:LongInt; SectionContent:Pointer; ContentSize:LongInt):LongInt; stdcall; external 'TitanEngine.dll' name 'AddNewSectionEx';
|
||||
function AddNewSection(szFileName,szSectionName:PAnsiChar; SectionSize:LongInt):LongInt; stdcall; external 'TitanEngine.dll' name 'AddNewSection';
|
||||
function ResizeLastSection(szFileName:PAnsiChar; NumberOfExpandBytes:LongInt; AlignResizeData:boolean):boolean; stdcall; external 'TitanEngine.dll' name 'ResizeLastSection';
|
||||
procedure SetSharedOverlay(szFileName:PAnsiChar); stdcall; external 'TitanEngine.dll' name 'SetSharedOverlay';
|
||||
function GetSharedOverlay():PAnsiChar; stdcall; external 'TitanEngine.dll' name 'GetSharedOverlay';
|
||||
function DeleteLastSection(szFileName:PAnsiChar):boolean; stdcall; external 'TitanEngine.dll' name 'DeleteLastSection';
|
||||
function DeleteLastSectionEx(szFileName:PAnsiChar; NumberOfSections:LongInt):boolean; stdcall; external 'TitanEngine.dll' name 'DeleteLastSectionEx';
|
||||
function GetPE32DataFromMappedFile(FileMapVA,WhichSection,WhichData:LongInt):LongInt; stdcall; external 'TitanEngine.dll' name 'GetPE32DataFromMappedFile';
|
||||
function GetPE32Data(szFileName:PAnsiChar; WhichSection,WhichData:LongInt):LongInt; stdcall; external 'TitanEngine.dll' name 'GetPE32Data';
|
||||
function GetPE32DataFromMappedFileEx(FileMapVA:LongInt; DataStorage:Pointer):boolean; stdcall; external 'TitanEngine.dll' name 'GetPE32DataFromMappedFileEx';
|
||||
function GetPE32DataEx(szFileName:PAnsiChar; DataStorage:Pointer):boolean; stdcall; external 'TitanEngine.dll' name 'GetPE32DataEx';
|
||||
function SetPE32DataForMappedFile(FileMapVA,WhichSection,WhichData,NewDataValue:LongInt):boolean; stdcall; external 'TitanEngine.dll' name 'SetPE32DataForMappedFile';
|
||||
function SetPE32Data(szFileName:PAnsiChar; WhichSection,WhichData,NewDataValue:LongInt):boolean; stdcall; external 'TitanEngine.dll' name 'SetPE32Data';
|
||||
function SetPE32DataForMappedFileEx(szFileName:PAnsiChar; DataStorage:Pointer):boolean; stdcall; external 'TitanEngine.dll' name 'SetPE32DataForMappedFileEx';
|
||||
function SetPE32DataEx(szFileName:PAnsiChar; DataStorage:Pointer):boolean; stdcall; external 'TitanEngine.dll' name 'SetPE32DataEx';
|
||||
function GetPE32SectionNumberFromVA(FileMapVA,AddressToConvert:LongInt):LongInt; stdcall; external 'TitanEngine.dll' name 'GetPE32SectionNumberFromVA';
|
||||
function ConvertVAtoFileOffset(FileMapVA,AddressToConvert:LongInt; ReturnType:boolean):LongInt; stdcall; external 'TitanEngine.dll' name 'ConvertVAtoFileOffset';
|
||||
function ConvertVAtoFileOffsetEx(FileMapVA,FileSize,ImageBase,AddressToConvert:LongInt; AddressIsRVA,ReturnType:boolean):LongInt; stdcall; external 'TitanEngine.dll' name 'ConvertVAtoFileOffsetEx';
|
||||
function ConvertFileOffsetToVA(FileMapVA,AddressToConvert:LongInt; ReturnType:boolean):LongInt; stdcall; external 'TitanEngine.dll' name 'ConvertFileOffsetToVA';
|
||||
function ConvertFileOffsetToVAEx(FileMapVA,FileSize,ImageBase,AddressToConvert:LongInt; ReturnType:boolean):LongInt; stdcall; external 'TitanEngine.dll' name 'ConvertFileOffsetToVAEx';
|
||||
{TitanEngine.Realigner.functions}
|
||||
function FixHeaderCheckSum(szFileName:PAnsiChar):boolean; stdcall; external 'TitanEngine.dll' name 'FixHeaderCheckSum';
|
||||
function RealignPE(FileMapVA,FileSize,RealingMode:LongInt):LongInt; stdcall; external 'TitanEngine.dll' name 'RealignPE';
|
||||
function RealignPEEx(szFileName:PAnsiChar; RealingFileSize,ForcedFileAlignment:LongInt):LongInt; stdcall; external 'TitanEngine.dll' name 'RealignPEEx';
|
||||
function WipeSection(szFileName:PAnsiChar; WipeSectionNumber:LongInt; RemovePhysically:boolean):boolean; stdcall; external 'TitanEngine.dll' name 'WipeSection';
|
||||
function IsPE32FileValidEx(szFileName:PAnsiChar; CheckDepth:LongInt; FileStatusInfo:Pointer):boolean; stdcall; external 'TitanEngine.dll' name 'IsPE32FileValidEx';
|
||||
function FixBrokenPE32FileEx(szFileName:PAnsiChar; FileStatusInfo,FileFixInfo:Pointer):boolean; stdcall; external 'TitanEngine.dll' name 'FixBrokenPE32FileEx';
|
||||
function IsFileDLL(szFileName:PAnsiChar; FileMapVA:LongInt):boolean; stdcall; external 'TitanEngine.dll' name 'IsFileDLL';
|
||||
{TitanEngine.Hider.functions}
|
||||
function GetPEBLocation(hProcess:THandle):LongInt; stdcall; external 'TitanEngine.dll' name 'GetPEBLocation';
|
||||
function GetPEBLocation64(hProcess:THandle):LongInt; stdcall; external 'TitanEngine.dll' name 'GetPEBLocation64';
|
||||
function HideDebugger(hProcess:THandle; PatchAPILevel:LongInt):boolean; stdcall; external 'TitanEngine.dll' name 'HideDebugger';
|
||||
function UnHideDebugger(hProcess:THandle; PatchAPILevel:LongInt):boolean; stdcall; external 'TitanEngine.dll' name 'UnHideDebugger';
|
||||
{TitanEngine.Relocater.functions}
|
||||
procedure RelocaterCleanup(); stdcall; external 'TitanEngine.dll' name 'RelocaterCleanup';
|
||||
procedure RelocaterInit(MemorySize,OldImageBase,NewImageBase:LongInt); stdcall; external 'TitanEngine.dll' name 'RelocaterInit';
|
||||
procedure RelocaterAddNewRelocation(hProcess:THandle; RelocateAddress,RelocateState:LongInt); stdcall; external 'TitanEngine.dll' name 'RelocaterAddNewRelocation';
|
||||
function RelocaterEstimatedSize():LongInt; stdcall; external 'TitanEngine.dll' name 'RelocaterEstimatedSize';
|
||||
function RelocaterExportRelocation(StorePlace,StorePlaceRVA,FileMapVA:LongInt):boolean; stdcall; external 'TitanEngine.dll' name 'RelocaterExportRelocation';
|
||||
function RelocaterExportRelocationEx(szFileName,szSectionName:PAnsiChar; StorePlace,StorePlaceRVA:LongInt):boolean; stdcall; external 'TitanEngine.dll' name 'RelocaterExportRelocationEx';
|
||||
function RelocaterGrabRelocationTable(hProcess:THandle; MemoryStart,MemorySize:LongInt):boolean; stdcall; external 'TitanEngine.dll' name 'RelocaterGrabRelocationTable';
|
||||
function RelocaterGrabRelocationTableEx(hProcess:THandle; MemoryStart,MemorySize,NtSizeOfImage:LongInt):boolean; stdcall; external 'TitanEngine.dll' name 'RelocaterGrabRelocationTableEx';
|
||||
function RelocaterMakeSnapshot(hProcess:THandle; szSaveFileName:PAnsiChar; MemoryStart,MemorySize:LongInt):boolean; stdcall; external 'TitanEngine.dll' name 'RelocaterMakeSnapshot';
|
||||
function RelocaterCompareTwoSnapshots(hProcess:THandle; LoadedImageBase,NtSizeOfImage:LongInt; szDumpFile1,szDumpFile2:PAnsiChar; MemStart:LongInt):boolean; stdcall; external 'TitanEngine.dll' name 'RelocaterCompareTwoSnapshots';
|
||||
function RelocaterChangeFileBase(szFileName:PAnsiChar; NewImageBase:LongInt):boolean; stdcall; external 'TitanEngine.dll' name 'RelocaterChangeFileBase';
|
||||
function RelocaterRelocateMemoryBlock(FileMapVA,MemoryLocation:LongInt; RelocateMemory:Pointer; RelocateMemorySize,CurrentLoadedBase,RelocateBase:LongInt):boolean; stdcall; external 'TitanEngine.dll' name 'RelocaterRelocateMemoryBlock';
|
||||
function RelocaterWipeRelocationTable(szFileName:PAnsiChar):boolean; stdcall; external 'TitanEngine.dll' name 'RelocaterWipeRelocationTable';
|
||||
{TitanEngine.Resourcer.functions}
|
||||
function ResourcerLoadFileForResourceUse(szFileName:PAnsiChar):LongInt; stdcall; external 'TitanEngine.dll' name 'ResourcerLoadFileForResourceUse';
|
||||
function ResourcerFreeLoadedFile(LoadedFileBase:LongInt):boolean; stdcall; external 'TitanEngine.dll' name 'ResourcerFreeLoadedFile';
|
||||
function ResourcerExtractResourceFromFileEx(FileMapVA:LongInt; szResourceType,szResourceName,szExtractedFileName:PAnsiChar):boolean; stdcall; external 'TitanEngine.dll' name 'ResourcerExtractResourceFromFileEx';
|
||||
function ResourcerExtractResourceFromFile(szFileName,szResourceType,szResourceName,szExtractedFileName:PAnsiChar):boolean; stdcall; external 'TitanEngine.dll' name 'ResourcerExtractResourceFromFile';
|
||||
function ResourcerFindResource(szFileName,szResourceType:PAnsiChar; ResourceType:LongInt; szResourceName:PAnsiChar; ResourceName,ResourceLanguage:LongInt; pResourceData,pResourceSize:Pointer):boolean; stdcall; external 'TitanEngine.dll' name 'ResourcerFindResource';
|
||||
function ResourcerFindResourceEx(FileMapVA,FileSize:LongInt; szResourceType:PAnsiChar; ResourceType:LongInt; szResourceName:PAnsiChar; ResourceName,ResourceLanguage:LongInt; pResourceData,pResourceSize:Pointer):boolean; stdcall; external 'TitanEngine.dll' name 'ResourcerFindResourceEx';
|
||||
procedure ResourcerEnumerateResource(szFileName:PAnsiChar; CallBack:LongInt); stdcall; external 'TitanEngine.dll' name 'ResourcerEnumerateResource';
|
||||
procedure ResourcerEnumerateResourceEx(FileMapVA,FileSize:LongInt; CallBack:LongInt); stdcall; external 'TitanEngine.dll' name 'ResourcerEnumerateResourceEx';
|
||||
{TitanEngine.FindOEP.functions}
|
||||
procedure FindOEPInit(); stdcall; external 'TitanEngine.dll' name 'FindOEPInit';
|
||||
procedure FindOEPGenerically(szFileName:PAnsiChar; TraceInitCallBack,CallBack:Pointer); stdcall; external 'TitanEngine.dll' name 'FindOEPGenerically';
|
||||
{TitanEngine.Threader.functions}
|
||||
function ThreaderImportRunningThreadData(ProcessId:LongInt):boolean; stdcall; external 'TitanEngine.dll' name 'ThreaderImportRunningThreadData';
|
||||
function ThreaderGetThreadInfo(hThread:THandle; ThreadId:LongInt):LongInt; stdcall; external 'TitanEngine.dll' name 'ThreaderGetThreadInfo';
|
||||
procedure ThreaderEnumThreadInfo(EnumCallBack:Pointer); stdcall; external 'TitanEngine.dll' name 'ThreaderGetThreadInfo';
|
||||
function ThreaderPauseThread(hThread:THandle):boolean; stdcall; external 'TitanEngine.dll' name 'ThreaderPauseThread';
|
||||
function ThreaderResumeThread(hThread:THandle):boolean; stdcall; external 'TitanEngine.dll' name 'ThreaderResumeThread';
|
||||
function ThreaderTerminateThread(hThread:THandle; ThreadExitCode:LongInt):boolean; stdcall; external 'TitanEngine.dll' name 'ThreaderTerminateThread';
|
||||
function ThreaderPauseAllThreads(LeaveMainRunning:boolean):boolean; stdcall; external 'TitanEngine.dll' name 'ThreaderPauseAllThreads';
|
||||
function ThreaderResumeAllThreads(LeaveMainPaused:boolean):boolean; stdcall; external 'TitanEngine.dll' name 'ThreaderResumeAllThreads';
|
||||
function ThreaderPauseProcess():boolean; stdcall; external 'TitanEngine.dll' name 'ThreaderPauseProcess';
|
||||
function ThreaderResumeProcess():boolean; stdcall; external 'TitanEngine.dll' name 'ThreaderResumeProcess';
|
||||
function ThreaderCreateRemoteThread(ThreadStartAddress:LongInt; AutoCloseTheHandle:boolean; ThreadPassParameter,ThreadId:Pointer):LongInt; stdcall; external 'TitanEngine.dll' name 'ThreaderCreateRemoteThread';
|
||||
function ThreaderInjectAndExecuteCode(InjectCode:Pointer; StartDelta,InjectSize:LongInt):boolean; stdcall; external 'TitanEngine.dll' name 'ThreaderInjectAndExecuteCode';
|
||||
function ThreaderCreateRemoteThreadEx(hProcess:THandle; ThreadStartAddress:LongInt; AutoCloseTheHandle:boolean; ThreadPassParameter,ThreadId:Pointer):LongInt; stdcall; external 'TitanEngine.dll' name 'ThreaderCreateRemoteThreadEx';
|
||||
function ThreaderInjectAndExecuteCodeEx(hProcess:THandle; InjectCode:Pointer; StartDelta,InjectSize:LongInt):boolean; stdcall; external 'TitanEngine.dll' name 'ThreaderInjectAndExecuteCodeEx';
|
||||
procedure ThreaderSetCallBackForNextExitThreadEvent(exitThreadCallBack:Pointer); stdcall; external 'TitanEngine.dll' name 'ThreaderSetCallBackForNextExitThreadEvent';
|
||||
function ThreaderIsThreadStillRunning(hThread:THandle):boolean; stdcall; external 'TitanEngine.dll' name 'ThreaderIsThreadStillRunning';
|
||||
function ThreaderIsThreadActive(hThread:THandle):boolean; stdcall; external 'TitanEngine.dll' name 'ThreaderIsThreadActive';
|
||||
function ThreaderIsAnyThreadActive():boolean; stdcall; external 'TitanEngine.dll' name 'ThreaderIsAnyThreadActive';
|
||||
function ThreaderExecuteOnlyInjectedThreads():boolean; stdcall; external 'TitanEngine.dll' name 'ThreaderExecuteOnlyInjectedThreads';
|
||||
function ThreaderGetOpenHandleForThread(ThreadId:LongInt):THandle; stdcall; external 'TitanEngine.dll' name 'ThreaderGetOpenHandleForThread';
|
||||
function ThreaderIsExceptionInMainThread():boolean; stdcall; external 'TitanEngine.dll' name 'ThreaderIsExceptionInMainThread';
|
||||
{TitanEngine.Debugger.functions}
|
||||
function StaticDisassembleEx(DisassmStart:LongInt; DisassmAddress:Pointer):PAnsiChar; stdcall; external 'TitanEngine.dll' name 'StaticDisassembleEx';
|
||||
function StaticDisassemble(DisassmAddress:Pointer):PAnsiChar; stdcall; external 'TitanEngine.dll' name 'StaticDisassemble';
|
||||
function DisassembleEx(hProcess:THandle; DisassmAddress:Pointer):PAnsiChar; stdcall; external 'TitanEngine.dll' name 'DisassembleEx';
|
||||
function Disassemble(DisassmAddress:Pointer):PAnsiChar; stdcall; external 'TitanEngine.dll' name 'Disassemble';
|
||||
function StaticLengthDisassemble(DisassmAddress:Pointer):LongInt; stdcall; external 'TitanEngine.dll' name 'StaticLengthDisassemble';
|
||||
function LengthDisassembleEx(hProcess:THandle; DisassmAddress:Pointer):LongInt; stdcall; external 'TitanEngine.dll' name 'LengthDisassembleEx';
|
||||
function LengthDisassemble(DisassmAddress:Pointer):LongInt; stdcall; external 'TitanEngine.dll' name 'LengthDisassemble';
|
||||
function InitDebug(szFileName,szCommandLine,szCurrentFolder:PAnsiChar): Pointer; stdcall; external 'TitanEngine.dll' name 'InitDebug';
|
||||
function InitNativeDebug(szFileName,szCommandLine,szCurrentFolder:PAnsiChar): Pointer; stdcall; external 'TitanEngine.dll' name 'InitNonWin32Debug';
|
||||
function InitDebugEx(szFileName,szCommandLine,szCurrentFolder:PAnsiChar; EntryCallBack:Pointer): Pointer; stdcall; external 'TitanEngine.dll' name 'InitDebugEx';
|
||||
function InitDLLDebug(szFileName:PAnsiChar; ReserveModuleBase:boolean; szCommandLine,szCurrentFolder:PAnsiChar; EntryCallBack:Pointer): Pointer; stdcall; external 'TitanEngine.dll' name 'InitDLLDebug';
|
||||
function StopDebug(): Boolean; stdcall; external 'TitanEngine.dll' name 'StopDebug';
|
||||
procedure SetBPXOptions(DefaultBreakPointType:LongInt); stdcall; external 'TitanEngine.dll' name 'SetBPXOptions';
|
||||
function IsBPXEnabled(bpxAddress:LongInt): boolean; stdcall; external 'TitanEngine.dll' name 'IsBPXEnabled';
|
||||
function EnableBPX(bpxAddress:LongInt): boolean; stdcall; external 'TitanEngine.dll' name 'EnableBPX';
|
||||
function DisableBPX(bpxAddress:LongInt): boolean; stdcall; external 'TitanEngine.dll' name 'DisableBPX';
|
||||
function SetBPX(bpxAddress,bpxType:LongInt; bpxCallBack:Pointer): boolean; stdcall; external 'TitanEngine.dll' name 'SetBPX';
|
||||
function DeleteBPX(bpxAddress:LongInt): boolean; stdcall; external 'TitanEngine.dll' name 'DeleteBPX';
|
||||
function SafeDeleteBPX(bpxAddress:LongInt): boolean; stdcall; external 'TitanEngine.dll' name 'SafeDeleteBPX';
|
||||
function SetAPIBreakPoint(szDLLName,szAPIName:PAnsiChar; bpxType,bpxPlace:LongInt; bpxCallBack:Pointer):boolean; stdcall; external 'TitanEngine.dll' name 'SetAPIBreakPoint';
|
||||
function DeleteAPIBreakPoint(szDLLName,szAPIName:PAnsiChar; bpxPlace:LongInt):boolean; stdcall; external 'TitanEngine.dll' name 'DeleteAPIBreakPoint';
|
||||
function SafeDeleteAPIBreakPoint(szDLLName,szAPIName:PAnsiChar; bpxPlace:LongInt):boolean; stdcall; external 'TitanEngine.dll' name 'SafeDeleteAPIBreakPoint';
|
||||
function SetMemoryBPX(MemoryStart,SizeOfMemory:LongInt; bpxCallBack:Pointer):boolean; stdcall; external 'TitanEngine.dll' name 'SetMemoryBPX';
|
||||
function SetMemoryBPXEx(MemoryStart,SizeOfMemory,BreakPointType:LongInt; RestoreOnHit:boolean; bpxCallBack:Pointer):boolean; stdcall; external 'TitanEngine.dll' name 'SetMemoryBPXEx';
|
||||
function RemoveMemoryBPX(MemoryStart,SizeOfMemory:LongInt):boolean; stdcall; external 'TitanEngine.dll' name 'RemoveMemoryBPX';
|
||||
function GetContextFPUDataEx(hActiveThread:THandle; FPUSaveArea:Pointer): boolean; stdcall; external 'TitanEngine.dll' name 'GetContextFPUDataEx';
|
||||
function GetContextDataEx(hActiveThread:THandle; IndexOfRegister:LongInt): LongInt; stdcall; external 'TitanEngine.dll' name 'GetContextDataEx';
|
||||
function GetContextData(IndexOfRegister:LongInt): LongInt; stdcall; external 'TitanEngine.dll' name 'GetContextData';
|
||||
function SetContextFPUDataEx(hActiveThread:THandle; FPUSaveArea:Pointer): boolean; stdcall; external 'TitanEngine.dll' name 'SetContextFPUDataEx';
|
||||
function SetContextDataEx(hActiveThread:THandle; IndexOfRegister,NewRegisterValue:LongInt):boolean; stdcall; external 'TitanEngine.dll' name 'SetContextDataEx';
|
||||
function SetContextData(IndexOfRegister,NewRegisterValue:LongInt):boolean; stdcall; external 'TitanEngine.dll' name 'SetContextData';
|
||||
procedure ClearExceptionNumber(); stdcall; external 'TitanEngine.dll' name 'ClearExceptionNumber';
|
||||
function CurrentExceptionNumber(): LongInt; stdcall; external 'TitanEngine.dll' name 'CurrentExceptionNumber';
|
||||
function MatchPatternEx(hProcess:THandle; MemoryToCheck,SizeOfMemoryToCheck:LongInt; PatternToMatch:Pointer; SizeOfPatternToMatch:LongInt; WildCard:Pointer): boolean; stdcall; external 'TitanEngine.dll' name 'MatchPatternEx';
|
||||
function MatchPattern(MemoryToCheck,SizeOfMemoryToCheck:LongInt; PatternToMatch:Pointer; SizeOfPatternToMatch:LongInt; WildCard:Pointer): boolean; stdcall; external 'TitanEngine.dll' name 'MatchPattern';
|
||||
function FindEx(hProcess:THandle; MemoryStart,MemorySize:LongInt; SearchPattern:Pointer; PatternSize:LongInt; WildCard:Pointer): LongInt; stdcall; external 'TitanEngine.dll' name 'FindEx';
|
||||
function Find(MemoryStart,MemorySize:LongInt; SearchPattern:Pointer; PatternSize:LongInt; WildCard:Pointer): LongInt; stdcall; external 'TitanEngine.dll' name 'Find';
|
||||
function FillEx(hProcess:THandle; MemoryStart,MemorySize:LongInt; FillByte:Pointer): boolean; stdcall; external 'TitanEngine.dll' name 'FillEx';
|
||||
function Fill(MemoryStart,MemorySize:LongInt; FillByte:Pointer): boolean; stdcall; external 'TitanEngine.dll' name 'Fill';
|
||||
function PatchEx(hProcess:THandle; MemoryStart,MemorySize:LongInt; ReplacePattern:Pointer; ReplaceSize:LongInt; AppendNOP,PrependNOP:boolean): boolean; stdcall; external 'TitanEngine.dll' name 'PatchEx';
|
||||
function Patch(MemoryStart,MemorySize:LongInt; ReplacePattern:Pointer; ReplaceSize:LongInt; AppendNOP,PrependNOP:boolean): boolean; stdcall; external 'TitanEngine.dll' name 'Patch';
|
||||
function ReplaceEx(hProcess:THandle; MemoryStart,MemorySize:LongInt; SearchPattern:Pointer; PatternSize,NumberOfRepetitions:LongInt; ReplacePattern:Pointer; ReplaceSize:LongInt; WildCard:Pointer): boolean; stdcall; external 'TitanEngine.dll' name 'ReplaceEx';
|
||||
function Replace(MemoryStart,MemorySize:LongInt; SearchPattern:Pointer; PatternSize,NumberOfRepetitions:LongInt; ReplacePattern:Pointer; ReplaceSize:LongInt; WildCard:Pointer): boolean; stdcall; external 'TitanEngine.dll' name 'Replace';
|
||||
function GetDebugData(): Pointer; stdcall; external 'TitanEngine.dll' name 'GetDebugData';
|
||||
function GetTerminationData(): Pointer; stdcall; external 'TitanEngine.dll' name 'GetTerminationData';
|
||||
function GetExitCode():LongInt; stdcall; external 'TitanEngine.dll' name 'GetExitCode';
|
||||
function GetDebuggedDLLBaseAddress(): LongInt; stdcall; external 'TitanEngine.dll' name 'GetDebuggedDLLBaseAddress';
|
||||
function GetDebuggedFileBaseAddress(): LongInt; stdcall; external 'TitanEngine.dll' name 'GetDebuggedFileBaseAddress';
|
||||
function GetRemoteString(hProcess:THandle; StringAddress:LongInt; StringStorage:Pointer; MaximumStringSize:LongInt): LongInt; stdcall; external 'TitanEngine.dll' name 'GetRemoteString';
|
||||
function GetFunctionParameter(hProcess:THandle; FunctionType,ParameterNumber,ParameterType:LongInt): LongInt; stdcall; external 'TitanEngine.dll' name 'GetFunctionParameter';
|
||||
function GetJumpDestinationEx(hProcess:THandle; InstructionAddress:LongInt; JustJumps:boolean): LongInt; stdcall; external 'TitanEngine.dll' name 'GetJumpDestinationEx';
|
||||
function GetJumpDestination(hProcess:THandle; InstructionAddress:LongInt; JustJumps:boolean): LongInt; stdcall; external 'TitanEngine.dll' name 'GetJumpDestination';
|
||||
function IsJumpGoingToExecuteEx(hProcess,hThread:THandle; InstructionAddress,RegFlags:LongInt): boolean; stdcall; external 'TitanEngine.dll' name 'IsJumpGoingToExecuteEx';
|
||||
function IsJumpGoingToExecute(): boolean; stdcall; external 'TitanEngine.dll' name 'IsJumpGoingToExecute';
|
||||
procedure SetCustomHandler(WhichException:LongInt; CallBack:Pointer); stdcall; external 'TitanEngine.dll' name 'SetCustomHandler';
|
||||
procedure ForceClose(); stdcall; external 'TitanEngine.dll' name 'ForceClose';
|
||||
procedure StepInto(traceCallBack:Pointer); stdcall; external 'TitanEngine.dll' name 'StepInto';
|
||||
procedure StepOver(traceCallBack:Pointer); stdcall; external 'TitanEngine.dll' name 'StepOver';
|
||||
procedure SingleStep(StepCount:LongInt; StepCallBack:Pointer); stdcall; external 'TitanEngine.dll' name 'SingleStep';
|
||||
function GetUnusedHardwareBreakPointRegister(RegisterIndex:Pointer):boolean; stdcall; external 'TitanEngine.dll' name 'GetUnusedHardwareBreakPointRegister';
|
||||
function SetHardwareBreakPointEx(hActiveThread:THandle; bpxAddress,IndexOfRegister,bpxType,bpxSize:LongInt; bpxCallBack,IndexOfSelectedRegister:Pointer):boolean; stdcall; external 'TitanEngine.dll' name 'SetHardwareBreakPointEx';
|
||||
function SetHardwareBreakPoint(bpxAddress,IndexOfRegister,bpxType,bpxSize:LongInt; bpxCallBack:Pointer):boolean; stdcall; external 'TitanEngine.dll' name 'SetHardwareBreakPoint';
|
||||
function DeleteHardwareBreakPoint(IndexOfRegister:LongInt):boolean; stdcall; external 'TitanEngine.dll' name 'DeleteHardwareBreakPoint';
|
||||
function RemoveAllBreakPoints(RemoveOption:LongInt):boolean; stdcall; external 'TitanEngine.dll' name 'RemoveAllBreakPoints';
|
||||
function GetProcessInformation(): Pointer; stdcall; external 'TitanEngine.dll' name 'GetProcessInformation';
|
||||
function GetStartupInformation(): Pointer; stdcall; external 'TitanEngine.dll' name 'GetStartupInformation';
|
||||
procedure DebugLoop(); stdcall; external 'TitanEngine.dll' name 'DebugLoop';
|
||||
procedure SetDebugLoopTimeOut(TimeOut:LongInt); stdcall; external 'TitanEngine.dll' name 'SetDebugLoopTimeOut';
|
||||
procedure SetNextDbgContinueStatus(SetDbgCode:LongInt); stdcall; external 'TitanEngine.dll' name 'SetNextDbgContinueStatus';
|
||||
function AttachDebugger(ProcessId:LongInt; KillOnExit:Boolean; DebugInfo,CallBack:Pointer): Pointer; stdcall; external 'TitanEngine.dll' name 'AttachDebugger';
|
||||
function DetachDebugger(ProcessId:LongInt): Pointer; stdcall; external 'TitanEngine.dll' name 'DetachDebugger';
|
||||
function DetachDebuggerEx(ProcessId:LongInt): Pointer; stdcall; external 'TitanEngine.dll' name 'DetachDebuggerEx';
|
||||
function DebugLoopEx(TimeOut:LongInt): LongInt; stdcall; external 'TitanEngine.dll' name 'DebugLoopEx';
|
||||
procedure AutoDebugEx(szFileName:PAnsiChar; ReserveModuleBase:boolean; szCommandLine,szCurrentFolder:PAnsiChar; TimeOut:LongInt; EntryCallBack:Pointer); stdcall; external 'TitanEngine.dll' name 'AutoDebugEx';
|
||||
function IsFileBeingDebugged(): boolean; stdcall; external 'TitanEngine.dll' name 'IsFileBeingDebugged';
|
||||
procedure SetErrorModel(DisplayErrorMessages:boolean); stdcall; external 'TitanEngine.dll' name 'SetErrorModel';
|
||||
{TitanEngine.Importer.functions}
|
||||
procedure ImporterCleanup(); stdcall; external 'TitanEngine.dll' name 'ImporterCleanup';
|
||||
procedure ImporterSetImageBase(ImageBase:LongInt); stdcall; external 'TitanEngine.dll' name 'ImporterSetImageBase';
|
||||
procedure ImporterSetUnknownDelta(DeltaAddress:LongInt); stdcall; external 'TitanEngine.dll' name 'ImporterSetUnknownDelta';
|
||||
function ImporterGetCurrentDelta():LongInt; stdcall; external 'TitanEngine.dll' name 'ImporterGetCurrentDelta';
|
||||
procedure ImporterInit(MemorySize,ImageBase:LongInt); stdcall; external 'TitanEngine.dll' name 'ImporterInit';
|
||||
procedure ImporterAddNewDll(DLLName:PAnsiChar; FirstThunk:LongInt); stdcall; external 'TitanEngine.dll' name 'ImporterAddNewDll';
|
||||
procedure ImporterAddNewAPI(APIName:PAnsiChar; FirstThunk:LongInt); stdcall; external 'TitanEngine.dll' name 'ImporterAddNewAPI';
|
||||
procedure ImporterAddNewOrdinalAPI(dwAPIName,FirstThunk:LongInt); stdcall; external 'TitanEngine.dll' name 'ImporterAddNewAPI';
|
||||
function ImporterGetAddedDllCount(): LongInt; stdcall; external 'TitanEngine.dll' name 'ImporterGetAddedDllCount';
|
||||
function ImporterGetAddedAPICount(): LongInt; stdcall; external 'TitanEngine.dll' name 'ImporterGetAddedAPICount';
|
||||
function ImporterGetLastAddedDLLName(): PAnsiChar; stdcall; external 'TitanEngine.dll' name 'ImporterGetLastAddedDLLName';
|
||||
procedure ImporterMoveIAT(); stdcall; external 'TitanEngine.dll' name 'ImporterMoveIAT';
|
||||
function ImporterExportIAT(StorePlace,FileMap:LongInt):boolean; stdcall; external 'TitanEngine.dll' name 'ImporterExportIAT';
|
||||
function ImporterEstimatedSize(): LongInt; stdcall; external 'TitanEngine.dll' name 'ImporterEstimatedSize';
|
||||
function ImporterExportIATEx(szExportFileName,szSectionName:PAnsiChar):boolean; stdcall; external 'TitanEngine.dll' name 'ImporterExportIATEx';
|
||||
function ImporterFindAPIWriteLocation(szAPIName:PAnsiChar): LongInt; stdcall; external 'TitanEngine.dll' name 'ImporterFindAPIWriteLocation';
|
||||
function ImporterFindOrdinalAPIWriteLocation(OrdinalNumber:LongInt): LongInt; stdcall; external 'TitanEngine.dll' name 'ImporterFindOrdinalAPIWriteLocation';
|
||||
function ImporterFindAPIByWriteLocation(APIWriteLocation:PAnsiChar): LongInt; stdcall; external 'TitanEngine.dll' name 'ImporterFindAPIByWriteLocation';
|
||||
function ImporterFindDLLByWriteLocation(APIWriteLocation:PAnsiChar): LongInt; stdcall; external 'TitanEngine.dll' name 'ImporterFindDLLByWriteLocation';
|
||||
function ImporterGetDLLName(APIAddress:LongInt): PAnsiChar; stdcall; external 'TitanEngine.dll' name 'ImporterGetDLLName';
|
||||
function ImporterGetAPIName(APIAddress:LongInt): PAnsiChar; stdcall; external 'TitanEngine.dll' name 'ImporterGetAPIName';
|
||||
function ImporterGetAPIOrdinalNumber(APIAddress:LongInt): LongInt; stdcall; external 'TitanEngine.dll' name 'ImporterGetAPIOrdinalNumber';
|
||||
function ImporterGetAPINameEx(APIAddress:LongInt; pDLLBases:Pointer): PAnsiChar; stdcall; external 'TitanEngine.dll' name 'ImporterGetAPINameEx';
|
||||
function ImporterGetRemoteAPIAddress(hProcess:THandle; APIAddress:LongInt): LongInt; stdcall; external 'TitanEngine.dll' name 'ImporterGetRemoteAPIAddress';
|
||||
function ImporterGetRemoteAPIAddressEx(szDLLName,szAPIName:PAnsiChar): LongInt; stdcall; external 'TitanEngine.dll' name 'ImporterGetRemoteAPIAddressEx';
|
||||
function ImporterGetLocalAPIAddress(hProcess:THandle; APIAddress:LongInt): LongInt; stdcall; external 'TitanEngine.dll' name 'ImporterGetLocalAPIAddress';
|
||||
function ImporterGetDLLNameFromDebugee(hProcess:THandle; APIAddress:LongInt): PAnsiChar; stdcall; external 'TitanEngine.dll' name 'ImporterGetDLLNameFromDebugee';
|
||||
function ImporterGetAPINameFromDebugee(hProcess:THandle; APIAddress:LongInt): PAnsiChar; stdcall; external 'TitanEngine.dll' name 'ImporterGetAPINameFromDebugee';
|
||||
function ImporterGetAPIOrdinalNumberFromDebugee(hProcess:THandle; APIAddress:LongInt): LongInt; stdcall; external 'TitanEngine.dll' name 'ImporterGetAPIOrdinalNumberFromDebugee';
|
||||
function ImporterGetDLLIndexEx(APIAddress:LongInt; pDLLBases:Pointer): LongInt; stdcall; external 'TitanEngine.dll' name 'ImporterGetDLLIndexEx';
|
||||
function ImporterGetDLLIndex(hProcess:THandle; APIAddress:LongInt; pDLLBases:Pointer): LongInt; stdcall; external 'TitanEngine.dll' name 'ImporterGetDLLIndex';
|
||||
function ImporterGetRemoteDLLBase(hProcess:THandle; LocalModuleBase:LongInt): LongInt; stdcall; external 'TitanEngine.dll' name 'ImporterGetRemoteDLLBase';
|
||||
function ImporterRelocateWriteLocation(AddValue:LongInt): boolean; stdcall; external 'TitanEngine.dll' name 'ImporterRelocateWriteLocation';
|
||||
function ImporterIsForwardedAPI(hProcess:THandle; APIAddress:LongInt): boolean; stdcall; external 'TitanEngine.dll' name 'ImporterIsForwardedAPI';
|
||||
function ImporterGetForwardedAPIName(hProcess:THandle; APIAddress:LongInt): PAnsiChar; stdcall; external 'TitanEngine.dll' name 'ImporterGetForwardedAPIName';
|
||||
function ImporterGetForwardedDLLName(hProcess:THandle; APIAddress:LongInt): PAnsiChar; stdcall; external 'TitanEngine.dll' name 'ImporterGetForwardedDLLName';
|
||||
function ImporterGetForwardedDLLIndex(hProcess:THandle; APIAddress:LongInt; pDLLBases:Pointer): LongInt; stdcall; external 'TitanEngine.dll' name 'ImporterGetForwardedDLLIndex';
|
||||
function ImporterGetForwardedAPIOrdinalNumber(hProcess:THandle; APIAddress:LongInt): LongInt; stdcall; external 'TitanEngine.dll' name 'ImporterGetForwardedAPIOrdinalNumber';
|
||||
function ImporterGetNearestAPIAddress(hProcess:THandle; APIAddress:LongInt): LongInt; stdcall; external 'TitanEngine.dll' name 'ImporterGetNearestAPIAddress';
|
||||
function ImporterGetNearestAPIName(hProcess:THandle; APIAddress:LongInt): PAnsiChar; stdcall; external 'TitanEngine.dll' name 'ImporterGetNearestAPIName';
|
||||
function ImporterCopyOriginalIAT(szOriginalFile,szDumpFile:PAnsiChar): boolean; stdcall; external 'TitanEngine.dll' name 'ImporterCopyOriginalIAT';
|
||||
function ImporterLoadImportTable(szFileName:PAnsiChar): boolean; stdcall; external 'TitanEngine.dll' name 'ImporterLoadImportTable';
|
||||
function ImporterMoveOriginalIAT(szOriginalFile,szDumpFile,szSectionName:PAnsiChar): boolean; stdcall; external 'TitanEngine.dll' name 'ImporterMoveOriginalIAT';
|
||||
procedure ImporterAutoSearchIAT(pFileName:PAnsiChar;ImageBase,SearchStart,SearchSize:LongInt;pIATStart,pIATSize:Pointer); stdcall; external 'TitanEngine.dll' name 'ImporterAutoSearchIAT';
|
||||
procedure ImporterAutoSearchIATEx(hProcess:LongInt;ImageBase,SearchStart,SearchSize:LongInt;pIATStart,pIATSize:Pointer); stdcall; external 'TitanEngine.dll' name 'ImporterAutoSearchIATEx';
|
||||
procedure ImporterEnumAddedData(EnumCallBack:Pointer); stdcall; external 'TitanEngine.dll' name 'ImporterEnumAddedData';
|
||||
function ImporterAutoFixIAT(hProcess:LongInt;pFileName:PAnsiChar;ImageBase,SearchStart,SearchSize,SearchStep:LongInt):LongInt; stdcall; external 'TitanEngine.dll' name 'ImporterAutoFixIAT';
|
||||
function ImporterAutoFixIATEx(hProcess:LongInt;pFileName,szSectionName:PAnsiChar;DumpRunningProcess,RealignFile:boolean;EntryPointAddress,ImageBase,SearchStart,SearchSize,SearchStep:LongInt;TryAutoFix,FixEliminations:boolean;UnknownPointerFixCallback:LongInt):LongInt; stdcall; external 'TitanEngine.dll' name 'ImporterAutoFixIATEx';
|
||||
{TitanEngine.Hooks.functions}
|
||||
function HooksSafeTransitionEx(HookAddressArray:Pointer; NumberOfHooks:LongInt; TransitionStart:boolean):boolean; stdcall; external 'TitanEngine.dll' name 'HooksSafeTransitionEx';
|
||||
function HooksSafeTransition(HookAddressArray:Pointer; TransitionStart:boolean):boolean; stdcall; external 'TitanEngine.dll' name 'HooksSafeTransition';
|
||||
function HooksIsAddressRedirected(HookAddressArray:Pointer):boolean; stdcall; external 'TitanEngine.dll' name 'HooksIsAddressRedirected';
|
||||
function HooksGetTrampolineAddress(HookAddressArray:Pointer):Pointer; stdcall; external 'TitanEngine.dll' name 'HooksGetTrampolineAddress';
|
||||
function HooksGetHookEntryDetails(HookAddressArray:Pointer):Pointer; stdcall; external 'TitanEngine.dll' name 'HooksGetHookEntryDetails';
|
||||
function HooksInsertNewRedirection(HookAddressArray,RedirectTo:Pointer; HookType:LongInt):boolean; stdcall; external 'TitanEngine.dll' name 'HooksInsertNewRedirection';
|
||||
function HooksInsertNewIATRedirectionEx(FileMapVA,LoadedModuleBase:LongInt; szHookFunction:PAnsiChar; RedirectTo:Pointer):boolean; stdcall; external 'TitanEngine.dll' name 'HooksInsertNewIATRedirectionEx';
|
||||
function HooksInsertNewIATRedirection(szModuleName,szHookFunction:PAnsiChar; RedirectTo:Pointer):boolean; stdcall; external 'TitanEngine.dll' name 'HooksInsertNewIATRedirection';
|
||||
function HooksRemoveRedirection(HookAddressArray:Pointer; RemoveAll:boolean):boolean; stdcall; external 'TitanEngine.dll' name 'HooksRemoveRedirection';
|
||||
function HooksRemoveRedirectionsForModule(ModuleBase:LongInt):boolean; stdcall; external 'TitanEngine.dll' name 'HooksRemoveRedirectionsForModule';
|
||||
function HooksDisableRedirection(HookAddressArray:Pointer; DisableAll:boolean):boolean; stdcall; external 'TitanEngine.dll' name 'HooksDisableRedirection';
|
||||
function HooksDisableRedirectionsForModule(ModuleBase:LongInt):boolean; stdcall; external 'TitanEngine.dll' name 'HooksDisableRedirectionsForModule';
|
||||
function HooksEnableRedirection(HookAddressArray:Pointer; EnableAll:boolean):boolean; stdcall; external 'TitanEngine.dll' name 'HooksEnableRedirection';
|
||||
function HooksEnableRedirectionsForModule(ModuleBase:LongInt):boolean; stdcall; external 'TitanEngine.dll' name 'HooksEnableRedirectionsForModule';
|
||||
function HooksRemoveIATRedirection(szModuleName,szHookFunction:PAnsiChar; RemoveAll:boolean):boolean; stdcall; external 'TitanEngine.dll' name 'HooksRemoveIATRedirection';
|
||||
function HooksDisableIATRedirection(szModuleName,szHookFunction:PAnsiChar; DisableAll:boolean):boolean; stdcall; external 'TitanEngine.dll' name 'HooksDisableIATRedirection';
|
||||
function HooksEnableIATRedirection(szModuleName,szHookFunction:PAnsiChar; EnableAll:boolean):boolean; stdcall; external 'TitanEngine.dll' name 'HooksEnableIATRedirection';
|
||||
procedure HooksScanModuleMemory(ModuleBase:LongInt; CallBack:Pointer); stdcall; external 'TitanEngine.dll' name 'HooksScanModuleMemory';
|
||||
procedure HooksScanEntireProcessMemory(CallBack:Pointer); stdcall; external 'TitanEngine.dll' name 'HooksScanEntireProcessMemory';
|
||||
procedure HooksScanEntireProcessMemoryEx(); stdcall; external 'TitanEngine.dll' name 'HooksScanEntireProcessMemoryEx';
|
||||
{TitanEngine.Tracer.functions}
|
||||
procedure TracerInit(); stdcall; external 'TitanEngine.dll' name 'TracerInit';
|
||||
function TracerLevel1(hProcess,APIAddress:LongInt):LongInt; stdcall; external 'TitanEngine.dll' name 'TracerLevel1';
|
||||
function HashTracerLevel1(hProcess,APIAddress,NumberOfInstructions:LongInt):LongInt; stdcall; external 'TitanEngine.dll' name 'HashTracerLevel1';
|
||||
function TracerDetectRedirection(hProcess,APIAddress:LongInt):LongInt; stdcall; external 'TitanEngine.dll' name 'TracerDetectRedirection';
|
||||
function TracerFixKnownRedirection(hProcess,APIAddress,RedirectionId:LongInt):LongInt; stdcall; external 'TitanEngine.dll' name 'TracerFixKnownRedirection';
|
||||
function TracerFixRedirectionViaImpRecPlugin(hProcess:LongInt;szPluginName:PAnsiChar;APIAddress:LongInt):LongInt; stdcall; external 'TitanEngine.dll' name 'TracerFixRedirectionViaImpRecPlugin';
|
||||
{TitanEngine.Exporter.functions}
|
||||
procedure ExporterCleanup(); stdcall; external 'TitanEngine.dll' name 'ExporterCleanup';
|
||||
procedure ExporterSetImageBase(ImageBase:LongInt); stdcall; external 'TitanEngine.dll' name 'ExporterSetImageBase';
|
||||
procedure ExporterInit(MemorySize,ImageBase,ExportOrdinalBase:LongInt; szExportModuleName:PAnsiChar); stdcall; external 'TitanEngine.dll' name 'ExporterInit';
|
||||
function ExporterAddNewExport(szExportName:PAnsiChar; ExportRelativeAddress:LongInt):boolean; stdcall; external 'TitanEngine.dll' name 'ExporterAddNewExport';
|
||||
function ExporterAddNewOrdinalExport(OrdinalNumber,ExportRelativeAddress:LongInt):boolean; stdcall; external 'TitanEngine.dll' name 'ExporterAddNewOrdinalExport';
|
||||
function ExporterGetAddedExportCount():LongInt; stdcall; external 'TitanEngine.dll' name 'ExporterGetAddedExportCount';
|
||||
function ExporterEstimatedSize():LongInt; stdcall; external 'TitanEngine.dll' name 'ExporterEstimatedSize';
|
||||
function ExporterBuildExportTable(StorePlace,FileMapVA:LongInt):boolean; stdcall; external 'TitanEngine.dll' name 'ExporterBuildExportTable';
|
||||
function ExporterBuildExportTableEx(szExportFileName,szSectionName:PAnsiChar):boolean; stdcall; external 'TitanEngine.dll' name 'ExporterBuildExportTableEx';
|
||||
function ExporterLoadExportTable(szFileName:PAnsiChar):boolean; stdcall; external 'TitanEngine.dll' name 'ExporterLoadExportTable';
|
||||
{TitanEngine.Librarian.functions}
|
||||
function LibrarianSetBreakPoint(szLibraryName:PAnsiChar; bpxType:LongInt; SingleShoot:boolean; bpxCallBack:Pointer):boolean; stdcall; external 'TitanEngine.dll' name 'LibrarianSetBreakPoint';
|
||||
function LibrarianRemoveBreakPoint(szLibraryName:PAnsiChar; bpxType:LongInt):boolean; stdcall; external 'TitanEngine.dll' name 'LibrarianRemoveBreakPoint';
|
||||
function LibrarianGetLibraryInfo(szLibraryName:PAnsiChar):Pointer; stdcall; external 'TitanEngine.dll' name 'LibrarianGetLibraryInfo';
|
||||
function LibrarianGetLibraryInfoEx(BaseOfDll:Pointer):Pointer; stdcall; external 'TitanEngine.dll' name 'LibrarianGetLibraryInfoEx';
|
||||
procedure LibrarianEnumLibraryInfo(BaseOfDll:Pointer); stdcall; external 'TitanEngine.dll' name 'LibrarianEnumLibraryInfo';
|
||||
{TitanEngine.Process.functions}
|
||||
function GetActiveProcessId(szImageName:PAnsiChar):LongInt; stdcall; external 'TitanEngine.dll' name 'GetActiveProcessId';
|
||||
function EnumProcessesWithLibrary(szLibraryName:PAnsiChar; EnumFunction:Pointer):LongInt; stdcall; external 'TitanEngine.dll' name 'EnumProcessesWithLibrary';
|
||||
{TitanEngine.TLSFixer.functions}
|
||||
function TLSBreakOnCallBack(ArrayOfCallBacks:Pointer; NumberOfCallBacks:LongInt; bpxCallBack:Pointer):boolean; stdcall; external 'TitanEngine.dll' name 'TLSBreakOnCallBack';
|
||||
function TLSGrabCallBackData(szFileName:PAnsiChar; ArrayOfCallBacks,NumberOfCallBacks:Pointer):boolean; stdcall; external 'TitanEngine.dll' name 'TLSGrabCallBackData';
|
||||
function TLSBreakOnCallBackEx(szFileName:PAnsiChar; bpxCallBack:Pointer):boolean; stdcall; external 'TitanEngine.dll' name 'TLSBreakOnCallBackEx';
|
||||
function TLSRemoveCallback(szFileName:PAnsiChar):boolean; stdcall; external 'TitanEngine.dll' name 'TLSRemoveCallback';
|
||||
function TLSRemoveTable(szFileName:PAnsiChar):boolean; stdcall; external 'TitanEngine.dll' name 'TLSRemoveTable';
|
||||
function TLSBackupData(szFileName:PAnsiChar):boolean; stdcall; external 'TitanEngine.dll' name 'TLSBackupData';
|
||||
function TLSRestoreData():boolean; stdcall; external 'TitanEngine.dll' name 'TLSRestoreData';
|
||||
function TLSBuildNewTable(FileMapVA,StorePlace,StorePlaceRVA:LongInt; ArrayOfCallBacks:Pointer; NumberOfCallBacks:LongInt):boolean; stdcall; external 'TitanEngine.dll' name 'TLSBuildNewTable';
|
||||
function TLSBuildNewTableEx(szFileName,szSectionName:PAnsiChar; ArrayOfCallBacks:Pointer; NumberOfCallBacks:LongInt):boolean; stdcall; external 'TitanEngine.dll' name 'TLSBuildNewTableEx';
|
||||
{TitanEngine.TranslateName.functions}
|
||||
function TranslateNativeName(szNativeName:PAnsiChar):PAnsiChar; stdcall; external 'TitanEngine.dll' name 'TranslateNativeName';
|
||||
{TitanEngine.Handler.functions}
|
||||
function HandlerGetActiveHandleCount(ProcessId:LongInt):LongInt; stdcall; external 'TitanEngine.dll' name 'HandlerGetActiveHandleCount';
|
||||
function HandlerIsHandleOpen(ProcessId:LongInt; hHandle:THandle):boolean; stdcall; external 'TitanEngine.dll' name 'HandlerIsHandleOpen';
|
||||
function HandlerGetHandleName(hProcess:THandle; ProcessId:LongInt; hHandle:THandle; TranslateName:boolean):PAnsiChar; stdcall; external 'TitanEngine.dll' name 'HandlerGetHandleName';
|
||||
function HandlerEnumerateOpenHandles(ProcessId:LongInt; HandleBuffer:Pointer; MaxHandleCount:LongInt):LongInt; stdcall; external 'TitanEngine.dll' name 'HandlerEnumerateOpenHandles';
|
||||
function HandlerGetHandleDetails(hProcess:THandle; ProcessId:LongInt; hHandle:THandle; InformationReturn:LongInt):LongInt; stdcall; external 'TitanEngine.dll' name 'HandlerGetHandleDetails';
|
||||
function HandlerCloseRemoteHandle(ProcessId:LongInt; hHandle:THandle):boolean; stdcall; external 'TitanEngine.dll' name 'HandlerCloseRemoteHandle';
|
||||
function HandlerEnumerateLockHandles(szFileOrFolderName:PAnsiChar; NameIsFolder,NameIsTranslated:boolean; HandleDataBuffer:Pointer; MaxHandleCount:LongInt):LongInt; stdcall; external 'TitanEngine.dll' name 'HandlerEnumerateLockHandles';
|
||||
function HandlerCloseAllLockHandles(szFileOrFolderName:PAnsiChar; NameIsFolder,NameIsTranslated:boolean):boolean; stdcall; external 'TitanEngine.dll' name 'HandlerCloseAllLockHandles';
|
||||
function HandlerIsFileLocked(szFileOrFolderName:PAnsiChar; NameIsFolder,NameIsTranslated:boolean):boolean; stdcall; external 'TitanEngine.dll' name 'HandlerIsFileLocked';
|
||||
function HandlerEnumerateOpenMutexes(hProcess:THandle; ProcessId:LongInt; HandleBuffer:Pointer; MaxHandleCount:LongInt):LongInt; stdcall; external 'TitanEngine.dll' name 'HandlerEnumerateOpenMutexes';
|
||||
function HandlerGetOpenMutexHandle(hProcess:THandle; ProcessId:LongInt; szMutexString:PAnsiChar):LongInt; stdcall; external 'TitanEngine.dll' name 'HandlerGetOpenMutexHandle';
|
||||
function HandlerGetProcessIdWhichCreatedMutex(szMutexString:PAnsiChar):LongInt; stdcall; external 'TitanEngine.dll' name 'HandlerGetProcessIdWhichCreatedMutex';
|
||||
{TitanEngine.Injector.functions}
|
||||
function RemoteLoadLibrary(hProcess:THandle; szLibraryFile:PAnsiChar; WaitForThreadExit:boolean):boolean; stdcall; external 'TitanEngine.dll' name 'RemoteLoadLibrary';
|
||||
function RemoteFreeLibrary(hProcess:THandle; hModule:LongInt; szLibraryFile:PAnsiChar; WaitForThreadExit:boolean):boolean; stdcall; external 'TitanEngine.dll' name 'RemoteFreeLibrary';
|
||||
function RemoteExitProcess(hProcess:THandle; ExitCode:LongInt):boolean; stdcall; external 'TitanEngine.dll' name 'RemoteExitProcess';
|
||||
{TitanEngine.StaticUnpacker.functions}
|
||||
function StaticFileLoad(szFileName:PAnsiChar; DesiredAccess:LongInt; SimulateLoad:boolean; FileHandle,LoadedSize,FileMap,FileMapVA:Pointer):boolean; stdcall; external 'TitanEngine.dll' name 'StaticFileLoad';
|
||||
function StaticFileUnload(szFileName:PAnsiChar; CommitChanges:boolean; FileHandle,LoadedSize,FileMap,FileMapVA:LongInt):boolean; stdcall; external 'TitanEngine.dll' name 'StaticFileUnload';
|
||||
function StaticFileOpen(szFileName:PAnsiChar; DesiredAccess:LongInt; FileHandle,FileSizeLow,FileSizeHigh:Pointer):boolean; stdcall; external 'TitanEngine.dll' name 'StaticFileOpen';
|
||||
function StaticFileGetContent(FileHandle:THandle; FilePositionLow:LongInt; FilePositionHigh,Buffer:Pointer; Size:LongInt):boolean; stdcall; external 'TitanEngine.dll' name 'StaticFileGetContent';
|
||||
procedure StaticFileClose(FileHandle:THandle); stdcall; external 'TitanEngine.dll' name 'StaticFileClose';
|
||||
procedure StaticMemoryDecrypt(MemoryStart,MemorySize,DecryptionType,DecryptionKeySize,DecryptionKey:LongInt); stdcall; external 'TitanEngine.dll' name 'StaticMemoryDecrypt';
|
||||
procedure StaticMemoryDecryptEx(MemoryStart,MemorySize,DecryptionKeySize:LongInt; DecryptionCallBack:Pointer); stdcall; external 'TitanEngine.dll' name 'StaticMemoryDecryptEx';
|
||||
procedure StaticMemoryDecryptSpecial(MemoryStart,MemorySize,DecryptionKeySize,SpecDecryptionType:LongInt; DecryptionCallBack:Pointer); stdcall; external 'TitanEngine.dll' name 'StaticMemoryDecryptSpecial';
|
||||
procedure StaticSectionDecrypt(FileMapVA,SectionNumber:LongInt; SimulateLoad:boolean; DecryptionType,DecryptionKeySize,DecryptionKey:LongInt); stdcall; external 'TitanEngine.dll' name 'StaticSectionDecrypt';
|
||||
function StaticMemoryDecompress(Source,SourceSize,Destination,DestinationSize,Algorithm:LongInt):boolean; stdcall; external 'TitanEngine.dll' name 'StaticMemoryDecompress';
|
||||
function StaticRawMemoryCopy(hFile:THandle; FileMapVA,VitualAddressToCopy,Size:LongInt; AddressIsRVA:boolean; szDumpFileName:PAnsiChar):boolean; stdcall; external 'TitanEngine.dll' name 'StaticRawMemoryCopy';
|
||||
function StaticHashMemory(MemoryToHash:Pointer; SizeOfMemory:LongInt; HashDigest:Pointer; OutputString:boolean; Algorithm:LongInt):boolean; stdcall; external 'TitanEngine.dll' name 'StaticHashMemory';
|
||||
function StaticHashFile(szFileName,HashDigest:PAnsiChar; OutputString:boolean; Algorithm:LongInt):boolean; stdcall; external 'TitanEngine.dll' name 'StaticHashFile';
|
||||
{TitanEngine.Engine.functions}
|
||||
procedure SetEngineVariable(VariableId:LongInt; VariableSet:boolean); stdcall; external 'TitanEngine.dll' name 'SetEngineVariable';
|
||||
function EngineCreateMissingDependencies(szFileName,szOutputFolder:PAnsiChar; LogCreatedFiles:boolean):boolean; stdcall; external 'TitanEngine.dll' name 'EngineCreateMissingDependencies';
|
||||
function EngineFakeMissingDependencies(hProcess:THandle):boolean; stdcall; external 'TitanEngine.dll' name 'EngineCreateMissingDependencies';
|
||||
function EngineDeleteCreatedDependencies():boolean; stdcall; external 'TitanEngine.dll' name 'EngineDeleteCreatedDependencies';
|
||||
function EngineCreateUnpackerWindow(WindowUnpackerTitle,WindowUnpackerLongTitleWindowUnpackerName,WindowUnpackerAuthor:PChar; StartUnpackingCallBack:Pointer):boolean; stdcall; external 'TitanEngine.dll' name 'EngineCreateUnpackerWindow';
|
||||
procedure EngineAddUnpackerWindowLogMessage(szLogMessage:PChar); stdcall; external 'TitanEngine.dll' name 'EngineAddUnpackerWindowLogMessage';
|
||||
{TitanEngine.Extension.functions}
|
||||
function ExtensionManagerIsPluginLoaded(szPluginName:PAnsiChar):boolean; stdcall; external 'TitanEngine.dll' name 'ExtensionManagerIsPluginLoaded';
|
||||
function ExtensionManagerIsPluginEnabled(szPluginName:PAnsiChar):boolean; stdcall; external 'TitanEngine.dll' name 'ExtensionManagerIsPluginEnabled';
|
||||
function ExtensionManagerDisableAllPlugins():boolean; stdcall; external 'TitanEngine.dll' name 'ExtensionManagerDisableAllPlugins';
|
||||
function ExtensionManagerDisablePlugin(szPluginName:PAnsiChar):boolean; stdcall; external 'TitanEngine.dll' name 'ExtensionManagerDisablePlugin';
|
||||
function ExtensionManagerEnableAllPlugins():boolean; stdcall; external 'TitanEngine.dll' name 'ExtensionManagerEnableAllPlugins';
|
||||
function ExtensionManagerEnablePlugin(szPluginName:PAnsiChar):boolean; stdcall; external 'TitanEngine.dll' name 'ExtensionManagerEnablePlugin';
|
||||
function ExtensionManagerUnloadAllPlugins():boolean; stdcall; external 'TitanEngine.dll' name 'ExtensionManagerUnloadAllPlugins';
|
||||
function ExtensionManagerUnloadPlugin(szPluginName:PAnsiChar):boolean; stdcall; external 'TitanEngine.dll' name 'ExtensionManagerUnloadPlugin';
|
||||
function ExtensionManagerGetPluginInfo(szPluginName:PAnsiChar):Pointer; stdcall; external 'TitanEngine.dll' name 'ExtensionManagerGetPluginInfo';
|
||||
|
||||
implementation
|
||||
|
||||
end.
|
||||
File diff suppressed because it is too large
Load Diff
|
|
@ -1,826 +0,0 @@
|
|||
;--- include file created by h2incx v0.99.20 (copyright 2005-2009 japheth)
|
||||
;--- source file: C:\Users\Administrator\Desktop\h2incx\SDK.h, last modified: 3/8/2010 17:0
|
||||
;--- cmdline used for creation: -a -b -d3 -y sdk.h
|
||||
|
||||
include windows.inc
|
||||
includelib TitanEngine_x86.lib
|
||||
|
||||
UE_ACCESS_READ EQU 0
|
||||
UE_ACCESS_WRITE EQU 1
|
||||
UE_ACCESS_ALL EQU 2
|
||||
UE_HIDE_BASIC EQU 1
|
||||
UE_PLUGIN_CALL_REASON_PREDEBUG EQU 1
|
||||
UE_PLUGIN_CALL_REASON_EXCEPTION EQU 2
|
||||
UE_PLUGIN_CALL_REASON_POSTDEBUG EQU 3
|
||||
TEE_HOOK_NRM_JUMP EQU 1
|
||||
TEE_HOOK_NRM_CALL EQU 3
|
||||
TEE_HOOK_IAT EQU 5
|
||||
UE_ENGINE_ALOW_MODULE_LOADING EQU 1
|
||||
UE_ENGINE_AUTOFIX_FORWARDERS EQU 2
|
||||
UE_ENGINE_PASS_ALL_EXCEPTIONS EQU 3
|
||||
UE_ENGINE_NO_CONSOLE_WINDOW EQU 4
|
||||
UE_ENGINE_BACKUP_FOR_CRITICAL_FUNCTIONS EQU 5
|
||||
UE_ENGINE_CALL_PLUGIN_CALLBACK EQU 6
|
||||
UE_ENGINE_RESET_CUSTOM_HANDLER EQU 7
|
||||
UE_ENGINE_CALL_PLUGIN_DEBUG_CALLBACK EQU 8
|
||||
UE_ENGINE_SAFE_ATTACH EQU 10
|
||||
UE_ENGINE_SET_DEBUG_PRIVILEGE EQU 9
|
||||
UE_OPTION_REMOVEALL EQU 1
|
||||
UE_OPTION_DISABLEALL EQU 2
|
||||
UE_OPTION_REMOVEALLDISABLED EQU 3
|
||||
UE_OPTION_REMOVEALLENABLED EQU 4
|
||||
UE_STATIC_DECRYPTOR_XOR EQU 1
|
||||
UE_STATIC_DECRYPTOR_SUB EQU 2
|
||||
UE_STATIC_DECRYPTOR_ADD EQU 3
|
||||
UE_STATIC_DECRYPTOR_FOREWARD EQU 1
|
||||
UE_STATIC_DECRYPTOR_BACKWARD EQU 2
|
||||
UE_STATIC_KEY_SIZE_1 EQU 1
|
||||
UE_STATIC_KEY_SIZE_2 EQU 2
|
||||
UE_STATIC_KEY_SIZE_4 EQU 4
|
||||
UE_STATIC_KEY_SIZE_8 EQU 8
|
||||
UE_STATIC_APLIB EQU 1
|
||||
UE_STATIC_APLIB_DEPACK EQU 2
|
||||
UE_STATIC_LZMA EQU 3
|
||||
UE_STATIC_HASH_MD5 EQU 1
|
||||
UE_STATIC_HASH_SHA1 EQU 2
|
||||
UE_STATIC_HASH_CRC32 EQU 3
|
||||
UE_RESOURCE_LANGUAGE_ANY EQU - 1
|
||||
UE_PE_OFFSET EQU 0
|
||||
UE_IMAGEBASE EQU 1
|
||||
UE_OEP EQU 2
|
||||
UE_SIZEOFIMAGE EQU 3
|
||||
UE_SIZEOFHEADERS EQU 4
|
||||
UE_SIZEOFOPTIONALHEADER EQU 5
|
||||
UE_SECTIONALIGNMENT EQU 6
|
||||
UE_IMPORTTABLEADDRESS EQU 7
|
||||
UE_IMPORTTABLESIZE EQU 8
|
||||
UE_RESOURCETABLEADDRESS EQU 9
|
||||
UE_RESOURCETABLESIZE EQU 10
|
||||
UE_EXPORTTABLEADDRESS EQU 11
|
||||
UE_EXPORTTABLESIZE EQU 12
|
||||
UE_TLSTABLEADDRESS EQU 13
|
||||
UE_TLSTABLESIZE EQU 14
|
||||
UE_RELOCATIONTABLEADDRESS EQU 15
|
||||
UE_RELOCATIONTABLESIZE EQU 16
|
||||
UE_TIMEDATESTAMP EQU 17
|
||||
UE_SECTIONNUMBER EQU 18
|
||||
UE_CHECKSUM EQU 19
|
||||
UE_SUBSYSTEM EQU 20
|
||||
UE_CHARACTERISTICS EQU 21
|
||||
UE_NUMBEROFRVAANDSIZES EQU 22
|
||||
UE_SECTIONNAME EQU 23
|
||||
UE_SECTIONVIRTUALOFFSET EQU 24
|
||||
UE_SECTIONVIRTUALSIZE EQU 25
|
||||
UE_SECTIONRAWOFFSET EQU 26
|
||||
UE_SECTIONRAWSIZE EQU 27
|
||||
UE_SECTIONFLAGS EQU 28
|
||||
UE_CH_BREAKPOINT EQU 1
|
||||
UE_CH_SINGLESTEP EQU 2
|
||||
UE_CH_ACCESSVIOLATION EQU 3
|
||||
UE_CH_ILLEGALINSTRUCTION EQU 4
|
||||
UE_CH_NONCONTINUABLEEXCEPTION EQU 5
|
||||
UE_CH_ARRAYBOUNDSEXCEPTION EQU 6
|
||||
UE_CH_FLOATDENORMALOPERAND EQU 7
|
||||
UE_CH_FLOATDEVIDEBYZERO EQU 8
|
||||
UE_CH_INTEGERDEVIDEBYZERO EQU 9
|
||||
UE_CH_INTEGEROVERFLOW EQU 10
|
||||
UE_CH_PRIVILEGEDINSTRUCTION EQU 11
|
||||
UE_CH_PAGEGUARD EQU 12
|
||||
UE_CH_EVERYTHINGELSE EQU 13
|
||||
UE_CH_CREATETHREAD EQU 14
|
||||
UE_CH_EXITTHREAD EQU 15
|
||||
UE_CH_CREATEPROCESS EQU 16
|
||||
UE_CH_EXITPROCESS EQU 17
|
||||
UE_CH_LOADDLL EQU 18
|
||||
UE_CH_UNLOADDLL EQU 19
|
||||
UE_CH_OUTPUTDEBUGSTRING EQU 20
|
||||
UE_CH_AFTEREXCEPTIONPROCESSING EQU 21
|
||||
UE_CH_SYSTEMBREAKPOINT EQU 23
|
||||
UE_CH_UNHANDLEDEXCEPTION EQU 24
|
||||
UE_CH_RIPEVENT EQU 25
|
||||
UE_CH_DEBUGEVENT EQU 26
|
||||
|
||||
UE_OPTION_HANDLER_RETURN_HANDLECOUNT EQU 1
|
||||
UE_OPTION_HANDLER_RETURN_ACCESS EQU 2
|
||||
UE_OPTION_HANDLER_RETURN_FLAGS EQU 3
|
||||
UE_OPTION_HANDLER_RETURN_TYPENAME EQU 4
|
||||
UE_BREAKPOINT_INT3 EQU 1
|
||||
UE_BREAKPOINT_LONG_INT3 EQU 2
|
||||
UE_BREAKPOINT_UD2 EQU 3
|
||||
UE_BPXREMOVED EQU 0
|
||||
UE_BPXACTIVE EQU 1
|
||||
UE_BPXINACTIVE EQU 2
|
||||
UE_BREAKPOINT EQU 0
|
||||
UE_SINGLESHOOT EQU 1
|
||||
UE_HARDWARE EQU 2
|
||||
UE_MEMORY EQU 3
|
||||
UE_MEMORY_READ EQU 4
|
||||
UE_MEMORY_WRITE EQU 5
|
||||
UE_MEMORY_EXECUTE EQU 6
|
||||
UE_BREAKPOINT_TYPE_INT3 EQU 10000000h
|
||||
UE_BREAKPOINT_TYPE_LONG_INT3 EQU 20000000h
|
||||
UE_BREAKPOINT_TYPE_UD2 EQU 30000000h
|
||||
UE_HARDWARE_EXECUTE EQU 4
|
||||
UE_HARDWARE_WRITE EQU 5
|
||||
UE_HARDWARE_READWRITE EQU 6
|
||||
UE_HARDWARE_SIZE_1 EQU 7
|
||||
UE_HARDWARE_SIZE_2 EQU 8
|
||||
UE_HARDWARE_SIZE_4 EQU 9
|
||||
UE_ON_LIB_LOAD EQU 1
|
||||
UE_ON_LIB_UNLOAD EQU 2
|
||||
UE_ON_LIB_ALL EQU 3
|
||||
UE_APISTART EQU 0
|
||||
UE_APIEND EQU 1
|
||||
UE_PLATFORM_x86 EQU 1
|
||||
UE_PLATFORM_x64 EQU 2
|
||||
UE_PLATFORM_ALL EQU 3
|
||||
UE_FUNCTION_STDCALL EQU 1
|
||||
UE_FUNCTION_CCALL EQU 2
|
||||
UE_FUNCTION_FASTCALL EQU 3
|
||||
UE_FUNCTION_STDCALL_RET EQU 4
|
||||
UE_FUNCTION_CCALL_RET EQU 5
|
||||
UE_FUNCTION_FASTCALL_RET EQU 6
|
||||
UE_FUNCTION_STDCALL_CALL EQU 7
|
||||
UE_FUNCTION_CCALL_CALL EQU 8
|
||||
UE_FUNCTION_FASTCALL_CALL EQU 9
|
||||
UE_PARAMETER_BYTE EQU 0
|
||||
UE_PARAMETER_WORD EQU 1
|
||||
UE_PARAMETER_DWORD EQU 2
|
||||
UE_PARAMETER_QWORD EQU 3
|
||||
UE_PARAMETER_PTR_BYTE EQU 4
|
||||
UE_PARAMETER_PTR_WORD EQU 5
|
||||
UE_PARAMETER_PTR_DWORD EQU 6
|
||||
UE_PARAMETER_PTR_QWORD EQU 7
|
||||
UE_PARAMETER_STRING EQU 8
|
||||
UE_PARAMETER_UNICODE EQU 9
|
||||
UE_EAX EQU 1
|
||||
UE_EBX EQU 2
|
||||
UE_ECX EQU 3
|
||||
UE_EDX EQU 4
|
||||
UE_EDI EQU 5
|
||||
UE_ESI EQU 6
|
||||
UE_EBP EQU 7
|
||||
UE_ESP EQU 8
|
||||
UE_EIP EQU 9
|
||||
UE_EFLAGS EQU 10
|
||||
UE_DR0 EQU 11
|
||||
UE_DR1 EQU 12
|
||||
UE_DR2 EQU 13
|
||||
UE_DR3 EQU 14
|
||||
UE_DR6 EQU 15
|
||||
UE_DR7 EQU 16
|
||||
UE_RAX EQU 17
|
||||
UE_RBX EQU 18
|
||||
UE_RCX EQU 19
|
||||
UE_RDX EQU 20
|
||||
UE_RDI EQU 21
|
||||
UE_RSI EQU 22
|
||||
UE_RBP EQU 23
|
||||
UE_RSP EQU 24
|
||||
UE_RIP EQU 25
|
||||
UE_RFLAGS EQU 26
|
||||
UE_R8 EQU 27
|
||||
UE_R9 EQU 28
|
||||
UE_R10 EQU 29
|
||||
UE_R11 EQU 30
|
||||
UE_R12 EQU 31
|
||||
UE_R13 EQU 32
|
||||
UE_R14 EQU 33
|
||||
UE_R15 EQU 34
|
||||
UE_CIP EQU 35
|
||||
UE_CSP EQU 36
|
||||
UE_SEG_GS EQU 37
|
||||
UE_SEG_FS EQU 38
|
||||
UE_SEG_ES EQU 39
|
||||
UE_SEG_DS EQU 40
|
||||
UE_SEG_CS EQU 41
|
||||
UE_SEG_SS EQU 42
|
||||
ifndef @align
|
||||
@align equ <>
|
||||
endif
|
||||
PE32Struct struct @align
|
||||
PE32Offset DWORD ?
|
||||
ImageBase DWORD ?
|
||||
OriginalEntryPoint DWORD ?
|
||||
NtSizeOfImage DWORD ?
|
||||
NtSizeOfHeaders DWORD ?
|
||||
SizeOfOptionalHeaders WORD ?
|
||||
FileAlignment DWORD ?
|
||||
SectionAligment DWORD ?
|
||||
ImportTableAddress DWORD ?
|
||||
ImportTableSize DWORD ?
|
||||
ResourceTableAddress DWORD ?
|
||||
ResourceTableSize DWORD ?
|
||||
ExportTableAddress DWORD ?
|
||||
ExportTableSize DWORD ?
|
||||
TLSTableAddress DWORD ?
|
||||
TLSTableSize DWORD ?
|
||||
RelocationTableAddress DWORD ?
|
||||
RelocationTableSize DWORD ?
|
||||
TimeDateStamp DWORD ?
|
||||
SectionNumber WORD ?
|
||||
CheckSum DWORD ?
|
||||
SubSystem WORD ?
|
||||
Characteristics WORD ?
|
||||
NumberOfRvaAndSizes DWORD ?
|
||||
PE32Struct ends
|
||||
|
||||
PPE32Struct typedef ptr PE32Struct
|
||||
|
||||
ImportEnumData struct @align
|
||||
NewDll bool ?
|
||||
NumberOfImports DWORD ?
|
||||
ImageBase DWORD ?
|
||||
BaseImportThunk DWORD ?
|
||||
ImportThunk DWORD ?
|
||||
APIName DWORD ?
|
||||
DLLName DWORD ?
|
||||
ImportEnumData ends
|
||||
|
||||
PImportEnumData typedef ptr ImportEnumData
|
||||
|
||||
THREAD_ITEM_DATA struct @align
|
||||
hThread HANDLE ?
|
||||
dwThreadId DWORD ?
|
||||
ThreadStartAddress DWORD ?
|
||||
ThreadLocalBase DWORD ?
|
||||
THREAD_ITEM_DATA ends
|
||||
|
||||
PTHREAD_ITEM_DATA typedef ptr THREAD_ITEM_DATA
|
||||
|
||||
LIBRARY_ITEM_DATA struct @align
|
||||
hFile HANDLE ?
|
||||
BaseOfDll DWORD ?
|
||||
hFileMapping HANDLE ?
|
||||
hFileMappingView DWORD ?
|
||||
szLibraryPath SBYTE MAX_PATH dup (?)
|
||||
szLibraryName SBYTE MAX_PATH dup (?)
|
||||
LIBRARY_ITEM_DATA ends
|
||||
|
||||
PLIBRARY_ITEM_DATA typedef ptr LIBRARY_ITEM_DATA
|
||||
|
||||
LIBRARY_ITEM_DATAW struct @align
|
||||
hFile HANDLE ?
|
||||
BaseOfDll DWORD ?
|
||||
hFileMapping HANDLE ?
|
||||
hFileMappingView DWORD ?
|
||||
szLibraryPath WORD MAX_PATH dup (?)
|
||||
szLibraryName WORD MAX_PATH dup (?)
|
||||
LIBRARY_ITEM_DATAW ends
|
||||
|
||||
PLIBRARY_ITEM_DATAW typedef ptr LIBRARY_ITEM_DATAW
|
||||
|
||||
PROCESS_ITEM_DATA struct @align
|
||||
hProcess HANDLE ?
|
||||
dwProcessId DWORD ?
|
||||
hThread HANDLE ?
|
||||
dwThreadId DWORD ?
|
||||
hFile HANDLE ?
|
||||
BaseOfImage DWORD ?
|
||||
ThreadStartAddress DWORD ?
|
||||
ThreadLocalBase DWORD ?
|
||||
PROCESS_ITEM_DATA ends
|
||||
|
||||
PPROCESS_ITEM_DATA typedef ptr PROCESS_ITEM_DATA
|
||||
|
||||
HandlerArray struct @align
|
||||
ProcessId DWORD ?
|
||||
hHandle HANDLE ?
|
||||
HandlerArray ends
|
||||
|
||||
PHandlerArray typedef ptr HandlerArray
|
||||
|
||||
PluginInformation struct @align
|
||||
PluginName SBYTE 64 dup (?)
|
||||
PluginMajorVersion DWORD ?
|
||||
PluginMinorVersion DWORD ?
|
||||
PluginBaseAddress HMODULE ?
|
||||
TitanDebuggingCallBack DWORD ?
|
||||
TitanRegisterPlugin DWORD ?
|
||||
TitanReleasePlugin DWORD ?
|
||||
TitanResetPlugin DWORD ?
|
||||
PluginDisabled bool ?
|
||||
PluginInformation ends
|
||||
|
||||
PPluginInformation typedef ptr PluginInformation
|
||||
|
||||
TEE_MAXIMUM_HOOK_SIZE EQU 14
|
||||
TEE_MAXIMUM_HOOK_RELOCS EQU 7
|
||||
TEE_MAXIMUM_HOOK_INSERT_SIZE EQU 5
|
||||
|
||||
HOOK_ENTRY struct @align
|
||||
IATHook bool ?
|
||||
HookType BYTE ?
|
||||
HookSize DWORD ?
|
||||
HookAddress DWORD ?
|
||||
RedirectionAddress DWORD ?
|
||||
HookBytes BYTE TEE_MAXIMUM_HOOK_SIZE dup (?)
|
||||
OriginalBytes BYTE TEE_MAXIMUM_HOOK_SIZE dup (?)
|
||||
IATHookModuleBase DWORD ?
|
||||
IATHookNameHash DWORD ?
|
||||
HookIsEnabled bool ?
|
||||
HookIsRemote bool ?
|
||||
PatchedEntry DWORD ?
|
||||
RelocationInfo DWORD TEE_MAXIMUM_HOOK_RELOCS dup (?)
|
||||
RelocationCount DWORD ?
|
||||
HOOK_ENTRY ends
|
||||
|
||||
PHOOK_ENTRY typedef ptr HOOK_ENTRY
|
||||
|
||||
UE_DEPTH_SURFACE EQU 0
|
||||
UE_DEPTH_DEEP EQU 1
|
||||
UE_UNPACKER_CONDITION_SEARCH_FROM_EP EQU 1
|
||||
UE_UNPACKER_CONDITION_LOADLIBRARY EQU 1
|
||||
UE_UNPACKER_CONDITION_GETPROCADDRESS EQU 2
|
||||
UE_UNPACKER_CONDITION_ENTRYPOINTBREAK EQU 3
|
||||
UE_UNPACKER_CONDITION_RELOCSNAPSHOT1 EQU 4
|
||||
UE_UNPACKER_CONDITION_RELOCSNAPSHOT2 EQU 5
|
||||
UE_FIELD_OK EQU 0
|
||||
UE_FIELD_BROKEN_NON_FIXABLE EQU 1
|
||||
UE_FIELD_BROKEN_NON_CRITICAL EQU 2
|
||||
UE_FIELD_BROKEN_FIXABLE_FOR_STATIC_USE EQU 3
|
||||
UE_FIELD_BROKEN_BUT_CAN_BE_EMULATED EQU 4
|
||||
UE_FIELD_FIXABLE_NON_CRITICAL EQU 5
|
||||
UE_FIELD_FIXABLE_CRITICAL EQU 6
|
||||
UE_FIELD_NOT_PRESET EQU 7
|
||||
UE_FIELD_NOT_PRESET_WARNING EQU 8
|
||||
UE_RESULT_FILE_OK EQU 10
|
||||
UE_RESULT_FILE_INVALID_BUT_FIXABLE EQU 11
|
||||
UE_RESULT_FILE_INVALID_AND_NON_FIXABLE EQU 12
|
||||
UE_RESULT_FILE_INVALID_FORMAT EQU 13
|
||||
FILE_STATUS_INFO struct @align
|
||||
OveralEvaluation BYTE ?
|
||||
EvaluationTerminatedByException bool ?
|
||||
FileIs64Bit bool ?
|
||||
FileIsDLL bool ?
|
||||
FileIsConsole bool ?
|
||||
MissingDependencies bool ?
|
||||
MissingDeclaredAPIs bool ?
|
||||
SignatureMZ BYTE ?
|
||||
SignaturePE BYTE ?
|
||||
EntryPoint BYTE ?
|
||||
ImageBase BYTE ?
|
||||
SizeOfImage BYTE ?
|
||||
FileAlignment BYTE ?
|
||||
SectionAlignment BYTE ?
|
||||
ExportTable BYTE ?
|
||||
RelocationTable BYTE ?
|
||||
ImportTable BYTE ?
|
||||
ImportTableSection BYTE ?
|
||||
ImportTableData BYTE ?
|
||||
IATTable BYTE ?
|
||||
TLSTable BYTE ?
|
||||
LoadConfigTable BYTE ?
|
||||
BoundImportTable BYTE ?
|
||||
COMHeaderTable BYTE ?
|
||||
ResourceTable BYTE ?
|
||||
ResourceData BYTE ?
|
||||
SectionTable BYTE ?
|
||||
FILE_STATUS_INFO ends
|
||||
|
||||
PFILE_STATUS_INFO typedef ptr FILE_STATUS_INFO
|
||||
|
||||
FILE_FIX_INFO struct @align
|
||||
OveralEvaluation BYTE ?
|
||||
FixingTerminatedByException bool ?
|
||||
FileFixPerformed bool ?
|
||||
StrippedRelocation bool ?
|
||||
DontFixRelocations bool ?
|
||||
OriginalRelocationTableAddress DWORD ?
|
||||
OriginalRelocationTableSize DWORD ?
|
||||
StrippedExports bool ?
|
||||
DontFixExports bool ?
|
||||
OriginalExportTableAddress DWORD ?
|
||||
OriginalExportTableSize DWORD ?
|
||||
StrippedResources bool ?
|
||||
DontFixResources bool ?
|
||||
OriginalResourceTableAddress DWORD ?
|
||||
OriginalResourceTableSize DWORD ?
|
||||
StrippedTLS bool ?
|
||||
DontFixTLS bool ?
|
||||
OriginalTLSTableAddress DWORD ?
|
||||
OriginalTLSTableSize DWORD ?
|
||||
StrippedLoadConfig bool ?
|
||||
DontFixLoadConfig bool ?
|
||||
OriginalLoadConfigTableAddress DWORD ?
|
||||
OriginalLoadConfigTableSize DWORD ?
|
||||
StrippedBoundImports bool ?
|
||||
DontFixBoundImports bool ?
|
||||
OriginalBoundImportTableAddress DWORD ?
|
||||
OriginalBoundImportTableSize DWORD ?
|
||||
StrippedIAT bool ?
|
||||
DontFixIAT bool ?
|
||||
OriginalImportAddressTableAddress DWORD ?
|
||||
OriginalImportAddressTableSize DWORD ?
|
||||
StrippedCOM bool ?
|
||||
DontFixCOM bool ?
|
||||
OriginalCOMTableAddress DWORD ?
|
||||
OriginalCOMTableSize DWORD ?
|
||||
FILE_FIX_INFO ends
|
||||
|
||||
PFILE_FIX_INFO typedef ptr FILE_FIX_INFO
|
||||
|
||||
DumpProcess proto stdcall :HANDLE, :LPVOID, :ptr SBYTE, :DWORD
|
||||
DumpProcessW proto stdcall :HANDLE, :LPVOID, :ptr WORD, :DWORD
|
||||
DumpProcessEx proto stdcall :DWORD, :LPVOID, :ptr SBYTE, :DWORD
|
||||
DumpProcessExW proto stdcall :DWORD, :LPVOID, :ptr WORD, :DWORD
|
||||
DumpMemory proto stdcall :HANDLE, :LPVOID, :DWORD, :ptr SBYTE
|
||||
DumpMemoryW proto stdcall :HANDLE, :LPVOID, :DWORD, :ptr WORD
|
||||
DumpMemoryEx proto stdcall :DWORD, :LPVOID, :DWORD, :ptr SBYTE
|
||||
DumpMemoryExW proto stdcall :DWORD, :LPVOID, :DWORD, :ptr WORD
|
||||
DumpRegions proto stdcall :HANDLE, :ptr SBYTE, :bool
|
||||
DumpRegionsW proto stdcall :HANDLE, :ptr WORD, :bool
|
||||
DumpRegionsEx proto stdcall :DWORD, :ptr SBYTE, :bool
|
||||
DumpRegionsExW proto stdcall :DWORD, :ptr WORD, :bool
|
||||
DumpModule proto stdcall :HANDLE, :LPVOID, :ptr SBYTE
|
||||
DumpModuleW proto stdcall :HANDLE, :LPVOID, :ptr WORD
|
||||
DumpModuleEx proto stdcall :DWORD, :LPVOID, :ptr SBYTE
|
||||
DumpModuleExW proto stdcall :DWORD, :LPVOID, :ptr WORD
|
||||
PastePEHeader proto stdcall :HANDLE, :LPVOID, :ptr SBYTE
|
||||
PastePEHeaderW proto stdcall :HANDLE, :LPVOID, :ptr WORD
|
||||
ExtractSection proto stdcall :ptr SBYTE, :ptr SBYTE, :DWORD
|
||||
ExtractSectionW proto stdcall :ptr WORD, :ptr WORD, :DWORD
|
||||
ResortFileSections proto stdcall :ptr SBYTE
|
||||
ResortFileSectionsW proto stdcall :ptr WORD
|
||||
FindOverlay proto stdcall :ptr SBYTE, :LPDWORD, :LPDWORD
|
||||
FindOverlayW proto stdcall :ptr WORD, :LPDWORD, :LPDWORD
|
||||
ExtractOverlay proto stdcall :ptr SBYTE, :ptr SBYTE
|
||||
ExtractOverlayW proto stdcall :ptr WORD, :ptr WORD
|
||||
AddOverlay proto stdcall :ptr SBYTE, :ptr SBYTE
|
||||
AddOverlayW proto stdcall :ptr WORD, :ptr WORD
|
||||
CopyOverlay proto stdcall :ptr SBYTE, :ptr SBYTE
|
||||
CopyOverlayW proto stdcall :ptr WORD, :ptr WORD
|
||||
RemoveOverlay proto stdcall :ptr SBYTE
|
||||
RemoveOverlayW proto stdcall :ptr WORD
|
||||
MakeAllSectionsRWE proto stdcall :ptr SBYTE
|
||||
MakeAllSectionsRWEW proto stdcall :ptr WORD
|
||||
AddNewSectionEx proto stdcall :ptr SBYTE, :ptr SBYTE, :DWORD, :DWORD, :LPVOID, :DWORD
|
||||
AddNewSectionExW proto stdcall :ptr WORD, :ptr SBYTE, :DWORD, :DWORD, :LPVOID, :DWORD
|
||||
AddNewSection proto stdcall :ptr SBYTE, :ptr SBYTE, :DWORD
|
||||
AddNewSectionW proto stdcall :ptr WORD, :ptr SBYTE, :DWORD
|
||||
ResizeLastSection proto stdcall :ptr SBYTE, :DWORD, :bool
|
||||
ResizeLastSectionW proto stdcall :ptr WORD, :DWORD, :bool
|
||||
SetSharedOverlay proto stdcall :ptr SBYTE
|
||||
SetSharedOverlayW proto stdcall :ptr WORD
|
||||
GetSharedOverlay proto stdcall
|
||||
GetSharedOverlayW proto stdcall
|
||||
DeleteLastSection proto stdcall :ptr SBYTE
|
||||
DeleteLastSectionW proto stdcall :ptr WORD
|
||||
DeleteLastSectionEx proto stdcall :ptr SBYTE, :DWORD
|
||||
DeleteLastSectionExW proto stdcall :ptr WORD, :DWORD
|
||||
GetPE32DataFromMappedFile proto stdcall :DWORD, :DWORD, :DWORD
|
||||
GetPE32Data proto stdcall :ptr SBYTE, :DWORD, :DWORD
|
||||
GetPE32DataW proto stdcall :ptr WORD, :DWORD, :DWORD
|
||||
GetPE32DataFromMappedFileEx proto stdcall :DWORD, :LPVOID
|
||||
GetPE32DataEx proto stdcall :ptr SBYTE, :LPVOID
|
||||
GetPE32DataExW proto stdcall :ptr WORD, :LPVOID
|
||||
SetPE32DataForMappedFile proto stdcall :DWORD, :DWORD, :DWORD, :DWORD
|
||||
SetPE32Data proto stdcall :ptr SBYTE, :DWORD, :DWORD, :DWORD
|
||||
SetPE32DataW proto stdcall :ptr WORD, :DWORD, :DWORD, :DWORD
|
||||
SetPE32DataForMappedFileEx proto stdcall :DWORD, :LPVOID
|
||||
SetPE32DataEx proto stdcall :ptr SBYTE, :LPVOID
|
||||
GetPE32SectionNumberFromVA proto stdcall :DWORD, :DWORD
|
||||
ConvertVAtoFileOffset proto stdcall :DWORD, :DWORD, :bool
|
||||
ConvertVAtoFileOffsetEx proto stdcall :DWORD, :DWORD, :DWORD, :DWORD, :bool, :bool
|
||||
ConvertFileOffsetToVA proto stdcall :DWORD, :DWORD, :bool
|
||||
ConvertFileOffsetToVAEx proto stdcall :DWORD, :DWORD, :DWORD, :DWORD, :bool
|
||||
FixHeaderCheckSum proto stdcall :ptr SBYTE
|
||||
FixHeaderCheckSumW proto stdcall :ptr WORD
|
||||
RealignPE proto stdcall :DWORD, :DWORD, :DWORD
|
||||
RealignPEEx proto stdcall :ptr SBYTE, :DWORD, :DWORD
|
||||
RealignPEExW proto stdcall :ptr WORD, :DWORD, :DWORD
|
||||
WipeSection proto stdcall :ptr SBYTE, :DWORD, :bool
|
||||
WipeSectionW proto stdcall :ptr WORD, :DWORD, :bool
|
||||
IsPE32FileValidEx proto stdcall :ptr SBYTE, :DWORD, :LPVOID
|
||||
IsPE32FileValidExW proto stdcall :ptr WORD, :DWORD, :LPVOID
|
||||
FixBrokenPE32FileEx proto stdcall :ptr SBYTE, :LPVOID, :LPVOID
|
||||
FixBrokenPE32FileExW proto stdcall :ptr WORD, :LPVOID, :LPVOID
|
||||
IsFileDLL proto stdcall :ptr SBYTE, :DWORD
|
||||
IsFileDLLW proto stdcall :ptr WORD, :DWORD
|
||||
GetPEBLocation proto stdcall :HANDLE
|
||||
GetPEBLocation64 proto stdcall :HANDLE
|
||||
HideDebugger proto stdcall :HANDLE, :DWORD
|
||||
UnHideDebugger proto stdcall :HANDLE, :DWORD
|
||||
RelocaterCleanup proto stdcall
|
||||
RelocaterInit proto stdcall :DWORD, :DWORD, :DWORD
|
||||
RelocaterAddNewRelocation proto stdcall :HANDLE, :DWORD, :DWORD
|
||||
RelocaterEstimatedSize proto stdcall
|
||||
RelocaterExportRelocation proto stdcall :DWORD, :DWORD, :DWORD
|
||||
RelocaterExportRelocationEx proto stdcall :ptr SBYTE, :ptr SBYTE
|
||||
RelocaterExportRelocationExW proto stdcall :ptr WORD, :ptr SBYTE
|
||||
RelocaterGrabRelocationTable proto stdcall :HANDLE, :DWORD, :DWORD
|
||||
RelocaterGrabRelocationTableEx proto stdcall :HANDLE, :DWORD, :DWORD, :DWORD
|
||||
RelocaterMakeSnapshot proto stdcall :HANDLE, :ptr SBYTE, :LPVOID, :DWORD
|
||||
RelocaterMakeSnapshotW proto stdcall :HANDLE, :ptr WORD, :LPVOID, :DWORD
|
||||
RelocaterCompareTwoSnapshots proto stdcall :HANDLE, :DWORD, :DWORD, :ptr SBYTE, :ptr SBYTE, :DWORD
|
||||
RelocaterCompareTwoSnapshotsW proto stdcall :HANDLE, :DWORD, :DWORD, :ptr WORD, :ptr WORD, :DWORD
|
||||
RelocaterChangeFileBase proto stdcall :ptr SBYTE, :DWORD
|
||||
RelocaterChangeFileBaseW proto stdcall :ptr WORD, :DWORD
|
||||
RelocaterRelocateMemoryBlock proto stdcall :DWORD, :DWORD, :ptr , :DWORD, :DWORD, :DWORD
|
||||
RelocaterWipeRelocationTable proto stdcall :ptr SBYTE
|
||||
RelocaterWipeRelocationTableW proto stdcall :ptr WORD
|
||||
ResourcerLoadFileForResourceUse proto stdcall :ptr SBYTE
|
||||
ResourcerLoadFileForResourceUseW proto stdcall :ptr WORD
|
||||
ResourcerFreeLoadedFile proto stdcall :LPVOID
|
||||
ResourcerExtractResourceFromFileEx proto stdcall :DWORD, :ptr SBYTE, :ptr SBYTE, :ptr SBYTE
|
||||
ResourcerExtractResourceFromFile proto stdcall :ptr SBYTE, :ptr SBYTE, :ptr SBYTE, :ptr SBYTE
|
||||
ResourcerExtractResourceFromFileW proto stdcall :ptr WORD, :ptr SBYTE, :ptr SBYTE, :ptr SBYTE
|
||||
ResourcerFindResource proto stdcall :ptr SBYTE, :ptr SBYTE, :DWORD, :ptr SBYTE, :DWORD, :DWORD, :ptr DWORD, :LPDWORD
|
||||
ResourcerFindResourceW proto stdcall :ptr WORD, :ptr WORD, :DWORD, :ptr WORD, :DWORD, :DWORD, :ptr DWORD, :LPDWORD
|
||||
ResourcerFindResourceEx proto stdcall :DWORD, :DWORD, :ptr WORD, :DWORD, :ptr WORD, :DWORD, :DWORD, :ptr DWORD, :LPDWORD
|
||||
ResourcerEnumerateResource proto stdcall :ptr SBYTE, :ptr
|
||||
ResourcerEnumerateResourceW proto stdcall :ptr WORD, :ptr
|
||||
ResourcerEnumerateResourceEx proto stdcall :DWORD, :DWORD, :ptr
|
||||
ThreaderImportRunningThreadData proto stdcall :DWORD
|
||||
ThreaderGetThreadInfo proto stdcall :HANDLE, :DWORD
|
||||
ThreaderEnumThreadInfo proto stdcall :ptr
|
||||
ThreaderPauseThread proto stdcall :HANDLE
|
||||
ThreaderResumeThread proto stdcall :HANDLE
|
||||
ThreaderTerminateThread proto stdcall :HANDLE, :DWORD
|
||||
ThreaderPauseAllThreads proto stdcall :bool
|
||||
ThreaderResumeAllThreads proto stdcall :bool
|
||||
ThreaderPauseProcess proto stdcall
|
||||
ThreaderResumeProcess proto stdcall
|
||||
ThreaderCreateRemoteThread proto stdcall :DWORD, :bool, :LPVOID, :LPDWORD
|
||||
ThreaderInjectAndExecuteCode proto stdcall :LPVOID, :DWORD, :DWORD
|
||||
ThreaderCreateRemoteThreadEx proto stdcall :HANDLE, :DWORD, :bool, :LPVOID, :LPDWORD
|
||||
ThreaderInjectAndExecuteCodeEx proto stdcall :HANDLE, :LPVOID, :DWORD, :DWORD
|
||||
ThreaderSetCallBackForNextExitThreadEvent proto stdcall :LPVOID
|
||||
ThreaderIsThreadStillRunning proto stdcall :HANDLE
|
||||
ThreaderIsThreadActive proto stdcall :HANDLE
|
||||
ThreaderIsAnyThreadActive proto stdcall
|
||||
ThreaderExecuteOnlyInjectedThreads proto stdcall
|
||||
ThreaderGetOpenHandleForThread proto stdcall :DWORD
|
||||
ThreaderIsExceptionInMainThread proto stdcall
|
||||
StaticDisassembleEx proto stdcall :DWORD, :LPVOID
|
||||
StaticDisassemble proto stdcall :LPVOID
|
||||
DisassembleEx proto stdcall :HANDLE, :LPVOID
|
||||
Disassemble proto stdcall :LPVOID
|
||||
StaticLengthDisassemble proto stdcall :LPVOID
|
||||
LengthDisassembleEx proto stdcall :HANDLE, :LPVOID
|
||||
LengthDisassemble proto stdcall :LPVOID
|
||||
InitDebug proto stdcall :ptr SBYTE, :ptr SBYTE, :ptr SBYTE
|
||||
InitDebugW proto stdcall :ptr WORD, :ptr WORD, :ptr WORD
|
||||
InitNativeDebug proto stdcall :ptr SBYTE, :ptr SBYTE, :ptr SBYTE
|
||||
InitNativeDebugW proto stdcall :ptr WORD, :ptr WORD, :ptr WORD
|
||||
InitDebugEx proto stdcall :ptr SBYTE, :ptr SBYTE, :ptr SBYTE, :LPVOID
|
||||
InitDebugExW proto stdcall :ptr WORD, :ptr WORD, :ptr WORD, :LPVOID
|
||||
InitDLLDebug proto stdcall :ptr SBYTE, :bool, :ptr SBYTE, :ptr SBYTE, :LPVOID
|
||||
InitDLLDebugW proto stdcall :ptr WORD, :bool, :ptr WORD, :ptr WORD, :LPVOID
|
||||
StopDebug proto stdcall
|
||||
SetBPXOptions proto stdcall :SDWORD
|
||||
IsBPXEnabled proto stdcall :DWORD
|
||||
EnableBPX proto stdcall :DWORD
|
||||
DisableBPX proto stdcall :DWORD
|
||||
SetBPX proto stdcall :DWORD, :DWORD, :LPVOID
|
||||
DeleteBPX proto stdcall :DWORD
|
||||
SafeDeleteBPX proto stdcall :DWORD
|
||||
SetAPIBreakPoint proto stdcall :ptr SBYTE, :ptr SBYTE, :DWORD, :DWORD, :LPVOID
|
||||
DeleteAPIBreakPoint proto stdcall :ptr SBYTE, :ptr SBYTE, :DWORD
|
||||
SafeDeleteAPIBreakPoint proto stdcall :ptr SBYTE, :ptr SBYTE, :DWORD
|
||||
SetMemoryBPX proto stdcall :DWORD, :DWORD, :LPVOID
|
||||
SetMemoryBPXEx proto stdcall :DWORD, :DWORD, :DWORD, :bool, :LPVOID
|
||||
RemoveMemoryBPX proto stdcall :DWORD, :DWORD
|
||||
GetContextFPUDataEx proto stdcall :HANDLE, :ptr
|
||||
GetContextDataEx proto stdcall :HANDLE, :DWORD
|
||||
GetContextData proto stdcall :DWORD
|
||||
SetContextFPUDataEx proto stdcall :HANDLE, :ptr
|
||||
SetContextDataEx proto stdcall :HANDLE, :DWORD, :DWORD
|
||||
SetContextData proto stdcall :DWORD, :DWORD
|
||||
ClearExceptionNumber proto stdcall
|
||||
CurrentExceptionNumber proto stdcall
|
||||
MatchPatternEx proto stdcall :HANDLE, :ptr , :DWORD, :ptr , :DWORD, :PBYTE
|
||||
MatchPattern proto stdcall :ptr , :DWORD, :ptr , :DWORD, :PBYTE
|
||||
FindEx proto stdcall :HANDLE, :LPVOID, :DWORD, :LPVOID, :DWORD, :LPBYTE
|
||||
Find proto stdcall :LPVOID, :DWORD, :LPVOID, :DWORD, :LPBYTE
|
||||
FillEx proto stdcall :HANDLE, :LPVOID, :DWORD, :PBYTE
|
||||
Fill proto stdcall :LPVOID, :DWORD, :PBYTE
|
||||
PatchEx proto stdcall :HANDLE, :LPVOID, :DWORD, :LPVOID, :DWORD, :bool, :bool
|
||||
Patch proto stdcall :LPVOID, :DWORD, :LPVOID, :DWORD, :bool, :bool
|
||||
ReplaceEx proto stdcall :HANDLE, :LPVOID, :DWORD, :LPVOID, :DWORD, :DWORD, :LPVOID, :DWORD, :PBYTE
|
||||
Replace proto stdcall :LPVOID, :DWORD, :LPVOID, :DWORD, :DWORD, :LPVOID, :DWORD, :PBYTE
|
||||
GetDebugData proto stdcall
|
||||
GetTerminationData proto stdcall
|
||||
GetExitCode proto stdcall
|
||||
GetDebuggedDLLBaseAddress proto stdcall
|
||||
GetDebuggedFileBaseAddress proto stdcall
|
||||
GetRemoteString proto stdcall :HANDLE, :LPVOID, :LPVOID, :DWORD
|
||||
GetFunctionParameter proto stdcall :HANDLE, :DWORD, :DWORD, :DWORD
|
||||
GetJumpDestinationEx proto stdcall :HANDLE, :DWORD, :bool
|
||||
GetJumpDestination proto stdcall :HANDLE, :DWORD
|
||||
IsJumpGoingToExecuteEx proto stdcall :HANDLE, :HANDLE, :DWORD, :DWORD
|
||||
IsJumpGoingToExecute proto stdcall
|
||||
SetCustomHandler proto stdcall :DWORD, :LPVOID
|
||||
ForceClose proto stdcall
|
||||
StepInto proto stdcall :LPVOID
|
||||
StepOver proto stdcall :LPVOID
|
||||
SingleStep proto stdcall :DWORD, :LPVOID
|
||||
GetUnusedHardwareBreakPointRegister proto stdcall :LPDWORD
|
||||
SetHardwareBreakPointEx proto stdcall :HANDLE, :DWORD, :DWORD, :DWORD, :DWORD, :LPVOID, :LPDWORD
|
||||
SetHardwareBreakPoint proto stdcall :DWORD, :DWORD, :DWORD, :DWORD, :LPVOID
|
||||
DeleteHardwareBreakPoint proto stdcall :DWORD
|
||||
RemoveAllBreakPoints proto stdcall :DWORD
|
||||
GetProcessInformation proto stdcall
|
||||
GetStartupInformation proto stdcall
|
||||
DebugLoop proto stdcall
|
||||
SetDebugLoopTimeOut proto stdcall :DWORD
|
||||
SetNextDbgContinueStatus proto stdcall :DWORD
|
||||
AttachDebugger proto stdcall :DWORD, :bool, :LPVOID, :LPVOID
|
||||
DetachDebugger proto stdcall :DWORD
|
||||
DetachDebuggerEx proto stdcall :DWORD
|
||||
DebugLoopEx proto stdcall :DWORD
|
||||
AutoDebugEx proto stdcall :ptr SBYTE, :bool, :ptr SBYTE, :ptr SBYTE, :DWORD, :LPVOID
|
||||
AutoDebugExW proto stdcall :ptr WORD, :bool, :ptr WORD, :ptr WORD, :DWORD, :LPVOID
|
||||
IsFileBeingDebugged proto stdcall
|
||||
SetErrorModel proto stdcall :bool
|
||||
FindOEPInit proto stdcall
|
||||
FindOEPGenerically proto stdcall :ptr SBYTE, :LPVOID, :LPVOID
|
||||
FindOEPGenericallyW proto stdcall :ptr WORD, :LPVOID, :LPVOID
|
||||
ImporterCleanup proto stdcall
|
||||
ImporterSetImageBase proto stdcall :DWORD
|
||||
ImporterSetUnknownDelta proto stdcall :DWORD
|
||||
ImporterGetCurrentDelta proto stdcall
|
||||
ImporterInit proto stdcall :DWORD, :DWORD
|
||||
ImporterAddNewDll proto stdcall :ptr SBYTE, :DWORD
|
||||
ImporterAddNewAPI proto stdcall :ptr SBYTE, :DWORD
|
||||
ImporterAddNewOrdinalAPI proto stdcall :DWORD, :DWORD
|
||||
ImporterGetAddedDllCount proto stdcall
|
||||
ImporterGetAddedAPICount proto stdcall
|
||||
ImporterGetLastAddedDLLName proto stdcall
|
||||
ImporterMoveIAT proto stdcall
|
||||
ImporterExportIAT proto stdcall :DWORD, :DWORD
|
||||
ImporterEstimatedSize proto stdcall
|
||||
ImporterExportIATEx proto stdcall :ptr SBYTE, :ptr SBYTE
|
||||
ImporterExportIATExW proto stdcall :ptr WORD, :ptr SBYTE
|
||||
ImporterFindAPIWriteLocation proto stdcall :ptr SBYTE
|
||||
ImporterFindOrdinalAPIWriteLocation proto stdcall :DWORD
|
||||
ImporterFindAPIByWriteLocation proto stdcall :DWORD
|
||||
ImporterFindDLLByWriteLocation proto stdcall :DWORD
|
||||
ImporterGetDLLName proto stdcall :DWORD
|
||||
ImporterGetAPIName proto stdcall :DWORD
|
||||
ImporterGetAPIOrdinalNumber proto stdcall :DWORD
|
||||
ImporterGetAPINameEx proto stdcall :DWORD, :DWORD
|
||||
ImporterGetRemoteAPIAddress proto stdcall :HANDLE, :DWORD
|
||||
ImporterGetRemoteAPIAddressEx proto stdcall :ptr SBYTE, :ptr SBYTE
|
||||
ImporterGetLocalAPIAddress proto stdcall :HANDLE, :DWORD
|
||||
ImporterGetDLLNameFromDebugee proto stdcall :HANDLE, :DWORD
|
||||
ImporterGetAPINameFromDebugee proto stdcall :HANDLE, :DWORD
|
||||
ImporterGetAPIOrdinalNumberFromDebugee proto stdcall :HANDLE, :DWORD
|
||||
ImporterGetDLLIndexEx proto stdcall :DWORD, :DWORD
|
||||
ImporterGetDLLIndex proto stdcall :HANDLE, :DWORD, :DWORD
|
||||
ImporterGetRemoteDLLBase proto stdcall :HANDLE, :HMODULE
|
||||
ImporterRelocateWriteLocation proto stdcall :DWORD
|
||||
ImporterIsForwardedAPI proto stdcall :HANDLE, :DWORD
|
||||
ImporterGetForwardedAPIName proto stdcall :HANDLE, :DWORD
|
||||
ImporterGetForwardedDLLName proto stdcall :HANDLE, :DWORD
|
||||
ImporterGetForwardedDLLIndex proto stdcall :HANDLE, :DWORD, :DWORD
|
||||
ImporterGetForwardedAPIOrdinalNumber proto stdcall :HANDLE, :DWORD
|
||||
ImporterGetNearestAPIAddress proto stdcall :HANDLE, :DWORD
|
||||
ImporterGetNearestAPIName proto stdcall :HANDLE, :DWORD
|
||||
ImporterCopyOriginalIAT proto stdcall :ptr SBYTE, :ptr SBYTE
|
||||
ImporterCopyOriginalIATW proto stdcall :ptr WORD, :ptr WORD
|
||||
ImporterLoadImportTable proto stdcall :ptr SBYTE
|
||||
ImporterLoadImportTableW proto stdcall :ptr WORD
|
||||
ImporterMoveOriginalIAT proto stdcall :ptr SBYTE, :ptr SBYTE, :ptr SBYTE
|
||||
ImporterMoveOriginalIATW proto stdcall :ptr WORD, :ptr WORD, :ptr SBYTE
|
||||
ImporterAutoSearchIAT proto stdcall :HANDLE, :ptr SBYTE, :DWORD, :DWORD, :DWORD, :LPVOID, :LPVOID
|
||||
ImporterAutoSearchIATW proto stdcall :HANDLE, :ptr WORD, :DWORD, :DWORD, :DWORD, :LPVOID, :LPVOID
|
||||
ImporterAutoSearchIATEx proto stdcall :HANDLE, :DWORD, :DWORD, :DWORD, :LPVOID, :LPVOID
|
||||
ImporterEnumAddedData proto stdcall :LPVOID
|
||||
ImporterAutoFixIATEx proto stdcall :HANDLE, :ptr SBYTE, :ptr SBYTE, :bool, :bool, :DWORD, :DWORD, :DWORD, :DWORD, :DWORD, :bool, :bool, :LPVOID
|
||||
ImporterAutoFixIATExW proto stdcall :HANDLE, :ptr WORD, :ptr SBYTE, :bool, :bool, :DWORD, :DWORD, :DWORD, :DWORD, :DWORD, :bool, :bool, :LPVOID
|
||||
ImporterAutoFixIAT proto stdcall :HANDLE, :ptr SBYTE, :DWORD, :DWORD, :DWORD, :DWORD
|
||||
ImporterAutoFixIATW proto stdcall :HANDLE, :ptr WORD, :DWORD, :DWORD, :DWORD, :DWORD
|
||||
HooksSafeTransitionEx proto stdcall :LPVOID, :DWORD, :bool
|
||||
HooksSafeTransition proto stdcall :LPVOID, :bool
|
||||
HooksIsAddressRedirected proto stdcall :LPVOID
|
||||
HooksGetTrampolineAddress proto stdcall :LPVOID
|
||||
HooksGetHookEntryDetails proto stdcall :LPVOID
|
||||
HooksInsertNewRedirection proto stdcall :LPVOID, :LPVOID, :DWORD
|
||||
HooksInsertNewIATRedirectionEx proto stdcall :DWORD, :DWORD, :ptr SBYTE, :LPVOID
|
||||
HooksInsertNewIATRedirection proto stdcall :ptr SBYTE, :ptr SBYTE, :LPVOID
|
||||
HooksRemoveRedirection proto stdcall :LPVOID, :bool
|
||||
HooksRemoveRedirectionsForModule proto stdcall :HMODULE
|
||||
HooksRemoveIATRedirection proto stdcall :ptr SBYTE, :ptr SBYTE, :bool
|
||||
HooksDisableRedirection proto stdcall :LPVOID, :bool
|
||||
HooksDisableRedirectionsForModule proto stdcall :HMODULE
|
||||
HooksDisableIATRedirection proto stdcall :ptr SBYTE, :ptr SBYTE, :bool
|
||||
HooksEnableRedirection proto stdcall :LPVOID, :bool
|
||||
HooksEnableRedirectionsForModule proto stdcall :HMODULE
|
||||
HooksEnableIATRedirection proto stdcall :ptr SBYTE, :ptr SBYTE, :bool
|
||||
HooksScanModuleMemory proto stdcall :HMODULE, :LPVOID
|
||||
HooksScanEntireProcessMemory proto stdcall :LPVOID
|
||||
HooksScanEntireProcessMemoryEx proto stdcall
|
||||
TracerInit proto stdcall
|
||||
TracerLevel1 proto stdcall :HANDLE, :DWORD
|
||||
HashTracerLevel1 proto stdcall :HANDLE, :DWORD, :DWORD
|
||||
TracerDetectRedirection proto stdcall :HANDLE, :DWORD
|
||||
TracerFixKnownRedirection proto stdcall :HANDLE, :DWORD, :DWORD
|
||||
TracerFixRedirectionViaImpRecPlugin proto stdcall :HANDLE, :ptr SBYTE, :DWORD
|
||||
ExporterCleanup proto stdcall
|
||||
ExporterSetImageBase proto stdcall :DWORD
|
||||
ExporterInit proto stdcall :DWORD, :DWORD, :DWORD, :ptr SBYTE
|
||||
ExporterAddNewExport proto stdcall :ptr SBYTE, :DWORD
|
||||
ExporterAddNewOrdinalExport proto stdcall :DWORD, :DWORD
|
||||
ExporterGetAddedExportCount proto stdcall
|
||||
ExporterEstimatedSize proto stdcall
|
||||
ExporterBuildExportTable proto stdcall :DWORD, :DWORD
|
||||
ExporterBuildExportTableEx proto stdcall :ptr SBYTE, :ptr SBYTE
|
||||
ExporterBuildExportTableExW proto stdcall :ptr WORD, :ptr SBYTE
|
||||
ExporterLoadExportTable proto stdcall :ptr SBYTE
|
||||
ExporterLoadExportTableW proto stdcall :ptr WORD
|
||||
LibrarianSetBreakPoint proto stdcall :ptr SBYTE, :DWORD, :bool, :LPVOID
|
||||
LibrarianRemoveBreakPoint proto stdcall :ptr SBYTE, :DWORD
|
||||
LibrarianGetLibraryInfo proto stdcall :ptr SBYTE
|
||||
LibrarianGetLibraryInfoW proto stdcall :ptr WORD
|
||||
LibrarianGetLibraryInfoEx proto stdcall :ptr
|
||||
LibrarianGetLibraryInfoExW proto stdcall :ptr
|
||||
LibrarianEnumLibraryInfo proto stdcall :ptr
|
||||
LibrarianEnumLibraryInfoW proto stdcall :ptr
|
||||
GetActiveProcessId proto stdcall :ptr SBYTE
|
||||
GetActiveProcessIdW proto stdcall :ptr WORD
|
||||
EnumProcessesWithLibrary proto stdcall :ptr SBYTE, :ptr
|
||||
TLSBreakOnCallBack proto stdcall :LPVOID, :DWORD, :LPVOID
|
||||
TLSGrabCallBackData proto stdcall :ptr SBYTE, :LPVOID, :LPDWORD
|
||||
TLSGrabCallBackDataW proto stdcall :ptr WORD, :LPVOID, :LPDWORD
|
||||
TLSBreakOnCallBackEx proto stdcall :ptr SBYTE, :LPVOID
|
||||
TLSBreakOnCallBackExW proto stdcall :ptr WORD, :LPVOID
|
||||
TLSRemoveCallback proto stdcall :ptr SBYTE
|
||||
TLSRemoveCallbackW proto stdcall :ptr WORD
|
||||
TLSRemoveTable proto stdcall :ptr SBYTE
|
||||
TLSRemoveTableW proto stdcall :ptr WORD
|
||||
TLSBackupData proto stdcall :ptr SBYTE
|
||||
TLSBackupDataW proto stdcall :ptr WORD
|
||||
TLSRestoreData proto stdcall
|
||||
TLSBuildNewTable proto stdcall :DWORD, :DWORD, :DWORD, :LPVOID, :DWORD
|
||||
TLSBuildNewTableEx proto stdcall :ptr SBYTE, :ptr SBYTE, :LPVOID, :DWORD
|
||||
TLSBuildNewTableExW proto stdcall :ptr WORD, :ptr SBYTE, :LPVOID, :DWORD
|
||||
TranslateNativeName proto stdcall :ptr SBYTE
|
||||
TranslateNativeNameW proto stdcall :ptr WORD
|
||||
HandlerGetActiveHandleCount proto stdcall :DWORD
|
||||
HandlerIsHandleOpen proto stdcall :DWORD, :HANDLE
|
||||
HandlerGetHandleName proto stdcall :HANDLE, :DWORD, :HANDLE, :bool
|
||||
HandlerGetHandleNameW proto stdcall :HANDLE, :DWORD, :HANDLE, :bool
|
||||
HandlerEnumerateOpenHandles proto stdcall :DWORD, :LPVOID, :DWORD
|
||||
HandlerGetHandleDetails proto stdcall :HANDLE, :DWORD, :HANDLE, :DWORD
|
||||
HandlerCloseRemoteHandle proto stdcall :HANDLE, :HANDLE
|
||||
HandlerEnumerateLockHandles proto stdcall :ptr SBYTE, :bool, :bool, :LPVOID, :DWORD
|
||||
HandlerEnumerateLockHandlesW proto stdcall :ptr WORD, :bool, :bool, :LPVOID, :DWORD
|
||||
HandlerCloseAllLockHandles proto stdcall :ptr SBYTE, :bool, :bool
|
||||
HandlerCloseAllLockHandlesW proto stdcall :ptr WORD, :bool, :bool
|
||||
HandlerIsFileLocked proto stdcall :ptr SBYTE, :bool, :bool
|
||||
HandlerIsFileLockedW proto stdcall :ptr WORD, :bool, :bool
|
||||
HandlerEnumerateOpenMutexes proto stdcall :HANDLE, :DWORD, :LPVOID, :DWORD
|
||||
HandlerGetOpenMutexHandle proto stdcall :HANDLE, :DWORD, :ptr SBYTE
|
||||
HandlerGetOpenMutexHandleW proto stdcall :HANDLE, :DWORD, :ptr WORD
|
||||
HandlerGetProcessIdWhichCreatedMutex proto stdcall :ptr SBYTE
|
||||
HandlerGetProcessIdWhichCreatedMutexW proto stdcall :ptr WORD
|
||||
RemoteLoadLibrary proto stdcall :HANDLE, :ptr SBYTE, :bool
|
||||
RemoteLoadLibraryW proto stdcall :HANDLE, :ptr WORD, :bool
|
||||
RemoteFreeLibrary proto stdcall :HANDLE, :HMODULE, :ptr SBYTE, :bool
|
||||
RemoteFreeLibraryW proto stdcall :HANDLE, :HMODULE, :ptr WORD, :bool
|
||||
RemoteExitProcess proto stdcall :HANDLE, :DWORD
|
||||
StaticFileLoad proto stdcall :ptr SBYTE, :DWORD, :bool, :LPHANDLE, :LPDWORD, :LPHANDLE, :ptr DWORD
|
||||
StaticFileLoadW proto stdcall :ptr WORD, :DWORD, :bool, :LPHANDLE, :LPDWORD, :LPHANDLE, :ptr DWORD
|
||||
StaticFileUnload proto stdcall :ptr SBYTE, :bool, :HANDLE, :DWORD, :HANDLE, :DWORD
|
||||
StaticFileUnloadW proto stdcall :ptr WORD, :bool, :HANDLE, :DWORD, :HANDLE, :DWORD
|
||||
StaticFileOpen proto stdcall :ptr SBYTE, :DWORD, :LPHANDLE, :LPDWORD, :LPDWORD
|
||||
StaticFileOpenW proto stdcall :ptr WORD, :DWORD, :LPHANDLE, :LPDWORD, :LPDWORD
|
||||
StaticFileGetContent proto stdcall :HANDLE, :DWORD, :LPDWORD, :ptr , :DWORD
|
||||
StaticFileClose proto stdcall :HANDLE
|
||||
StaticMemoryDecrypt proto stdcall :LPVOID, :DWORD, :DWORD, :DWORD, :DWORD
|
||||
StaticMemoryDecryptEx proto stdcall :LPVOID, :DWORD, :DWORD, :ptr
|
||||
StaticMemoryDecryptSpecial proto stdcall :LPVOID, :DWORD, :DWORD, :DWORD, :ptr
|
||||
StaticSectionDecrypt proto stdcall :DWORD, :DWORD, :bool, :DWORD, :DWORD, :DWORD
|
||||
StaticMemoryDecompress proto stdcall :ptr , :DWORD, :ptr , :DWORD, :DWORD
|
||||
StaticRawMemoryCopy proto stdcall :HANDLE, :DWORD, :DWORD, :DWORD, :bool, :ptr SBYTE
|
||||
StaticRawMemoryCopyW proto stdcall :HANDLE, :DWORD, :DWORD, :DWORD, :bool, :ptr WORD
|
||||
StaticRawMemoryCopyEx proto stdcall :HANDLE, :DWORD, :DWORD, :ptr SBYTE
|
||||
StaticRawMemoryCopyExW proto stdcall :HANDLE, :DWORD, :DWORD, :ptr WORD
|
||||
StaticHashMemory proto stdcall :ptr , :DWORD, :ptr , :bool, :DWORD
|
||||
StaticHashFileW proto stdcall :ptr WORD, :ptr SBYTE, :bool, :DWORD
|
||||
StaticHashFile proto stdcall :ptr SBYTE, :ptr SBYTE, :bool, :DWORD
|
||||
EngineUnpackerInitialize proto stdcall :ptr SBYTE, :ptr SBYTE, :bool, :bool, :bool, :ptr
|
||||
EngineUnpackerInitializeW proto stdcall :ptr WORD, :ptr WORD, :bool, :bool, :bool, :ptr
|
||||
EngineUnpackerSetBreakCondition proto stdcall :ptr , :DWORD, :ptr , :DWORD, :DWORD, :DWORD, :bool, :DWORD, :DWORD
|
||||
EngineUnpackerSetEntryPointAddress proto stdcall :DWORD
|
||||
EngineUnpackerFinalizeUnpacking proto stdcall
|
||||
SetEngineVariable proto stdcall :DWORD, :bool
|
||||
EngineCreateMissingDependencies proto stdcall :ptr SBYTE, :ptr SBYTE, :bool
|
||||
EngineCreateMissingDependenciesW proto stdcall :ptr WORD, :ptr WORD, :bool
|
||||
EngineFakeMissingDependencies proto stdcall :HANDLE
|
||||
EngineDeleteCreatedDependencies proto stdcall
|
||||
EngineCreateUnpackerWindow proto stdcall :ptr SBYTE, :ptr SBYTE, :ptr SBYTE, :ptr SBYTE, :ptr
|
||||
EngineAddUnpackerWindowLogMessage proto stdcall :ptr SBYTE
|
||||
ExtensionManagerIsPluginLoaded proto stdcall :ptr SBYTE
|
||||
ExtensionManagerIsPluginEnabled proto stdcall :ptr SBYTE
|
||||
ExtensionManagerDisableAllPlugins proto stdcall
|
||||
ExtensionManagerDisablePlugin proto stdcall :ptr SBYTE
|
||||
ExtensionManagerEnableAllPlugins proto stdcall
|
||||
ExtensionManagerEnablePlugin proto stdcall :ptr SBYTE
|
||||
ExtensionManagerUnloadAllPlugins proto stdcall
|
||||
ExtensionManagerUnloadPlugin proto stdcall :ptr SBYTE
|
||||
ExtensionManagerGetPluginInfo proto stdcall :ptr SBYTE
|
||||
|
||||
;--- errors: 0
|
||||
;--- end of file ---
|
||||
File diff suppressed because it is too large
Load Diff
|
|
@ -297,8 +297,6 @@
|
|||
<ClCompile Include="TitanEngine.TranslateName.cpp" />
|
||||
</ItemGroup>
|
||||
<ItemGroup>
|
||||
<ClInclude Include="..\SDK\CPP\TitanEngine.h" />
|
||||
<ClInclude Include="..\SDK\CPP\TitanEngine.hpp" />
|
||||
<ClInclude Include="..\SDK\C\TitanEngine.h" />
|
||||
<ClInclude Include="aplib.h" />
|
||||
<ClInclude Include="definitions.h" />
|
||||
|
|
@ -336,10 +334,6 @@
|
|||
<ResourceCompile Include="TitanEngine.rc" />
|
||||
</ItemGroup>
|
||||
<ItemGroup>
|
||||
<None Include="..\SDK\Delphi\TitanEngine.pas" />
|
||||
<None Include="..\SDK\LUA\TitanEngine.lua" />
|
||||
<None Include="..\SDK\MASM\TitanEngine.INC" />
|
||||
<None Include="..\SDK\Python\TitanEngine.py" />
|
||||
<None Include="..\TitanEngineLoaders\LibraryLoader\x32\LibraryLoader.exe" />
|
||||
<None Include="..\TitanEngineLoaders\LibraryLoader\x64\LibraryLoader.exe" />
|
||||
<None Include="Global.Engine.Hash.h" />
|
||||
|
|
|
|||
|
|
@ -37,21 +37,6 @@
|
|||
<Filter Include="Header Files\SDK\C">
|
||||
<UniqueIdentifier>{2efe2f1a-4ee7-4249-a67c-c51a63aa8f0d}</UniqueIdentifier>
|
||||
</Filter>
|
||||
<Filter Include="Header Files\SDK\CPP">
|
||||
<UniqueIdentifier>{a1fcc566-fbcf-45e0-a99e-0dc7c8f1f3b1}</UniqueIdentifier>
|
||||
</Filter>
|
||||
<Filter Include="Header Files\SDK\Delphi">
|
||||
<UniqueIdentifier>{6ead5e95-3e59-431b-a190-f031c0195a6c}</UniqueIdentifier>
|
||||
</Filter>
|
||||
<Filter Include="Header Files\SDK\LUA">
|
||||
<UniqueIdentifier>{4f08d968-e800-4208-b62a-147d69620060}</UniqueIdentifier>
|
||||
</Filter>
|
||||
<Filter Include="Header Files\SDK\MASM">
|
||||
<UniqueIdentifier>{1012361d-2057-4706-9c0f-e864e2c7a7c5}</UniqueIdentifier>
|
||||
</Filter>
|
||||
<Filter Include="Header Files\SDK\Python">
|
||||
<UniqueIdentifier>{a7ccfa4b-cc58-4f5f-88a1-35d65ab8b5a9}</UniqueIdentifier>
|
||||
</Filter>
|
||||
</ItemGroup>
|
||||
<ItemGroup>
|
||||
<ClCompile Include="stdafx.cpp">
|
||||
|
|
@ -332,12 +317,6 @@
|
|||
<ClInclude Include="..\SDK\C\TitanEngine.h">
|
||||
<Filter>Header Files\SDK\C</Filter>
|
||||
</ClInclude>
|
||||
<ClInclude Include="..\SDK\CPP\TitanEngine.h">
|
||||
<Filter>Header Files\SDK\CPP</Filter>
|
||||
</ClInclude>
|
||||
<ClInclude Include="..\SDK\CPP\TitanEngine.hpp">
|
||||
<Filter>Header Files\SDK\CPP</Filter>
|
||||
</ClInclude>
|
||||
<ClInclude Include="Global.Engine.Context.h">
|
||||
<Filter>Header Files\TitanEngine</Filter>
|
||||
</ClInclude>
|
||||
|
|
@ -363,17 +342,5 @@
|
|||
<None Include="Global.Engine.Hash.h">
|
||||
<Filter>Header Files\TitanEngine</Filter>
|
||||
</None>
|
||||
<None Include="..\SDK\Delphi\TitanEngine.pas">
|
||||
<Filter>Header Files\SDK\Delphi</Filter>
|
||||
</None>
|
||||
<None Include="..\SDK\LUA\TitanEngine.lua">
|
||||
<Filter>Header Files\SDK\LUA</Filter>
|
||||
</None>
|
||||
<None Include="..\SDK\MASM\TitanEngine.INC">
|
||||
<Filter>Header Files\SDK\MASM</Filter>
|
||||
</None>
|
||||
<None Include="..\SDK\Python\TitanEngine.py">
|
||||
<Filter>Header Files\SDK\Python</Filter>
|
||||
</None>
|
||||
</ItemGroup>
|
||||
</Project>
|
||||
Loading…
Reference in New Issue