diff --git a/SDK/C/TitanEngine.h b/SDK/C/TitanEngine.h index 319c809..7e68fa6 100644 --- a/SDK/C/TitanEngine.h +++ b/SDK/C/TitanEngine.h @@ -675,12 +675,11 @@ __declspec(dllexport) bool TITCALL IsBPXEnabled(ULONG_PTR bpxAddress); __declspec(dllexport) bool TITCALL EnableBPX(ULONG_PTR bpxAddress); __declspec(dllexport) bool TITCALL DisableBPX(ULONG_PTR bpxAddress); __declspec(dllexport) bool TITCALL SetBPX(ULONG_PTR bpxAddress, DWORD bpxType, LPVOID bpxCallBack); -__declspec(dllexport) bool TITCALL SetBPXEx(ULONG_PTR bpxAddress, DWORD bpxType, DWORD NumberOfExecution, DWORD CmpRegister, DWORD CmpCondition, ULONG_PTR CmpValue, LPVOID bpxCallBack, LPVOID bpxCompareCallBack, LPVOID bpxRemoveCallBack); __declspec(dllexport) bool TITCALL DeleteBPX(ULONG_PTR bpxAddress); __declspec(dllexport) bool TITCALL SafeDeleteBPX(ULONG_PTR bpxAddress); -__declspec(dllexport) bool TITCALL SetAPIBreakPoint(char* szDLLName, char* szAPIName, DWORD bpxType, DWORD bpxPlace, LPVOID bpxCallBack); -__declspec(dllexport) bool TITCALL DeleteAPIBreakPoint(char* szDLLName, char* szAPIName, DWORD bpxPlace); -__declspec(dllexport) bool TITCALL SafeDeleteAPIBreakPoint(char* szDLLName, char* szAPIName, DWORD bpxPlace); +__declspec(dllexport) bool TITCALL SetAPIBreakPoint(const char* szDLLName, const char* szAPIName, DWORD bpxType, DWORD bpxPlace, LPVOID bpxCallBack); +__declspec(dllexport) bool TITCALL DeleteAPIBreakPoint(const char* szDLLName, const char* szAPIName, DWORD bpxPlace); +__declspec(dllexport) bool TITCALL SafeDeleteAPIBreakPoint(const char* szDLLName, const char* szAPIName, DWORD bpxPlace); __declspec(dllexport) bool TITCALL SetMemoryBPX(ULONG_PTR MemoryStart, SIZE_T SizeOfMemory, LPVOID bpxCallBack); __declspec(dllexport) bool TITCALL SetMemoryBPXEx(ULONG_PTR MemoryStart, SIZE_T SizeOfMemory, DWORD BreakPointType, bool RestoreOnHit, LPVOID bpxCallBack); __declspec(dllexport) bool TITCALL RemoveMemoryBPX(ULONG_PTR MemoryStart, SIZE_T SizeOfMemory); diff --git a/SDK/CPP/TitanEngine.h b/SDK/CPP/TitanEngine.h index 5098e5c..3d8c491 100644 --- a/SDK/CPP/TitanEngine.h +++ b/SDK/CPP/TitanEngine.h @@ -674,12 +674,11 @@ __declspec(dllimport) bool TITCALL IsBPXEnabled(ULONG_PTR bpxAddress); __declspec(dllimport) bool TITCALL EnableBPX(ULONG_PTR bpxAddress); __declspec(dllimport) bool TITCALL DisableBPX(ULONG_PTR bpxAddress); __declspec(dllimport) bool TITCALL SetBPX(ULONG_PTR bpxAddress, DWORD bpxType, LPVOID bpxCallBack); -__declspec(dllimport) bool TITCALL SetBPXEx(ULONG_PTR bpxAddress, DWORD bpxType, DWORD NumberOfExecution, DWORD CmpRegister, DWORD CmpCondition, ULONG_PTR CmpValue, LPVOID bpxCallBack, LPVOID bpxCompareCallBack, LPVOID bpxRemoveCallBack); __declspec(dllimport) bool TITCALL DeleteBPX(ULONG_PTR bpxAddress); __declspec(dllimport) bool TITCALL SafeDeleteBPX(ULONG_PTR bpxAddress); -__declspec(dllimport) bool TITCALL SetAPIBreakPoint(char* szDLLName, char* szAPIName, DWORD bpxType, DWORD bpxPlace, LPVOID bpxCallBack); -__declspec(dllimport) bool TITCALL DeleteAPIBreakPoint(char* szDLLName, char* szAPIName, DWORD bpxPlace); -__declspec(dllimport) bool TITCALL SafeDeleteAPIBreakPoint(char* szDLLName, char* szAPIName, DWORD bpxPlace); +__declspec(dllimport) bool TITCALL SetAPIBreakPoint(const char* szDLLName, const char* szAPIName, DWORD bpxType, DWORD bpxPlace, LPVOID bpxCallBack); +__declspec(dllimport) bool TITCALL DeleteAPIBreakPoint(const char* szDLLName, const char* szAPIName, DWORD bpxPlace); +__declspec(dllimport) bool TITCALL SafeDeleteAPIBreakPoint(const char* szDLLName, const char* szAPIName, DWORD bpxPlace); __declspec(dllimport) bool TITCALL SetMemoryBPX(ULONG_PTR MemoryStart, SIZE_T SizeOfMemory, LPVOID bpxCallBack); __declspec(dllimport) bool TITCALL SetMemoryBPXEx(ULONG_PTR MemoryStart, SIZE_T SizeOfMemory, DWORD BreakPointType, bool RestoreOnHit, LPVOID bpxCallBack); __declspec(dllimport) bool TITCALL RemoveMemoryBPX(ULONG_PTR MemoryStart, SIZE_T SizeOfMemory); diff --git a/SDK/CPP/TitanEngine.hpp b/SDK/CPP/TitanEngine.hpp index 633e339..8cd6a0d 100644 --- a/SDK/CPP/TitanEngine.hpp +++ b/SDK/CPP/TitanEngine.hpp @@ -1213,10 +1213,6 @@ protected: { return UE::SetBPX(bpxAddress, bpxType, (void*)bpxCallBack); } - static bool SetBPXEx(ULONG_PTR bpxAddress, eBPType bpxType, DWORD NumberOfExecution, eContextData CmpRegister, eCompareCondition CmpCondition, ULONG_PTR CmpValue, fBreakPointCallback bpxCallBack, fBreakPointCallback bpxCompareCallBack, fBreakPointCallback bpxRemoveCallBack) - { - return UE::SetBPXEx(bpxAddress, bpxType, NumberOfExecution, CmpRegister, CmpCondition, CmpValue, (void*)bpxCallBack, (void*)bpxCompareCallBack, (void*)bpxRemoveCallBack); - } static bool DeleteBPX(ULONG_PTR bpxAddress) { return UE::DeleteBPX(bpxAddress); @@ -1227,15 +1223,15 @@ protected: } static bool SetAPIBreakPoint(const char* szDLLName, const char* szAPIName, eBPType bpxType, eBPPlace bpxPlace, fBreakPointCallback bpxCallBack) { - return UE::SetAPIBreakPoint((char*)szDLLName, (char*)szAPIName, bpxType, bpxPlace, (void*)bpxCallBack); + return UE::SetAPIBreakPoint(szDLLName, szAPIName, bpxType, bpxPlace, (void*)bpxCallBack); } static bool DeleteAPIBreakPoint(const char* szDLLName, const char* szAPIName, eBPPlace bpxPlace) { - return UE::DeleteAPIBreakPoint((char*)szDLLName, (char*)szAPIName, bpxPlace); + return UE::DeleteAPIBreakPoint(szDLLName, szAPIName, bpxPlace); } static bool SafeDeleteAPIBreakPoint(const char* szDLLName, const char* szAPIName, eBPPlace bpxPlace) { - return UE::SafeDeleteAPIBreakPoint((char*)szDLLName, (char*)szAPIName, bpxPlace); + return UE::SafeDeleteAPIBreakPoint(szDLLName, szAPIName, bpxPlace); } static bool SetMemoryBPX(ULONG_PTR MemoryStart, SIZE_T SizeOfMemory, fBreakPointCallback bpxCallBack) { @@ -1529,7 +1525,6 @@ public: using DebuggerX::EnableBPX; using DebuggerX::DisableBPX; using DebuggerX::SetBPX; - using DebuggerX::SetBPXEx; using DebuggerX::DeleteBPX; using DebuggerX::SafeDeleteBPX; using DebuggerX::SetAPIBreakPoint; diff --git a/SDK/Delphi/TitanEngine.pas b/SDK/Delphi/TitanEngine.pas index 88ae867..29ae1d9 100644 --- a/SDK/Delphi/TitanEngine.pas +++ b/SDK/Delphi/TitanEngine.pas @@ -533,7 +533,6 @@ const function EnableBPX(bpxAddress:LongInt): boolean; stdcall; external 'TitanEngine.dll' name 'EnableBPX'; function DisableBPX(bpxAddress:LongInt): boolean; stdcall; external 'TitanEngine.dll' name 'DisableBPX'; function SetBPX(bpxAddress,bpxType:LongInt; bpxCallBack:Pointer): boolean; stdcall; external 'TitanEngine.dll' name 'SetBPX'; - function SetBPXEx(bpxAddress,bpxType,NumberOfExecution,CmpRegister,CmpCondition,CmpValue:LongInt; bpxCallBack,bpxCompareCallBack,bpxRemoveCallBack:Pointer): boolean; stdcall; external 'TitanEngine.dll' name 'SetBPXEx'; function DeleteBPX(bpxAddress:LongInt): boolean; stdcall; external 'TitanEngine.dll' name 'DeleteBPX'; function SafeDeleteBPX(bpxAddress:LongInt): boolean; stdcall; external 'TitanEngine.dll' name 'SafeDeleteBPX'; function SetAPIBreakPoint(szDLLName,szAPIName:PAnsiChar; bpxType,bpxPlace:LongInt; bpxCallBack:Pointer):boolean; stdcall; external 'TitanEngine.dll' name 'SetAPIBreakPoint'; diff --git a/SDK/LUA/TitanEngine.lua b/SDK/LUA/TitanEngine.lua index f11af86..ca35707 100644 --- a/SDK/LUA/TitanEngine.lua +++ b/SDK/LUA/TitanEngine.lua @@ -821,9 +821,6 @@ PROCESS_INFORMATION = alien.defstruct{ -- __declspec(dllexport) bool __stdcall SetBPX(ULONG_PTR bpxAddress, DWORD bpxType, LPVOID bpxCallBack); TitanEngine.SetBPX:types {"long","long","callback",abi="stdcall",ret="byte"} TE_SetBPX = TitanEngine.SetBPX --- __declspec(dllexport) bool __stdcall SetBPXEx(ULONG_PTR bpxAddress, DWORD bpxType, DWORD NumberOfExecution, DWORD CmpRegister, DWORD CmpCondition, ULONG_PTR CmpValue, LPVOID bpxCallBack, LPVOID bpxCompareCallBack, LPVOID bpxRemoveCallBack); - TitanEngine.SetBPXEx:types {"long","long","long","long","long","long","callback","callback","callback",abi="stdcall",ret="byte"} - TE_SetBPXEx = TitanEngine.SetBPXEx -- __declspec(dllexport) bool __stdcall DeleteBPX(ULONG_PTR bpxAddress); TitanEngine.DeleteBPX:types {"long",abi="stdcall",ret="byte"} TE_DeleteBPX = TitanEngine.DeleteBPX diff --git a/SDK/MASM/TitanEngine.INC b/SDK/MASM/TitanEngine.INC index 1eccc4e..4693d4e 100644 --- a/SDK/MASM/TitanEngine.INC +++ b/SDK/MASM/TitanEngine.INC @@ -583,7 +583,6 @@ IsBPXEnabled proto stdcall :DWORD EnableBPX proto stdcall :DWORD DisableBPX proto stdcall :DWORD SetBPX proto stdcall :DWORD, :DWORD, :LPVOID -SetBPXEx proto stdcall :DWORD, :DWORD, :DWORD, :DWORD, :DWORD, :DWORD, :LPVOID, :LPVOID, :LPVOID DeleteBPX proto stdcall :DWORD SafeDeleteBPX proto stdcall :DWORD SetAPIBreakPoint proto stdcall :ptr SBYTE, :ptr SBYTE, :DWORD, :DWORD, :LPVOID diff --git a/TitanEngine/Global.Breakpoints.cpp b/TitanEngine/Global.Breakpoints.cpp index a56bb1f..df10b05 100644 --- a/TitanEngine/Global.Breakpoints.cpp +++ b/TitanEngine/Global.Breakpoints.cpp @@ -2,8 +2,7 @@ #include "definitions.h" #include "Global.Breakpoints.h" -int BreakPointSetCount = 0; -extern BreakPointDetail BreakPointBuffer[MAXIMUM_BREAKPOINTS] = {}; +std::vector BreakPointBuffer; ULONG_PTR dr7uint(DR7* dr7) { @@ -110,4 +109,4 @@ void uintdr7(ULONG_PTR dr7, DR7* ret) BITSET(ret->HWBP_SIZE[3],0); if(BITGET(dr7,31)) BITSET(ret->HWBP_SIZE[3],1); -} \ No newline at end of file +} diff --git a/TitanEngine/Global.Breakpoints.h b/TitanEngine/Global.Breakpoints.h index 576c695..4bdd872 100644 --- a/TitanEngine/Global.Breakpoints.h +++ b/TitanEngine/Global.Breakpoints.h @@ -1,10 +1,11 @@ #ifndef _GLOBAL_BREAKPOINTS_H #define _GLOBAL_BREAKPOINTS_H -extern int BreakPointSetCount; -extern BreakPointDetail BreakPointBuffer[MAXIMUM_BREAKPOINTS]; +#include + +extern std::vector BreakPointBuffer; void uintdr7(ULONG_PTR dr7, DR7* ret); ULONG_PTR dr7uint(DR7* dr7); -#endif //_GLOBAL_BREAKPOINTS_H \ No newline at end of file +#endif //_GLOBAL_BREAKPOINTS_H diff --git a/TitanEngine/Global.Engine.Extension.cpp b/TitanEngine/Global.Engine.Extension.cpp index e173f5f..4ac4717 100644 --- a/TitanEngine/Global.Engine.Extension.cpp +++ b/TitanEngine/Global.Engine.Extension.cpp @@ -168,10 +168,10 @@ __declspec(dllexport) bool TITCALL ExtensionManagerIsPluginLoaded(char* szPlugin { if(lstrcmpiA(Plugin[i].PluginName, szPluginName) == NULL) { - return(true); + return true; } } - return(false); + return false; } __declspec(dllexport) bool TITCALL ExtensionManagerIsPluginEnabled(char* szPluginName) @@ -183,15 +183,15 @@ __declspec(dllexport) bool TITCALL ExtensionManagerIsPluginEnabled(char* szPlugi { if(!Plugin[i].PluginDisabled) { - return(true); + return true; } else { - return(false); + return false; } } } - return(false); + return false; } __declspec(dllexport) bool TITCALL ExtensionManagerDisableAllPlugins() @@ -201,7 +201,7 @@ __declspec(dllexport) bool TITCALL ExtensionManagerDisableAllPlugins() { Plugin[i].PluginDisabled = true; } - return(true); + return true; } __declspec(dllexport) bool TITCALL ExtensionManagerDisablePlugin(char* szPluginName) @@ -212,10 +212,10 @@ __declspec(dllexport) bool TITCALL ExtensionManagerDisablePlugin(char* szPluginN if(lstrcmpiA(Plugin[i].PluginName, szPluginName) == NULL) { Plugin[i].PluginDisabled = true; - return(true); + return true; } } - return(false); + return false; } __declspec(dllexport) bool TITCALL ExtensionManagerEnableAllPlugins() @@ -225,7 +225,7 @@ __declspec(dllexport) bool TITCALL ExtensionManagerEnableAllPlugins() { Plugin[i].PluginDisabled = false; } - return(true); + return true; } __declspec(dllexport) bool TITCALL ExtensionManagerEnablePlugin(char* szPluginName) @@ -236,10 +236,10 @@ __declspec(dllexport) bool TITCALL ExtensionManagerEnablePlugin(char* szPluginNa if(lstrcmpiA(Plugin[i].PluginName, szPluginName) == NULL) { Plugin[i].PluginDisabled = false; - return(true); + return true; } } - return(false); + return false; } __declspec(dllexport) bool TITCALL ExtensionManagerUnloadAllPlugins() @@ -252,7 +252,7 @@ __declspec(dllexport) bool TITCALL ExtensionManagerUnloadAllPlugins() Plugin.erase(Plugin.begin() + i); } } - return(true); + return true; } __declspec(dllexport) bool TITCALL ExtensionManagerUnloadPlugin(char* szPluginName) @@ -274,7 +274,7 @@ __declspec(dllexport) bool TITCALL ExtensionManagerUnloadPlugin(char* szPluginNa if(FreeLibrary(Plugin[i].PluginBaseAddress)) { Plugin.erase(Plugin.begin() + i); - return(true); + return true; } } } @@ -283,12 +283,12 @@ __declspec(dllexport) bool TITCALL ExtensionManagerUnloadPlugin(char* szPluginNa if(FreeLibrary(Plugin[i].PluginBaseAddress)) { Plugin.erase(Plugin.begin() + i); - return(true); + return true; } } } } - return(false); + return false; } __declspec(dllexport) void* TITCALL ExtensionManagerGetPluginInfo(char* szPluginName) @@ -301,4 +301,4 @@ __declspec(dllexport) void* TITCALL ExtensionManagerGetPluginInfo(char* szPlugin } } return(NULL); -} \ No newline at end of file +} diff --git a/TitanEngine/Global.Engine.GUI.cpp b/TitanEngine/Global.Engine.GUI.cpp index c8a416f..0c78911 100644 --- a/TitanEngine/Global.Engine.GUI.cpp +++ b/TitanEngine/Global.Engine.GUI.cpp @@ -35,11 +35,11 @@ bool EngineGetFileDialog(char* GlobalBuffer) if(!GetOpenFileNameA(&sOpenFileName)) { RtlZeroMemory(&GlobalBuffer[0], 1024); - return(false); + return false; } else { - return(true); + return true; } } @@ -111,4 +111,4 @@ long EngineWndProc(HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lParam) } } return(NULL); -} \ No newline at end of file +} diff --git a/TitanEngine/Global.Engine.Threading.cpp b/TitanEngine/Global.Engine.Threading.cpp index c88c30a..e7dbb29 100644 --- a/TitanEngine/Global.Engine.Threading.cpp +++ b/TitanEngine/Global.Engine.Threading.cpp @@ -11,7 +11,8 @@ MutexLocker::MutexLocker(const char* name) MutexLocker::~MutexLocker() { - ReleaseMutex(gMutex); + if(!bUnlocked) + ReleaseMutex(gMutex); } void MutexLocker::relock() diff --git a/TitanEngine/Global.Engine.cpp b/TitanEngine/Global.Engine.cpp index d842f68..3b478ce 100644 --- a/TitanEngine/Global.Engine.cpp +++ b/TitanEngine/Global.Engine.cpp @@ -65,7 +65,7 @@ bool EngineIsThereFreeHardwareBreakSlot(LPDWORD FreeRegister) { *FreeRegister = UE_DR0; } - return(true); + return true; } else if(DebugRegister[1].DrxEnabled == false) { @@ -73,7 +73,7 @@ bool EngineIsThereFreeHardwareBreakSlot(LPDWORD FreeRegister) { *FreeRegister = UE_DR1; } - return(true); + return true; } else if(DebugRegister[2].DrxEnabled == false) { @@ -81,7 +81,7 @@ bool EngineIsThereFreeHardwareBreakSlot(LPDWORD FreeRegister) { *FreeRegister = UE_DR2; } - return(true); + return true; } else if(DebugRegister[3].DrxEnabled == false) { @@ -89,9 +89,9 @@ bool EngineIsThereFreeHardwareBreakSlot(LPDWORD FreeRegister) { *FreeRegister = UE_DR3; } - return(true); + return true; } - return(false); + return false; } bool EngineFileExists(char* szFileName) @@ -101,11 +101,11 @@ bool EngineFileExists(char* szFileName) if(hFile != INVALID_HANDLE_VALUE) { EngineCloseHandle(hFile); - return(true); + return true; } else { - return(false); + return false; } } @@ -187,7 +187,7 @@ bool EngineCreatePathForFile(char* szFileName) } } } - return(true); + return true; } bool EngineCreatePathForFileW(wchar_t* szFileName) @@ -225,7 +225,7 @@ bool EngineCreatePathForFileW(wchar_t* szFileName) } } } - return(true); + return true; } wchar_t* EngineExtractFileNameW(wchar_t* szFileName) @@ -304,10 +304,10 @@ bool EngineIsPointedMemoryString(ULONG_PTR PossibleStringPtr) } if(StringIsValid == true && MaxDisassmSize - i > 4) { - return(true); + return true; } } - return(false); + return false; } int EnginePointedMemoryStringLength(ULONG_PTR PossibleStringPtr) @@ -366,9 +366,9 @@ bool EngineCompareResourceString(wchar_t* String1, wchar_t* String2) RtlMoveMemory(&StringCmp[0], &String1[0], memData->Array.wArrayEntry[0] * 2); if(lstrcmpiW(StringCmp, String2) == NULL) { - return(true); + return true; } - return(false); + return false; } long long EngineEstimateNewSectionRVA(ULONG_PTR FileMapVA) @@ -459,7 +459,7 @@ bool EngineExtractForwarderData(ULONG_PTR PossibleStringPtr, LPVOID szFwdDLLName } if(TestChar == 0x00) { - return(false); + return false; } PossibleStringPtr--; RtlCopyMemory(szFwdDLLName, lpPossibleStringPtr, PossibleStringPtr - (ULONG_PTR)lpPossibleStringPtr); @@ -477,11 +477,11 @@ bool EngineExtractForwarderData(ULONG_PTR PossibleStringPtr, LPVOID szFwdDLLName PossibleStringPtr++; } RtlCopyMemory(szFwdAPIName, lpPossibleStringPtr, PossibleStringPtr - (ULONG_PTR)lpPossibleStringPtr); - return(true); + return true; } __except(EXCEPTION_EXECUTE_HANDLER) { - return(false); + return false; } } @@ -522,13 +522,13 @@ bool EngineExtractResource(char* szResourceName, wchar_t* szExtractedFileName) } else { - return(false); + return false; } } } - return(true); + return true; } - return(false); + return false; } bool EngineIsDependencyPresent(char* szFileName, char* szDependencyForFile, char* szPresentInFolder) @@ -549,7 +549,7 @@ bool EngineIsDependencyPresent(char* szFileName, char* szDependencyForFile, char if(hFile != INVALID_HANDLE_VALUE) { EngineCloseHandle(hFile); - return(true); + return true; } } @@ -559,7 +559,7 @@ bool EngineIsDependencyPresent(char* szFileName, char* szDependencyForFile, char if(hFile != INVALID_HANDLE_VALUE) { EngineCloseHandle(hFile); - return(true); + return true; } if(GetSystemDirectoryA(szTryFileName, 512) > NULL) { @@ -569,7 +569,7 @@ bool EngineIsDependencyPresent(char* szFileName, char* szDependencyForFile, char if(hFile != INVALID_HANDLE_VALUE) { EngineCloseHandle(hFile); - return(true); + return true; } } if(GetWindowsDirectoryA(szTryFileName, 512) > NULL) @@ -580,7 +580,7 @@ bool EngineIsDependencyPresent(char* szFileName, char* szDependencyForFile, char if(hFile != INVALID_HANDLE_VALUE) { EngineCloseHandle(hFile); - return(true); + return true; } } if(szDependencyForFile != NULL) @@ -600,11 +600,11 @@ bool EngineIsDependencyPresent(char* szFileName, char* szDependencyForFile, char if(hFile != INVALID_HANDLE_VALUE) { EngineCloseHandle(hFile); - return(true); + return true; } } } - return(false); + return false; } bool EngineIsDependencyPresentW(wchar_t* szFileName, wchar_t* szDependencyForFile, wchar_t* szPresentInFolder) @@ -626,7 +626,7 @@ bool EngineIsDependencyPresentW(wchar_t* szFileName, wchar_t* szDependencyForFil if(hFile != INVALID_HANDLE_VALUE) { EngineCloseHandle(hFile); - return(true); + return true; } } if(szFileName != NULL) @@ -635,7 +635,7 @@ bool EngineIsDependencyPresentW(wchar_t* szFileName, wchar_t* szDependencyForFil if(hFile != INVALID_HANDLE_VALUE) { EngineCloseHandle(hFile); - return(true); + return true; } if(GetSystemDirectoryW(szTryFileName, 512) > NULL) { @@ -645,7 +645,7 @@ bool EngineIsDependencyPresentW(wchar_t* szFileName, wchar_t* szDependencyForFil if(hFile != INVALID_HANDLE_VALUE) { EngineCloseHandle(hFile); - return(true); + return true; } } @@ -657,7 +657,7 @@ bool EngineIsDependencyPresentW(wchar_t* szFileName, wchar_t* szDependencyForFil if(hFile != INVALID_HANDLE_VALUE) { EngineCloseHandle(hFile); - return(true); + return true; } } @@ -677,11 +677,11 @@ bool EngineIsDependencyPresentW(wchar_t* szFileName, wchar_t* szDependencyForFil if(hFile != INVALID_HANDLE_VALUE) { EngineCloseHandle(hFile); - return(true); + return true; } } } - return(false); + return false; } bool EngineGetDependencyLocation(char* szFileName, char* szDependencyForFile, void* szLocationOfTheFile, int MaxStringSize) @@ -702,7 +702,7 @@ bool EngineGetDependencyLocation(char* szFileName, char* szDependencyForFile, vo RtlCopyMemory(szLocationOfTheFile, szFileName, lstrlenA(szFileName)); } EngineCloseHandle(hFile); - return(true); + return true; } if(GetSystemDirectoryA(szTryFileName, 512) > NULL) { @@ -717,7 +717,7 @@ bool EngineGetDependencyLocation(char* szFileName, char* szDependencyForFile, vo RtlCopyMemory(szLocationOfTheFile, &szTryFileName, lstrlenA(szTryFileName)); } EngineCloseHandle(hFile); - return(true); + return true; } } if(GetWindowsDirectoryA(szTryFileName, 512) > NULL) @@ -733,7 +733,7 @@ bool EngineGetDependencyLocation(char* szFileName, char* szDependencyForFile, vo RtlCopyMemory(szLocationOfTheFile, &szTryFileName, lstrlenA(szTryFileName)); } EngineCloseHandle(hFile); - return(true); + return true; } } if(szDependencyForFile != NULL) @@ -758,11 +758,11 @@ bool EngineGetDependencyLocation(char* szFileName, char* szDependencyForFile, vo RtlCopyMemory(szLocationOfTheFile, &szTryFileName, lstrlenA(szTryFileName)); } EngineCloseHandle(hFile); - return(true); + return true; } } } - return(false); + return false; } long EngineHashString(char* szStringToHash) @@ -807,7 +807,7 @@ bool EngineIsBadReadPtrEx(LPVOID DataPointer, DWORD DataSize) VirtualQuery(DataPointer, &MemInfo, sizeof MEMORY_BASIC_INFORMATION); if(MemInfo.AllocationProtect == MEM_FREE || MemInfo.AllocationProtect == MEM_PRIVATE) { - return(false); + return false; } DataPointer = (LPVOID)((ULONG_PTR)DataPointer + MemInfo.RegionSize); if(MemInfo.RegionSize > DataSize) @@ -819,7 +819,7 @@ bool EngineIsBadReadPtrEx(LPVOID DataPointer, DWORD DataSize) DataSize = DataSize - (DWORD)MemInfo.RegionSize; } } - return(true); + return true; } bool EngineValidateResource(HMODULE hModule, LPCTSTR lpszType, LPTSTR lpszName, LONG_PTR lParam) @@ -844,20 +844,20 @@ bool EngineValidateResource(HMODULE hModule, LPCTSTR lpszType, LPTSTR lpszName, if(!EngineIsBadReadPtrEx(ResourceData, ResourceSize)) { *((LONG*)lParam) = ReturnData; - return(false); + return false; } } else { *((LONG*)lParam) = ReturnData; - return(false); + return false; } } - return(true); + return true; } *((LONG*)lParam) = ReturnData; - return(false); + return false; } bool EngineValidateHeader(ULONG_PTR FileMapVA, HANDLE hFileProc, LPVOID ImageBase, PIMAGE_DOS_HEADER DOSHeader, bool IsFile) @@ -891,26 +891,26 @@ bool EngineValidateHeader(ULONG_PTR FileMapVA, HANDLE hFileProc, LPVOID ImageBas PEHeader32 = (PIMAGE_NT_HEADERS32)((ULONG_PTR)DOSHeader + DOSHeader->e_lfanew); if(PEHeader32->Signature != 0x4550) { - return(false); + return false; } else { - return(true); + return true; } } else { - return(false); + return false; } } else { - return(false); + return false; } } __except(EXCEPTION_EXECUTE_HANDLER) { - return(false); + return false; } } else @@ -928,31 +928,31 @@ bool EngineValidateHeader(ULONG_PTR FileMapVA, HANDLE hFileProc, LPVOID ImageBas PEHeader32 = (PIMAGE_NT_HEADERS32)(&RemotePEHeader32); if(PEHeader32->Signature != 0x4550) { - return(false); + return false; } else { - return(true); + return true; } } else { - return(false); + return false; } } else { - return(false); + return false; } } else { - return(false); + return false; } } __except(EXCEPTION_EXECUTE_HANDLER) { - return(false); + return false; } } } @@ -1328,7 +1328,7 @@ bool EngineGetLibraryOrdinalData(ULONG_PTR ModuleBase, LPDWORD ptrOrdinalBase, L } else { - return(false); + return false; } if(!FileIs64) { @@ -1342,16 +1342,16 @@ bool EngineGetLibraryOrdinalData(ULONG_PTR ModuleBase, LPDWORD ptrOrdinalBase, L *ptrOrdinalBase = PEExports->Base; *ptrOrdinalCount = PEExports->NumberOfNames; } - return(true); + return true; } __except(EXCEPTION_EXECUTE_HANDLER) { - return(false); + return false; } - return(false); + return false; } -long long EngineGlobalAPIHandler(HANDLE handleProcess, ULONG_PTR EnumedModulesBases, ULONG_PTR APIAddress, char* szAPIName, DWORD ReturnType) +long long EngineGlobalAPIHandler(HANDLE handleProcess, ULONG_PTR EnumedModulesBases, ULONG_PTR APIAddress, const char* szAPIName, DWORD ReturnType) { unsigned int i = 0; @@ -2117,4 +2117,4 @@ long long EngineGlobalAPIHandler(HANDLE handleProcess, ULONG_PTR EnumedModulesBa return(NULL); } return(NULL); -} \ No newline at end of file +} diff --git a/TitanEngine/Global.Engine.h b/TitanEngine/Global.Engine.h index 0eb52cb..55f9bdb 100644 --- a/TitanEngine/Global.Engine.h +++ b/TitanEngine/Global.Engine.h @@ -50,6 +50,6 @@ long long EngineSimulateNtLoader(char* szFileName); long long EngineSimulateDllLoader(HANDLE hProcess, char* szFileName); long long EngineGetProcAddress(ULONG_PTR ModuleBase, char* szAPIName); bool EngineGetLibraryOrdinalData(ULONG_PTR ModuleBase, LPDWORD ptrOrdinalBase, LPDWORD ptrOrdinalCount); -long long EngineGlobalAPIHandler(HANDLE handleProcess, ULONG_PTR EnumedModulesBases, ULONG_PTR APIAddress, char* szAPIName, DWORD ReturnType); +long long EngineGlobalAPIHandler(HANDLE handleProcess, ULONG_PTR EnumedModulesBases, ULONG_PTR APIAddress, const char* szAPIName, DWORD ReturnType); #endif //_GLOBAL_ENGINE_H \ No newline at end of file diff --git a/TitanEngine/Global.Garbage.cpp b/TitanEngine/Global.Garbage.cpp index 6ce407b..75f2272 100644 --- a/TitanEngine/Global.Garbage.cpp +++ b/TitanEngine/Global.Garbage.cpp @@ -32,12 +32,12 @@ bool CreateGarbageItem(void* outGargabeItem, int MaxGargabeStringSize) if(lstrlenW(szGarbageItem) * 2 >= MaxGargabeStringSize) { RtlMoveMemory(outGargabeItem, &szGarbageItem, MaxGargabeStringSize); - return(false); + return false; } else { RtlMoveMemory(outGargabeItem, &szGarbageItem, lstrlenW(szGarbageItem) * 2); - return(true); + return true; } } @@ -99,16 +99,16 @@ bool RemoveGarbageItem(wchar_t* szGarbageItem, bool RemoveFolder) } } } - return(true); + return true; } else { - return(false); + return false; } } else { - return(false); + return false; } } @@ -146,10 +146,10 @@ bool FillGarbageItem(wchar_t* szGarbageItem, wchar_t* szFileName, void* outGarga CopyFileW(szFileName, szCopyFileName, false); } } - return(true); + return true; } void EmptyGarbage() { RemoveGarbageItem(engineSzEngineGarbageFolder, false); -} \ No newline at end of file +} diff --git a/TitanEngine/Global.OEPFinder.cpp b/TitanEngine/Global.OEPFinder.cpp index 30211ef..bc11272 100644 --- a/TitanEngine/Global.OEPFinder.cpp +++ b/TitanEngine/Global.OEPFinder.cpp @@ -13,24 +13,23 @@ GenericOEPTracerData glbEntryTracerData = {}; // Global.FindOEP.functions: void GenericOEPVirtualProtectHit() { - - PBreakPointDetail bpxList = (PBreakPointDetail)BreakPointBuffer; MEMORY_BASIC_INFORMATION MemInfo; DWORD MaximumBreakPoints = 0; DWORD NewProtect = 0; DWORD OldProtect = 0; - while(MaximumBreakPoints < MAXIMUM_BREAKPOINTS) + int bpcount=BreakPointBuffer.size(); + for(int i=0; iBreakPointType == UE_MEMORY && bpxList->BreakPointActive == UE_BPXACTIVE) + BreakPointDetail curDetail=BreakPointBuffer.at(i); + if(curDetail.BreakPointType == UE_MEMORY && curDetail.BreakPointActive == UE_BPXACTIVE) { - VirtualQueryEx(dbgProcessInformation.hProcess, (LPVOID)bpxList->BreakPointAddress, &MemInfo, sizeof MEMORY_BASIC_INFORMATION); + VirtualQueryEx(dbgProcessInformation.hProcess, (LPVOID)curDetail.BreakPointAddress, &MemInfo, sizeof MEMORY_BASIC_INFORMATION); OldProtect = MemInfo.Protect; if(!(OldProtect & PAGE_GUARD)) { NewProtect = OldProtect ^ PAGE_GUARD; - VirtualProtectEx(dbgProcessInformation.hProcess, (LPVOID)bpxList->BreakPointAddress, bpxList->BreakPointSize, NewProtect, &OldProtect); + VirtualProtectEx(dbgProcessInformation.hProcess, (LPVOID)curDetail.BreakPointAddress, curDetail.BreakPointSize, NewProtect, &OldProtect); } } MaximumBreakPoints++; @@ -286,11 +285,11 @@ bool GenericOEPFileInitW(wchar_t* szFileName, LPVOID TraceInitCallBack, LPVOID C UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); if(glbEntryTracerData.FileIsDLL) { - return(false); + return false; } else { - return(true); + return true; } } else @@ -298,5 +297,5 @@ bool GenericOEPFileInitW(wchar_t* szFileName, LPVOID TraceInitCallBack, LPVOID C UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); } } - return(false); -} \ No newline at end of file + return false; +} diff --git a/TitanEngine/TitanEngine.Breakpoints.cpp b/TitanEngine/TitanEngine.Breakpoints.cpp index e1d4109..5cd1ce8 100644 --- a/TitanEngine/TitanEngine.Breakpoints.cpp +++ b/TitanEngine/TitanEngine.Breakpoints.cpp @@ -3,6 +3,7 @@ #include "Global.Breakpoints.h" #include "Global.Debugger.h" #include "Global.Engine.h" +#include "Global.Engine.Threading.h" static long engineDefaultBreakPointType = UE_BREAKPOINT_INT3; static BYTE UD2BreakPoint[2] = {0x0F, 0x0B}; @@ -13,86 +14,74 @@ __declspec(dllexport) void TITCALL SetBPXOptions(long DefaultBreakPointType) { engineDefaultBreakPointType = DefaultBreakPointType; } + __declspec(dllexport) bool TITCALL IsBPXEnabled(ULONG_PTR bpxAddress) { - - int i; + MutexLocker lock("BreakPointBuffer"); ULONG_PTR NumberOfBytesReadWritten = 0; DWORD MaximumBreakPoints = 0; BYTE ReadData[10] = {}; - - for(i = 0; i < BreakPointSetCount; i++) + int bpcount=BreakPointBuffer.size(); + for(int i=0; i> 24; - checkBpxType = checkBpxType << 24; - if(checkBpxType == UE_BREAKPOINT_TYPE_INT3) - { - SelectedBreakPointType = UE_BREAKPOINT_INT3; - BreakPointBuffer[i].BreakPointSize = 1; - bpxDataPrt = &INT3BreakPoint; - } - else if(checkBpxType == UE_BREAKPOINT_TYPE_LONG_INT3) - { - SelectedBreakPointType = UE_BREAKPOINT_LONG_INT3; - BreakPointBuffer[i].BreakPointSize = 2; - bpxDataPrt = &INT3LongBreakPoint; - } - else if(checkBpxType == UE_BREAKPOINT_TYPE_UD2) - { - SelectedBreakPointType = UE_BREAKPOINT_UD2; - BreakPointBuffer[i].BreakPointSize = 2; - bpxDataPrt = &UD2BreakPoint; - } + SelectedBreakPointType = UE_BREAKPOINT_LONG_INT3; + NewBreakPoint.BreakPointSize = 2; + bpxDataPrt = &INT3LongBreakPoint; } - bpxDataCmpPtr = (PMEMORY_COMPARE_HANDLER)bpxDataPrt; - VirtualQueryEx(dbgProcessInformation.hProcess, (LPVOID)bpxAddress, &MemInfo, sizeof MEMORY_BASIC_INFORMATION); - OldProtect = MemInfo.Protect; - VirtualProtectEx(dbgProcessInformation.hProcess, (LPVOID)bpxAddress, BreakPointBuffer[i].BreakPointSize, PAGE_EXECUTE_READWRITE, &OldProtect); - if(ReadProcessMemory(dbgProcessInformation.hProcess, (LPVOID)bpxAddress, &BreakPointBuffer[i].OriginalByte[0], BreakPointBuffer[i].BreakPointSize, &NumberOfBytesReadWritten)) + else if(engineDefaultBreakPointType == UE_BREAKPOINT_UD2) { - /*if(BreakPointBuffer[i].OriginalByte[0] != bpxDataCmpPtr->Array.bArrayEntry[0]) - {*/ - if(WriteProcessMemory(dbgProcessInformation.hProcess, (LPVOID)bpxAddress, bpxDataPrt, BreakPointBuffer[i].BreakPointSize, &NumberOfBytesReadWritten)) - { - BreakPointBuffer[i].AdvancedBreakPointType = (BYTE)SelectedBreakPointType; - BreakPointBuffer[i].BreakPointActive = UE_BPXACTIVE; - BreakPointBuffer[i].BreakPointAddress = bpxAddress; - BreakPointBuffer[i].BreakPointType = (BYTE)bpxType; - BreakPointBuffer[i].NumberOfExecutions = -1; - BreakPointBuffer[i].ExecuteCallBack = (ULONG_PTR)bpxCallBack; - VirtualProtectEx(dbgProcessInformation.hProcess, (LPVOID)bpxAddress, BreakPointBuffer[i].BreakPointSize, OldProtect, &OldProtect); - return(true); - } - else - { - VirtualProtectEx(dbgProcessInformation.hProcess, (LPVOID)bpxAddress, BreakPointBuffer[i].BreakPointSize, OldProtect, &OldProtect); - return(false); - } - /*} - else - { - VirtualProtectEx(dbgProcessInformation.hProcess, (LPVOID)bpxAddress, BreakPointBuffer[i].BreakPointSize, OldProtect, &OldProtect); - return(false); - }*/ - } - else - { - VirtualProtectEx(dbgProcessInformation.hProcess, (LPVOID)bpxAddress, BreakPointBuffer[i].BreakPointSize, OldProtect, &OldProtect); - return(false); + SelectedBreakPointType = UE_BREAKPOINT_UD2; + NewBreakPoint.BreakPointSize = 2; + bpxDataPrt = &UD2BreakPoint; } } else { - BreakPointSetCount--; - return(false); + checkBpxType = bpxType >> 24; + checkBpxType = checkBpxType << 24; + if(checkBpxType == UE_BREAKPOINT_TYPE_INT3) + { + SelectedBreakPointType = UE_BREAKPOINT_INT3; + NewBreakPoint.BreakPointSize = 1; + bpxDataPrt = &INT3BreakPoint; + } + else if(checkBpxType == UE_BREAKPOINT_TYPE_LONG_INT3) + { + SelectedBreakPointType = UE_BREAKPOINT_LONG_INT3; + NewBreakPoint.BreakPointSize = 2; + bpxDataPrt = &INT3LongBreakPoint; + } + else if(checkBpxType == UE_BREAKPOINT_TYPE_UD2) + { + SelectedBreakPointType = UE_BREAKPOINT_UD2; + NewBreakPoint.BreakPointSize = 2; + bpxDataPrt = &UD2BreakPoint; + } } + //set breakpoint in process + bpxDataCmpPtr = (PMEMORY_COMPARE_HANDLER)bpxDataPrt; + VirtualQueryEx(dbgProcessInformation.hProcess, (LPVOID)bpxAddress, &MemInfo, sizeof MEMORY_BASIC_INFORMATION); + OldProtect = MemInfo.Protect; + VirtualProtectEx(dbgProcessInformation.hProcess, (LPVOID)bpxAddress, NewBreakPoint.BreakPointSize, PAGE_EXECUTE_READWRITE, &OldProtect); + if(ReadProcessMemory(dbgProcessInformation.hProcess, (LPVOID)bpxAddress, &NewBreakPoint.OriginalByte[0], NewBreakPoint.BreakPointSize, &NumberOfBytesReadWritten)) + { + if(WriteProcessMemory(dbgProcessInformation.hProcess, (LPVOID)bpxAddress, bpxDataPrt, NewBreakPoint.BreakPointSize, &NumberOfBytesReadWritten)) + { + //add new breakpoint to the list + NewBreakPoint.AdvancedBreakPointType = SelectedBreakPointType&0xFF; + NewBreakPoint.BreakPointActive = UE_BPXACTIVE; + NewBreakPoint.BreakPointAddress = bpxAddress; + NewBreakPoint.BreakPointType = bpxType&0xFF; + NewBreakPoint.ExecuteCallBack = (ULONG_PTR)bpxCallBack; + BreakPointBuffer.push_back(NewBreakPoint); + VirtualProtectEx(dbgProcessInformation.hProcess, (LPVOID)bpxAddress, NewBreakPoint.BreakPointSize, OldProtect, &OldProtect); + return true; + } + else + { + VirtualProtectEx(dbgProcessInformation.hProcess, (LPVOID)bpxAddress, NewBreakPoint.BreakPointSize, OldProtect, &OldProtect); + return false; + } + } + VirtualProtectEx(dbgProcessInformation.hProcess, (LPVOID)bpxAddress, NewBreakPoint.BreakPointSize, OldProtect, &OldProtect); + return false; } -__declspec(dllexport) bool TITCALL SetBPXEx(ULONG_PTR bpxAddress, DWORD bpxType, DWORD NumberOfExecution, DWORD CmpRegister, DWORD CmpCondition, ULONG_PTR CmpValue, LPVOID bpxCallBack, LPVOID bpxCompareCallBack, LPVOID bpxRemoveCallBack) -{ - int i = 0; - int j = -1; - void* bpxDataPrt; - PMEMORY_COMPARE_HANDLER bpxDataCmpPtr; - MEMORY_BASIC_INFORMATION MemInfo; - ULONG_PTR NumberOfBytesReadWritten = 0; - BYTE SelectedBreakPointType; - DWORD checkBpxType; - DWORD OldProtect; - - if(bpxCallBack == NULL) - { - return(false); - } - for(i = 0; i < BreakPointSetCount; i++) - { - if(BreakPointBuffer[i].BreakPointAddress == bpxAddress && BreakPointBuffer[i].BreakPointActive == UE_BPXACTIVE) - { - return(true); - } - else if(BreakPointBuffer[i].BreakPointAddress == bpxAddress && BreakPointBuffer[i].BreakPointActive == UE_BPXINACTIVE) - { - return(EnableBPX(bpxAddress)); - } - else if(j == -1 && BreakPointBuffer[i].BreakPointActive == UE_BPXREMOVED) - { - j = i; - } - } - if(j == -1) - { - BreakPointSetCount++; - } - else - { - i = j; - } - if(i < MAXIMUM_BREAKPOINTS) - { - RtlZeroMemory(&BreakPointBuffer[i], sizeof BreakPointDetail); - if(bpxType < UE_BREAKPOINT_TYPE_INT3) - { - if(engineDefaultBreakPointType == UE_BREAKPOINT_INT3) - { - SelectedBreakPointType = UE_BREAKPOINT_INT3; - BreakPointBuffer[i].BreakPointSize = 1; - bpxDataPrt = &INT3BreakPoint; - } - else if(engineDefaultBreakPointType == UE_BREAKPOINT_LONG_INT3) - { - SelectedBreakPointType = UE_BREAKPOINT_LONG_INT3; - BreakPointBuffer[i].BreakPointSize = 2; - bpxDataPrt = &INT3LongBreakPoint; - } - else if(engineDefaultBreakPointType == UE_BREAKPOINT_UD2) - { - SelectedBreakPointType = UE_BREAKPOINT_UD2; - BreakPointBuffer[i].BreakPointSize = 2; - bpxDataPrt = &UD2BreakPoint; - } - } - else - { - checkBpxType = bpxType >> 24; - checkBpxType = checkBpxType << 24; - if(checkBpxType == UE_BREAKPOINT_TYPE_INT3) - { - SelectedBreakPointType = UE_BREAKPOINT_INT3; - BreakPointBuffer[i].BreakPointSize = 1; - bpxDataPrt = &INT3BreakPoint; - } - else if(checkBpxType == UE_BREAKPOINT_TYPE_LONG_INT3) - { - SelectedBreakPointType = UE_BREAKPOINT_LONG_INT3; - BreakPointBuffer[i].BreakPointSize = 2; - bpxDataPrt = &INT3LongBreakPoint; - } - else if(checkBpxType == UE_BREAKPOINT_TYPE_UD2) - { - SelectedBreakPointType = UE_BREAKPOINT_UD2; - BreakPointBuffer[i].BreakPointSize = 2; - bpxDataPrt = &UD2BreakPoint; - } - } - bpxDataCmpPtr = (PMEMORY_COMPARE_HANDLER)bpxDataPrt; - VirtualQueryEx(dbgProcessInformation.hProcess, (LPVOID)bpxAddress, &MemInfo, sizeof MEMORY_BASIC_INFORMATION); - OldProtect = MemInfo.Protect; - VirtualProtectEx(dbgProcessInformation.hProcess, (LPVOID)bpxAddress, BreakPointBuffer[i].BreakPointSize, PAGE_EXECUTE_READWRITE, &OldProtect); - if(ReadProcessMemory(dbgProcessInformation.hProcess, (LPVOID)bpxAddress, &BreakPointBuffer[i].OriginalByte[0], BreakPointBuffer[i].BreakPointSize, &NumberOfBytesReadWritten)) - { - /*if(BreakPointBuffer[i].OriginalByte[0] != bpxDataCmpPtr->Array.bArrayEntry[0]) - {*/ - if(WriteProcessMemory(dbgProcessInformation.hProcess, (LPVOID)bpxAddress, bpxDataPrt, BreakPointBuffer[i].BreakPointSize, &NumberOfBytesReadWritten)) - { - BreakPointBuffer[i].AdvancedBreakPointType = (BYTE)SelectedBreakPointType; - BreakPointBuffer[i].BreakPointActive = UE_BPXACTIVE; - BreakPointBuffer[i].BreakPointAddress = bpxAddress; - BreakPointBuffer[i].BreakPointType = (BYTE)bpxType; - BreakPointBuffer[i].NumberOfExecutions = NumberOfExecution; - BreakPointBuffer[i].CmpRegister = CmpRegister; - BreakPointBuffer[i].CmpCondition = (BYTE)CmpCondition; - BreakPointBuffer[i].CmpValue = CmpValue; - BreakPointBuffer[i].ExecuteCallBack = (ULONG_PTR)bpxCallBack; - BreakPointBuffer[i].RemoveCallBack = (ULONG_PTR)bpxRemoveCallBack; - BreakPointBuffer[i].CompareCallBack = (ULONG_PTR)bpxCompareCallBack; - VirtualProtectEx(dbgProcessInformation.hProcess, (LPVOID)bpxAddress, BreakPointBuffer[i].BreakPointSize, OldProtect, &OldProtect); - return(true); - } - else - { - VirtualProtectEx(dbgProcessInformation.hProcess, (LPVOID)bpxAddress, BreakPointBuffer[i].BreakPointSize, OldProtect, &OldProtect); - return(false); - } - /*} - else - { - VirtualProtectEx(dbgProcessInformation.hProcess, (LPVOID)bpxAddress, BreakPointBuffer[i].BreakPointSize, OldProtect, &OldProtect); - return(false); - }*/ - } - else - { - VirtualProtectEx(dbgProcessInformation.hProcess, (LPVOID)bpxAddress, BreakPointBuffer[i].BreakPointSize, OldProtect, &OldProtect); - return(false); - } - } - else - { - BreakPointSetCount--; - return(false); - } -} __declspec(dllexport) bool TITCALL DeleteBPX(ULONG_PTR bpxAddress) { - - int i; - typedef void(TITCALL *fCustomBreakPoint)(void* myBreakPointAddress); - fCustomBreakPoint myCustomBreakPoint; - MEMORY_BASIC_INFORMATION MemInfo; + MutexLocker lock("BreakPointBuffer"); ULONG_PTR NumberOfBytesReadWritten = 0; DWORD OldProtect; - - for(i = 0; i < BreakPointSetCount; i++) + int bpcount=BreakPointBuffer.size(); + int found=-1; + for(int i=0; i= 0; i--) + for(int i=bpcount-1; i>-1; i--) { - if(BreakPointBuffer[i].BreakPointType == UE_BREAKPOINT) + if(BreakPointBuffer.at(i).BreakPointType == UE_BREAKPOINT) { - DeleteBPX((ULONG_PTR)BreakPointBuffer[i].BreakPointAddress); + lock.unlock(); + DeleteBPX((ULONG_PTR)BreakPointBuffer.at(i).BreakPointAddress); + lock.relock(); } - else if(BreakPointBuffer[i].BreakPointType >= UE_MEMORY && BreakPointBuffer[i].BreakPointType <= UE_MEMORY_EXECUTE) + else if(BreakPointBuffer.at(i).BreakPointType == UE_MEMORY || + BreakPointBuffer.at(i).BreakPointType == UE_MEMORY_READ || + BreakPointBuffer.at(i).BreakPointType == UE_MEMORY_WRITE || + BreakPointBuffer.at(i).BreakPointType == UE_MEMORY_EXECUTE) { - RemoveMemoryBPX((ULONG_PTR)BreakPointBuffer[i].BreakPointAddress, BreakPointBuffer[i].BreakPointSize); + lock.unlock(); + RemoveMemoryBPX((ULONG_PTR)BreakPointBuffer.at(i).BreakPointAddress, BreakPointBuffer.at(i).BreakPointSize); + lock.relock(); } - else if(CurrentBreakPointSetCount == -1 && BreakPointBuffer[i].BreakPointActive != UE_BPXREMOVED) - { - CurrentBreakPointSetCount = BreakPointSetCount; - } - RtlZeroMemory(&BreakPointBuffer[i], sizeof BreakPointDetail); } DeleteHardwareBreakPoint(UE_DR0); DeleteHardwareBreakPoint(UE_DR1); DeleteHardwareBreakPoint(UE_DR2); DeleteHardwareBreakPoint(UE_DR3); - BreakPointSetCount = 0; - return(true); + return true; } else if(RemoveOption == UE_OPTION_DISABLEALL) { - for(i = BreakPointSetCount - 1; i >= 0; i--) + for(int i=bpcount-1; i>-1; i--) { - if(BreakPointBuffer[i].BreakPointType == UE_BREAKPOINT && BreakPointBuffer[i].BreakPointActive == UE_BPXACTIVE) + if(BreakPointBuffer.at(i).BreakPointType == UE_BREAKPOINT && BreakPointBuffer.at(i).BreakPointActive == UE_BPXACTIVE) { - DisableBPX((ULONG_PTR)BreakPointBuffer[i].BreakPointAddress); + lock.unlock(); + DisableBPX((ULONG_PTR)BreakPointBuffer.at(i).BreakPointAddress); + lock.relock(); } - else if(BreakPointBuffer[i].BreakPointType >= UE_MEMORY && BreakPointBuffer[i].BreakPointType <= UE_MEMORY_EXECUTE) + else if(BreakPointBuffer.at(i).BreakPointType == UE_MEMORY || + BreakPointBuffer.at(i).BreakPointType == UE_MEMORY_READ || + BreakPointBuffer.at(i).BreakPointType == UE_MEMORY_WRITE || + BreakPointBuffer.at(i).BreakPointType == UE_MEMORY_EXECUTE) { - RemoveMemoryBPX((ULONG_PTR)BreakPointBuffer[i].BreakPointAddress, BreakPointBuffer[i].BreakPointSize); - RtlZeroMemory(&BreakPointBuffer[i], sizeof BreakPointDetail); + lock.unlock(); + RemoveMemoryBPX((ULONG_PTR)BreakPointBuffer.at(i).BreakPointAddress, BreakPointBuffer.at(i).BreakPointSize); + lock.relock(); } } - return(true); + return true; } else if(RemoveOption == UE_OPTION_REMOVEALLDISABLED) { - for(i = BreakPointSetCount - 1; i >= 0; i--) + for(int i=bpcount-1; i>-1; i--) { - if(BreakPointBuffer[i].BreakPointType == UE_BREAKPOINT && BreakPointBuffer[i].BreakPointActive == UE_BPXINACTIVE) + if(BreakPointBuffer.at(i).BreakPointType == UE_BREAKPOINT && BreakPointBuffer.at(i).BreakPointActive == UE_BPXINACTIVE) { - DeleteBPX((ULONG_PTR)BreakPointBuffer[i].BreakPointAddress); - } - else if(CurrentBreakPointSetCount == -1 && BreakPointBuffer[i].BreakPointActive != UE_BPXREMOVED) - { - CurrentBreakPointSetCount = BreakPointSetCount; + lock.unlock(); + DeleteBPX((ULONG_PTR)BreakPointBuffer.at(i).BreakPointAddress); + lock.relock(); } } - if(CurrentBreakPointSetCount == -1) - { - BreakPointSetCount = 0; - } - else - { - BreakPointSetCount = CurrentBreakPointSetCount; - } - return(true); + return true; } else if(RemoveOption == UE_OPTION_REMOVEALLENABLED) { - for(i = BreakPointSetCount - 1; i >= 0; i--) + for(int i=bpcount-1; i>-1; i--) { - if(BreakPointBuffer[i].BreakPointType == UE_BREAKPOINT && BreakPointBuffer[i].BreakPointActive == UE_BPXACTIVE) + if(BreakPointBuffer.at(i).BreakPointType == UE_BREAKPOINT && BreakPointBuffer.at(i).BreakPointActive == UE_BPXACTIVE) { - DeleteBPX((ULONG_PTR)BreakPointBuffer[i].BreakPointAddress); - } - else if(CurrentBreakPointSetCount == -1 && BreakPointBuffer[i].BreakPointActive != UE_BPXREMOVED) - { - CurrentBreakPointSetCount = BreakPointSetCount; + lock.unlock(); + DeleteBPX((ULONG_PTR)BreakPointBuffer.at(i).BreakPointAddress); + lock.relock(); } } - if(CurrentBreakPointSetCount == -1) - { - BreakPointSetCount = 0; - } - else - { - BreakPointSetCount = CurrentBreakPointSetCount; - } - return(true); + return true; } - return(false); -} \ No newline at end of file + return false; +} diff --git a/TitanEngine/TitanEngine.Debugger.Context.cpp b/TitanEngine/TitanEngine.Debugger.Context.cpp index 5798eee..52f4352 100644 --- a/TitanEngine/TitanEngine.Debugger.Context.cpp +++ b/TitanEngine/TitanEngine.Debugger.Context.cpp @@ -319,7 +319,7 @@ __declspec(dllexport) bool TITCALL SetContextFPUDataEx(HANDLE hActiveThread, voi RtlZeroMemory(&DBGContext, sizeof CONTEXT); DBGContext.ContextFlags = CONTEXT_ALL; if(!GetThreadContext(hActiveThread, &DBGContext)) - return(false); + return false; #ifndef _WIN64 RtlMoveMemory(&DBGContext.FloatSave, FPUSaveArea, sizeof FLOATING_SAVE_AREA); #else @@ -636,4 +636,4 @@ __declspec(dllexport) bool TITCALL SetContextData(DWORD IndexOfRegister, ULONG_P bool ContextReturn = SetContextDataEx(hActiveThread, IndexOfRegister, NewRegisterValue); EngineCloseHandle(hActiveThread); return(ContextReturn); -} \ No newline at end of file +} diff --git a/TitanEngine/TitanEngine.Debugger.DebugLoop.cpp b/TitanEngine/TitanEngine.Debugger.DebugLoop.cpp index ef49aa9..5138b81 100644 --- a/TitanEngine/TitanEngine.Debugger.DebugLoop.cpp +++ b/TitanEngine/TitanEngine.Debugger.DebugLoop.cpp @@ -17,7 +17,6 @@ static DWORD engineWaitForDebugEventTimeOut = INFINITE; __declspec(dllexport) void TITCALL DebugLoop() { - int i = NULL; int j = NULL; int k = NULL; bool FirstBPX = true; @@ -47,7 +46,7 @@ __declspec(dllexport) void TITCALL DebugLoop() ULONG_PTR ResetBPXAddressTo = 0; ULONG_PTR ResetMemBPXAddress = 0; SIZE_T ResetMemBPXSize = 0; - int MaximumBreakPoints = 0; + //int MaximumBreakPoints = 0; ULONG_PTR NumberOfBytesReadWritten = 0; MEMORY_BASIC_INFORMATION MemInfo; HANDLE hActiveThread; @@ -348,7 +347,7 @@ __declspec(dllexport) void TITCALL DebugLoop() hListLibraryPtr->hFileMappingView = hFileMappingView; if(GetMappedFileNameW(GetCurrentProcess(), hFileMappingView, DLLDebugFileName, sizeof(DLLDebugFileName)/sizeof(DLLDebugFileName[0])) > NULL) { - i = lstrlenW(DLLDebugFileName); + int i = lstrlenW(DLLDebugFileName); while(DLLDebugFileName[i] != 0x5C && i >= NULL) { i--; @@ -567,201 +566,75 @@ __declspec(dllexport) void TITCALL DebugLoop() { case STATUS_BREAKPOINT: { - MaximumBreakPoints = 0; - for(MaximumBreakPoints = 0; MaximumBreakPoints < BreakPointSetCount; MaximumBreakPoints++) + bool bFoundBreakPoint=false; + BreakPointDetail FoundBreakPoint; + int bpcount=BreakPointBuffer.size(); + for(int i=0; i 0)) + VirtualProtectEx(dbgProcessInformation.hProcess, (LPVOID)FoundBreakPoint.BreakPointAddress, FoundBreakPoint.BreakPointSize, PAGE_EXECUTE_READWRITE, &OldProtect); + if(WriteProcessMemory(dbgProcessInformation.hProcess, (LPVOID)FoundBreakPoint.BreakPointAddress, &FoundBreakPoint.OriginalByte[0], FoundBreakPoint.BreakPointSize, &NumberOfBytesReadWritten)) { - if(WriteProcessMemory(dbgProcessInformation.hProcess, (LPVOID)BreakPointBuffer[MaximumBreakPoints].BreakPointAddress, &BreakPointBuffer[MaximumBreakPoints].OriginalByte[0], BreakPointBuffer[MaximumBreakPoints].BreakPointSize, &NumberOfBytesReadWritten)) + DBGCode = DBG_CONTINUE; + hActiveThread = OpenThread(THREAD_GET_CONTEXT|THREAD_SET_CONTEXT, false, DBGEvent.dwThreadId); + myDBGContext.ContextFlags = CONTEXT_CONTROL; + GetThreadContext(hActiveThread, &myDBGContext); + if(FoundBreakPoint.BreakPointType != UE_SINGLESHOOT) { - DBGCode = DBG_CONTINUE; - hActiveThread = OpenThread(THREAD_GET_CONTEXT|THREAD_SET_CONTEXT|THREAD_QUERY_INFORMATION, false, DBGEvent.dwThreadId); - myDBGContext.ContextFlags = CONTEXT_CONTROL; - GetThreadContext(hActiveThread, &myDBGContext); - if(BreakPointBuffer[MaximumBreakPoints].BreakPointType != UE_SINGLESHOOT) + if(!(myDBGContext.EFlags & 0x100)) { - if(!(myDBGContext.EFlags & 0x100)) - { - myDBGContext.EFlags = myDBGContext.EFlags ^ 0x100; - } - } - if(!(myDBGContext.EFlags & 0x10000)) - { - myDBGContext.EFlags = myDBGContext.EFlags ^ 0x10000; + myDBGContext.EFlags = myDBGContext.EFlags ^ 0x100; } + } + if(!(myDBGContext.EFlags & 0x10000)) + { + myDBGContext.EFlags = myDBGContext.EFlags ^ 0x10000; + } #if defined(_WIN64) - myDBGContext.Rip = myDBGContext.Rip - BreakPointBuffer[MaximumBreakPoints].BreakPointSize; + myDBGContext.Rip = myDBGContext.Rip - FoundBreakPoint.BreakPointSize; #else - myDBGContext.Eip = myDBGContext.Eip - BreakPointBuffer[MaximumBreakPoints].BreakPointSize; + myDBGContext.Eip = myDBGContext.Eip - FoundBreakPoint.BreakPointSize; #endif - SetThreadContext(hActiveThread, &myDBGContext); - EngineCloseHandle(hActiveThread); - VirtualProtectEx(dbgProcessInformation.hProcess, (LPVOID)BreakPointBuffer[MaximumBreakPoints].BreakPointAddress, BreakPointBuffer[MaximumBreakPoints].BreakPointSize, OldProtect, &OldProtect); - myCustomBreakPoint = (fCustomBreakPoint)((LPVOID)BreakPointBuffer[MaximumBreakPoints].ExecuteCallBack); - if(BreakPointBuffer[MaximumBreakPoints].NumberOfExecutions != -1 && BreakPointBuffer[MaximumBreakPoints].NumberOfExecutions != 0) - { - BreakPointBuffer[MaximumBreakPoints].NumberOfExecutions--; - } - if(BreakPointBuffer[MaximumBreakPoints].CmpCondition != UE_CMP_NOCONDITION) - { - CompareResult = false; - CmpValue1 = (ULONG_PTR)GetContextData((DWORD)BreakPointBuffer[MaximumBreakPoints].CmpRegister); - myCustomBreakPoint = (fCustomBreakPoint)((LPVOID)BreakPointBuffer[MaximumBreakPoints].CompareCallBack); - if(BreakPointBuffer[MaximumBreakPoints].CmpCondition == UE_CMP_EQUAL) - { - CmpValue2 = BreakPointBuffer[MaximumBreakPoints].CmpValue; - if(CmpValue1 == CmpValue2) - { - CompareResult = true; - } - } - else if(BreakPointBuffer[MaximumBreakPoints].CmpCondition == UE_CMP_NOTEQUAL) - { - CmpValue2 = BreakPointBuffer[MaximumBreakPoints].CmpValue; - if(CmpValue1 != CmpValue2) - { - CompareResult = true; - } - } - else if(BreakPointBuffer[MaximumBreakPoints].CmpCondition == UE_CMP_GREATER) - { - CmpValue2 = BreakPointBuffer[MaximumBreakPoints].CmpValue; - if(CmpValue1 > CmpValue2) - { - CompareResult = true; - } - } - else if(BreakPointBuffer[MaximumBreakPoints].CmpCondition == UE_CMP_GREATEROREQUAL) - { - CmpValue2 = BreakPointBuffer[MaximumBreakPoints].CmpValue; - if(CmpValue1 >= CmpValue2) - { - CompareResult = true; - } - } - else if(BreakPointBuffer[MaximumBreakPoints].CmpCondition == UE_CMP_LOWER) - { - CmpValue2 = BreakPointBuffer[MaximumBreakPoints].CmpValue; - if(CmpValue1 < CmpValue2) - { - CompareResult = true; - } - } - else if(BreakPointBuffer[MaximumBreakPoints].CmpCondition == UE_CMP_LOWEROREQUAL) - { - CmpValue2 = BreakPointBuffer[MaximumBreakPoints].CmpValue; - if(CmpValue1 <= CmpValue2) - { - CompareResult = true; - } - } - else if(BreakPointBuffer[MaximumBreakPoints].CmpCondition == UE_CMP_REG_EQUAL) - { - CmpValue2 = (ULONG_PTR)GetContextData((DWORD)BreakPointBuffer[MaximumBreakPoints].CmpValue); - if(CmpValue1 == CmpValue2) - { - CompareResult = true; - } - } - else if(BreakPointBuffer[MaximumBreakPoints].CmpCondition == UE_CMP_REG_NOTEQUAL) - { - CmpValue2 = (ULONG_PTR)GetContextData((DWORD)BreakPointBuffer[MaximumBreakPoints].CmpValue); - if(CmpValue1 != CmpValue2) - { - CompareResult = true; - } - } - else if(BreakPointBuffer[MaximumBreakPoints].CmpCondition == UE_CMP_REG_GREATER) - { - CmpValue2 = (ULONG_PTR)GetContextData((DWORD)BreakPointBuffer[MaximumBreakPoints].CmpValue); - if(CmpValue1 > CmpValue2) - { - CompareResult = true; - } - } - else if(BreakPointBuffer[MaximumBreakPoints].CmpCondition == UE_CMP_REG_GREATEROREQUAL) - { - CmpValue2 = (ULONG_PTR)GetContextData((DWORD)BreakPointBuffer[MaximumBreakPoints].CmpValue); - if(CmpValue1 >= CmpValue2) - { - CompareResult = true; - } - } - else if(BreakPointBuffer[MaximumBreakPoints].CmpCondition == UE_CMP_REG_LOWER) - { - CmpValue2 = (ULONG_PTR)GetContextData((DWORD)BreakPointBuffer[MaximumBreakPoints].CmpValue); - if(CmpValue1 < CmpValue2) - { - CompareResult = true; - } - } - else if(BreakPointBuffer[MaximumBreakPoints].CmpCondition == UE_CMP_REG_LOWEROREQUAL) - { - CmpValue2 = (ULONG_PTR)GetContextData((DWORD)BreakPointBuffer[MaximumBreakPoints].CmpValue); - if(CmpValue1 <= CmpValue2) - { - CompareResult = true; - } - } - if(CompareResult) - { - __try - { - myCustomBreakPoint(); - } - __except(EXCEPTION_EXECUTE_HANDLER) - { + SetThreadContext(hActiveThread, &myDBGContext); + EngineCloseHandle(hActiveThread); + VirtualProtectEx(dbgProcessInformation.hProcess, (LPVOID)FoundBreakPoint.BreakPointAddress, FoundBreakPoint.BreakPointSize, OldProtect, &OldProtect); + myCustomBreakPoint = (fCustomBreakPoint)((LPVOID)FoundBreakPoint.ExecuteCallBack); + //execute callback + __try + { + myCustomBreakPoint(); + } + __except(EXCEPTION_EXECUTE_HANDLER) + { - } - } - } - else - { - __try - { - myCustomBreakPoint(); - } - __except(EXCEPTION_EXECUTE_HANDLER) - { - - } - } - if(BreakPointBuffer[MaximumBreakPoints].BreakPointType != UE_SINGLESHOOT) - { - DisableBPX((ULONG_PTR)BreakPointBuffer[MaximumBreakPoints].BreakPointAddress); - ResetBPXSize = BreakPointBuffer[MaximumBreakPoints].BreakPointSize - 1; - ResetBPXAddressTo = (ULONG_PTR)BreakPointBuffer[MaximumBreakPoints].BreakPointAddress; - ResetBPX = true; - } - else - { - DeleteBPX((ULONG_PTR)BreakPointBuffer[MaximumBreakPoints].BreakPointAddress); - ResetBPXSize = BreakPointBuffer[MaximumBreakPoints].BreakPointSize - 1; - ResetBPXAddressTo = NULL; - ResetBPX = false; - } + } + if(FoundBreakPoint.BreakPointType != UE_SINGLESHOOT) + { + DisableBPX((ULONG_PTR)FoundBreakPoint.BreakPointAddress); + ResetBPXSize = FoundBreakPoint.BreakPointSize - 1; + ResetBPXAddressTo = (ULONG_PTR)FoundBreakPoint.BreakPointAddress; + ResetBPX = true; } else { - VirtualProtectEx(dbgProcessInformation.hProcess, (LPVOID)BreakPointBuffer[MaximumBreakPoints].BreakPointAddress, BreakPointBuffer[MaximumBreakPoints].BreakPointSize, OldProtect, &OldProtect); - DBGCode = DBG_CONTINUE; + DeleteBPX((ULONG_PTR)FoundBreakPoint.BreakPointAddress); + ResetBPXSize = FoundBreakPoint.BreakPointSize - 1; + ResetBPXAddressTo = NULL; + ResetBPX = false; } } else - { - VirtualProtectEx(dbgProcessInformation.hProcess, (LPVOID)BreakPointBuffer[MaximumBreakPoints].BreakPointAddress, BreakPointBuffer[MaximumBreakPoints].BreakPointSize, OldProtect, &OldProtect); - DBGCode = DBG_EXCEPTION_NOT_HANDLED; - } + VirtualProtectEx(dbgProcessInformation.hProcess, (LPVOID)FoundBreakPoint.BreakPointAddress, FoundBreakPoint.BreakPointSize, OldProtect, &OldProtect); } else //breakpoint not in list { @@ -807,7 +680,7 @@ __declspec(dllexport) void TITCALL DebugLoop() } if(engineTLSBreakOnCallBack) //set TLS callback breakpoints { - i = NULL; + int i = NULL; while(tlsCallBackList[i] != NULL) { SetBPX((ULONG_PTR)tlsCallBackList[i], UE_SINGLESHOOT, (LPVOID)engineTLSBreakOnCallBackAddress); @@ -1115,47 +988,80 @@ __declspec(dllexport) void TITCALL DebugLoop() case STATUS_GUARD_PAGE_VIOLATION: { - MemoryBpxFound = false; - MaximumBreakPoints = 0; ULONG_PTR bpaddr; - for(MaximumBreakPoints = 0; MaximumBreakPoints < BreakPointSetCount; MaximumBreakPoints++) + bool bFoundBreakPoint=false; + BreakPointDetail FoundBreakPoint; + int bpcount=BreakPointBuffer.size(); + for(int i=0; i= UE_MEMORY) && (BreakPointBuffer[MaximumBreakPoints].BreakPointType <= UE_MEMORY_EXECUTE)) && bpaddr>=addr && bpaddr<(addr+BreakPointBuffer[MaximumBreakPoints].BreakPointSize)) + if(bpaddr>=addr && bpaddr<(addr+BreakPointBuffer.at(i).BreakPointSize) && + (BreakPointBuffer.at(i).BreakPointType == UE_MEMORY || + BreakPointBuffer.at(i).BreakPointType == UE_MEMORY_READ || + BreakPointBuffer.at(i).BreakPointType == UE_MEMORY_WRITE || + BreakPointBuffer.at(i).BreakPointType == UE_MEMORY_EXECUTE) && + BreakPointBuffer.at(i).BreakPointActive == UE_BPXACTIVE) { - MemoryBpxFound = true; + FoundBreakPoint=BreakPointBuffer.at(i); + bFoundBreakPoint=true; break; } } - if(MaximumBreakPoints < MAXIMUM_BREAKPOINTS || MemoryBpxFound == true) //found memory breakpoint + if(bFoundBreakPoint) //found memory breakpoint { - if(BreakPointBuffer[MaximumBreakPoints].BreakPointActive == UE_BPXACTIVE) //memory breakpoint is active + hActiveThread = OpenThread(THREAD_GET_CONTEXT|THREAD_SET_CONTEXT, false, DBGEvent.dwThreadId); + myDBGContext.ContextFlags = CONTEXT_CONTROL; + GetThreadContext(hActiveThread, &myDBGContext); + DBGCode = DBG_CONTINUE; //debugger handled the exception + MemoryBpxCallBack = FoundBreakPoint.ExecuteCallBack; + if(FoundBreakPoint.BreakPointType == UE_MEMORY) //READ|WRITE|EXECUTE { - hActiveThread = OpenThread(THREAD_GET_CONTEXT|THREAD_SET_CONTEXT|THREAD_QUERY_INFORMATION, false, DBGEvent.dwThreadId); - myDBGContext.ContextFlags = CONTEXT_CONTROL; - GetThreadContext(hActiveThread, &myDBGContext); - DBGCode = DBG_CONTINUE; //debugger handled the exception - MemoryBpxCallBack = BreakPointBuffer[MaximumBreakPoints].ExecuteCallBack; - if(BreakPointBuffer[MaximumBreakPoints].BreakPointType == UE_MEMORY) //READ|WRITE|EXECUTE + if(FoundBreakPoint.MemoryBpxRestoreOnHit != 1) { - if(BreakPointBuffer[MaximumBreakPoints].MemoryBpxRestoreOnHit != 1) + RemoveMemoryBPX(FoundBreakPoint.BreakPointAddress, FoundBreakPoint.BreakPointSize); + } + else + { + if(!(myDBGContext.EFlags & 0x100)) { - RemoveMemoryBPX(BreakPointBuffer[MaximumBreakPoints].BreakPointAddress, BreakPointBuffer[MaximumBreakPoints].BreakPointSize); + myDBGContext.EFlags = myDBGContext.EFlags ^ 0x100; } - else + SetThreadContext(hActiveThread, &myDBGContext); + ResetMemBPXAddress = FoundBreakPoint.BreakPointAddress; + ResetMemBPXSize = FoundBreakPoint.BreakPointSize; + ResetMemBPX = true; + } + myCustomHandler = (fCustomHandler)(MemoryBpxCallBack); + __try + { + myCustomHandler((void*)bpaddr); + } + __except(EXCEPTION_EXECUTE_HANDLER) + { + + } + } + else if(FoundBreakPoint.BreakPointType == UE_MEMORY_READ) //READ + { + if(FoundBreakPoint.MemoryBpxRestoreOnHit != 1) //do not restore the memory breakpoint + { + if(DBGEvent.u.Exception.ExceptionRecord.ExceptionInformation[0] == 0) //read operation + RemoveMemoryBPX(FoundBreakPoint.BreakPointAddress, FoundBreakPoint.BreakPointSize); + } + else //restore the memory breakpoint + { + if(!(myDBGContext.EFlags & 0x100)) { - if(!(myDBGContext.EFlags & 0x100)) - { - myDBGContext.EFlags = myDBGContext.EFlags ^ 0x100; - } - SetThreadContext(hActiveThread, &myDBGContext); - ResetMemBPXAddress = BreakPointBuffer[MaximumBreakPoints].BreakPointAddress; - ResetMemBPXSize = BreakPointBuffer[MaximumBreakPoints].BreakPointSize; - ResetMemBPX = true; + myDBGContext.EFlags = myDBGContext.EFlags ^ 0x100; } + SetThreadContext(hActiveThread, &myDBGContext); + ResetMemBPXAddress = FoundBreakPoint.BreakPointAddress; + ResetMemBPXSize = FoundBreakPoint.BreakPointSize; + ResetMemBPX = true; + } + if(DBGEvent.u.Exception.ExceptionRecord.ExceptionInformation[0] == 0) //read operation + { myCustomHandler = (fCustomHandler)(MemoryBpxCallBack); __try { @@ -1166,140 +1072,105 @@ __declspec(dllexport) void TITCALL DebugLoop() } } - else if(BreakPointBuffer[MaximumBreakPoints].BreakPointType == UE_MEMORY_READ) //READ + else //no read operation, restore breakpoint { - if(BreakPointBuffer[MaximumBreakPoints].MemoryBpxRestoreOnHit != 1) //do not restore the memory breakpoint + if(!(myDBGContext.EFlags & 0x100)) { - if(DBGEvent.u.Exception.ExceptionRecord.ExceptionInformation[0] == 0) //read operation - RemoveMemoryBPX(BreakPointBuffer[MaximumBreakPoints].BreakPointAddress, BreakPointBuffer[MaximumBreakPoints].BreakPointSize); - } - else //restore the memory breakpoint - { - if(!(myDBGContext.EFlags & 0x100)) - { - myDBGContext.EFlags = myDBGContext.EFlags ^ 0x100; - } - SetThreadContext(hActiveThread, &myDBGContext); - ResetMemBPXAddress = BreakPointBuffer[MaximumBreakPoints].BreakPointAddress; - ResetMemBPXSize = BreakPointBuffer[MaximumBreakPoints].BreakPointSize; - ResetMemBPX = true; - } - if(DBGEvent.u.Exception.ExceptionRecord.ExceptionInformation[0] == 0) //read operation - { - myCustomHandler = (fCustomHandler)(MemoryBpxCallBack); - __try - { - myCustomHandler((void*)bpaddr); - } - __except(EXCEPTION_EXECUTE_HANDLER) - { - - } - } - else //no read operation, restore breakpoint - { - if(!(myDBGContext.EFlags & 0x100)) - { - myDBGContext.EFlags = myDBGContext.EFlags ^ 0x100; - } - SetThreadContext(hActiveThread, &myDBGContext); - ResetMemBPXAddress = BreakPointBuffer[MaximumBreakPoints].BreakPointAddress; - ResetMemBPXSize = BreakPointBuffer[MaximumBreakPoints].BreakPointSize; - ResetMemBPX = true; + myDBGContext.EFlags = myDBGContext.EFlags ^ 0x100; } + SetThreadContext(hActiveThread, &myDBGContext); + ResetMemBPXAddress = FoundBreakPoint.BreakPointAddress; + ResetMemBPXSize = FoundBreakPoint.BreakPointSize; + ResetMemBPX = true; } - else if(BreakPointBuffer[MaximumBreakPoints].BreakPointType == UE_MEMORY_WRITE) //WRITE + } + else if(FoundBreakPoint.BreakPointType == UE_MEMORY_WRITE) //WRITE + { + if(FoundBreakPoint.MemoryBpxRestoreOnHit != 1) //remove breakpoint { - if(BreakPointBuffer[MaximumBreakPoints].MemoryBpxRestoreOnHit != 1) //remove breakpoint - { - if(DBGEvent.u.Exception.ExceptionRecord.ExceptionInformation[0] == 1) //write operation - RemoveMemoryBPX(BreakPointBuffer[MaximumBreakPoints].BreakPointAddress, BreakPointBuffer[MaximumBreakPoints].BreakPointSize); - } - else //restore breakpoint after trap flag - { - if(!(myDBGContext.EFlags & 0x100)) - { - myDBGContext.EFlags = myDBGContext.EFlags ^ 0x100; - } - SetThreadContext(hActiveThread, &myDBGContext); - ResetMemBPXAddress = BreakPointBuffer[MaximumBreakPoints].BreakPointAddress; - ResetMemBPXSize = BreakPointBuffer[MaximumBreakPoints].BreakPointSize; - ResetMemBPX = true; - } if(DBGEvent.u.Exception.ExceptionRecord.ExceptionInformation[0] == 1) //write operation + RemoveMemoryBPX(FoundBreakPoint.BreakPointAddress, FoundBreakPoint.BreakPointSize); + } + else //restore breakpoint after trap flag + { + if(!(myDBGContext.EFlags & 0x100)) { - myCustomHandler = (fCustomHandler)(MemoryBpxCallBack); - __try - { - myCustomHandler((void*)bpaddr); - } - __except(EXCEPTION_EXECUTE_HANDLER) - { - - } + myDBGContext.EFlags = myDBGContext.EFlags ^ 0x100; } - else //no write operation, restore breakpoint + SetThreadContext(hActiveThread, &myDBGContext); + ResetMemBPXAddress = FoundBreakPoint.BreakPointAddress; + ResetMemBPXSize = FoundBreakPoint.BreakPointSize; + ResetMemBPX = true; + } + if(DBGEvent.u.Exception.ExceptionRecord.ExceptionInformation[0] == 1) //write operation + { + myCustomHandler = (fCustomHandler)(MemoryBpxCallBack); + __try { - if(!(myDBGContext.EFlags & 0x100)) - { - myDBGContext.EFlags = myDBGContext.EFlags ^ 0x100; - } - SetThreadContext(hActiveThread, &myDBGContext); - ResetMemBPXAddress = BreakPointBuffer[MaximumBreakPoints].BreakPointAddress; - ResetMemBPXSize = BreakPointBuffer[MaximumBreakPoints].BreakPointSize; - ResetMemBPX = true; + myCustomHandler((void*)bpaddr); + } + __except(EXCEPTION_EXECUTE_HANDLER) + { + } } - else if(BreakPointBuffer[MaximumBreakPoints].BreakPointType == UE_MEMORY_EXECUTE) //EXECUTE + else //no write operation, restore breakpoint { - if(BreakPointBuffer[MaximumBreakPoints].MemoryBpxRestoreOnHit != 1) + if(!(myDBGContext.EFlags & 0x100)) { - if(DBGEvent.u.Exception.ExceptionRecord.ExceptionInformation[0] == 8 && //data execution prevention (DEP) violation - (ULONG_PTR)DBGEvent.u.Exception.ExceptionRecord.ExceptionAddress == DBGEvent.u.Exception.ExceptionRecord.ExceptionInformation[1]) //exception address == read address - RemoveMemoryBPX(BreakPointBuffer[MaximumBreakPoints].BreakPointAddress, BreakPointBuffer[MaximumBreakPoints].BreakPointSize); - } - else - { - if(!(myDBGContext.EFlags & 0x100)) - { - myDBGContext.EFlags = myDBGContext.EFlags ^ 0x100; - } - SetThreadContext(hActiveThread, &myDBGContext); - ResetMemBPXAddress = BreakPointBuffer[MaximumBreakPoints].BreakPointAddress; - ResetMemBPXSize = BreakPointBuffer[MaximumBreakPoints].BreakPointSize; - ResetMemBPX = true; + myDBGContext.EFlags = myDBGContext.EFlags ^ 0x100; } + SetThreadContext(hActiveThread, &myDBGContext); + ResetMemBPXAddress = FoundBreakPoint.BreakPointAddress; + ResetMemBPXSize = FoundBreakPoint.BreakPointSize; + ResetMemBPX = true; + } + } + else if(FoundBreakPoint.BreakPointType == UE_MEMORY_EXECUTE) //EXECUTE + { + if(FoundBreakPoint.MemoryBpxRestoreOnHit != 1) + { if(DBGEvent.u.Exception.ExceptionRecord.ExceptionInformation[0] == 8 && //data execution prevention (DEP) violation (ULONG_PTR)DBGEvent.u.Exception.ExceptionRecord.ExceptionAddress == DBGEvent.u.Exception.ExceptionRecord.ExceptionInformation[1]) //exception address == read address + RemoveMemoryBPX(FoundBreakPoint.BreakPointAddress, FoundBreakPoint.BreakPointSize); + } + else + { + if(!(myDBGContext.EFlags & 0x100)) { - myCustomHandler = (fCustomHandler)(MemoryBpxCallBack); - __try - { - myCustomHandler((void*)bpaddr); - } - __except(EXCEPTION_EXECUTE_HANDLER) - { - - } + myDBGContext.EFlags = myDBGContext.EFlags ^ 0x100; } - else //no execute operation, restore breakpoint + SetThreadContext(hActiveThread, &myDBGContext); + ResetMemBPXAddress = FoundBreakPoint.BreakPointAddress; + ResetMemBPXSize = FoundBreakPoint.BreakPointSize; + ResetMemBPX = true; + } + if(DBGEvent.u.Exception.ExceptionRecord.ExceptionInformation[0] == 8 && //data execution prevention (DEP) violation + (ULONG_PTR)DBGEvent.u.Exception.ExceptionRecord.ExceptionAddress == DBGEvent.u.Exception.ExceptionRecord.ExceptionInformation[1]) //exception address == read address + { + myCustomHandler = (fCustomHandler)(MemoryBpxCallBack); + __try { - if(!(myDBGContext.EFlags & 0x100)) - { - myDBGContext.EFlags = myDBGContext.EFlags ^ 0x100; - } - SetThreadContext(hActiveThread, &myDBGContext); - ResetMemBPXAddress = BreakPointBuffer[MaximumBreakPoints].BreakPointAddress; - ResetMemBPXSize = BreakPointBuffer[MaximumBreakPoints].BreakPointSize; - ResetMemBPX = true; + myCustomHandler((void*)bpaddr); + } + __except(EXCEPTION_EXECUTE_HANDLER) + { + } } - EngineCloseHandle(hActiveThread); - } - else - { - DBGCode = DBG_EXCEPTION_NOT_HANDLED; //debugger did not handle the exception + else //no execute operation, restore breakpoint + { + if(!(myDBGContext.EFlags & 0x100)) + { + myDBGContext.EFlags = myDBGContext.EFlags ^ 0x100; + } + SetThreadContext(hActiveThread, &myDBGContext); + ResetMemBPXAddress = FoundBreakPoint.BreakPointAddress; + ResetMemBPXSize = FoundBreakPoint.BreakPointSize; + ResetMemBPX = true; + } } + EngineCloseHandle(hActiveThread); } else //no memory breakpoint found { @@ -1346,201 +1217,74 @@ __declspec(dllexport) void TITCALL DebugLoop() case STATUS_ILLEGAL_INSTRUCTION: { //UD2 breakpoint - MaximumBreakPoints = 0; - for(MaximumBreakPoints = 0; MaximumBreakPoints < BreakPointSetCount; MaximumBreakPoints++) + bool bFoundBreakPoint=false; + BreakPointDetail FoundBreakPoint; + int bpcount=BreakPointBuffer.size(); + for(int i=0; i 0)) + VirtualProtectEx(dbgProcessInformation.hProcess, (LPVOID)FoundBreakPoint.BreakPointAddress, FoundBreakPoint.BreakPointSize, PAGE_EXECUTE_READWRITE, &OldProtect); + if(WriteProcessMemory(dbgProcessInformation.hProcess, (LPVOID)FoundBreakPoint.BreakPointAddress, &FoundBreakPoint.OriginalByte[0], FoundBreakPoint.BreakPointSize, &NumberOfBytesReadWritten)) { - if(WriteProcessMemory(dbgProcessInformation.hProcess, (LPVOID)BreakPointBuffer[MaximumBreakPoints].BreakPointAddress, &BreakPointBuffer[MaximumBreakPoints].OriginalByte[0], BreakPointBuffer[MaximumBreakPoints].BreakPointSize, &NumberOfBytesReadWritten)) + DBGCode = DBG_CONTINUE; + hActiveThread = OpenThread(THREAD_GET_CONTEXT|THREAD_SET_CONTEXT|THREAD_QUERY_INFORMATION, false, DBGEvent.dwThreadId); + myDBGContext.ContextFlags = CONTEXT_CONTROL; + GetThreadContext(hActiveThread, &myDBGContext); + if(FoundBreakPoint.BreakPointType != UE_SINGLESHOOT) { - DBGCode = DBG_CONTINUE; - hActiveThread = OpenThread(THREAD_GET_CONTEXT|THREAD_SET_CONTEXT|THREAD_QUERY_INFORMATION, false, DBGEvent.dwThreadId); - myDBGContext.ContextFlags = CONTEXT_CONTROL; - GetThreadContext(hActiveThread, &myDBGContext); - if(BreakPointBuffer[MaximumBreakPoints].BreakPointType != UE_SINGLESHOOT) + if(!(myDBGContext.EFlags & 0x100)) { - if(!(myDBGContext.EFlags & 0x100)) - { - myDBGContext.EFlags = myDBGContext.EFlags ^ 0x100; - } + myDBGContext.EFlags = myDBGContext.EFlags ^ 0x100; } - if(!(myDBGContext.EFlags & 0x10000)) - { - myDBGContext.EFlags = myDBGContext.EFlags ^ 0x10000; - } - SetThreadContext(hActiveThread, &myDBGContext); - EngineCloseHandle(hActiveThread); - VirtualProtectEx(dbgProcessInformation.hProcess, (LPVOID)BreakPointBuffer[MaximumBreakPoints].BreakPointAddress, BreakPointBuffer[MaximumBreakPoints].BreakPointSize, OldProtect, &OldProtect); - myCustomBreakPoint = (fCustomBreakPoint)((LPVOID)BreakPointBuffer[MaximumBreakPoints].ExecuteCallBack); - if(BreakPointBuffer[MaximumBreakPoints].NumberOfExecutions != -1 && BreakPointBuffer[MaximumBreakPoints].NumberOfExecutions != 0) - { - BreakPointBuffer[MaximumBreakPoints].NumberOfExecutions--; - } - if(BreakPointBuffer[MaximumBreakPoints].CmpCondition != UE_CMP_NOCONDITION) - { - CompareResult = false; - CmpValue1 = (ULONG_PTR)GetContextData((DWORD)BreakPointBuffer[MaximumBreakPoints].CmpRegister); - myCustomBreakPoint = (fCustomBreakPoint)((LPVOID)BreakPointBuffer[MaximumBreakPoints].CompareCallBack); - if(BreakPointBuffer[MaximumBreakPoints].CmpCondition == UE_CMP_EQUAL) - { - CmpValue2 = BreakPointBuffer[MaximumBreakPoints].CmpValue; - if(CmpValue1 == CmpValue2) - { - CompareResult = true; - } - } - else if(BreakPointBuffer[MaximumBreakPoints].CmpCondition == UE_CMP_NOTEQUAL) - { - CmpValue2 = BreakPointBuffer[MaximumBreakPoints].CmpValue; - if(CmpValue1 != CmpValue2) - { - CompareResult = true; - } - } - else if(BreakPointBuffer[MaximumBreakPoints].CmpCondition == UE_CMP_GREATER) - { - CmpValue2 = BreakPointBuffer[MaximumBreakPoints].CmpValue; - if(CmpValue1 > CmpValue2) - { - CompareResult = true; - } - } - else if(BreakPointBuffer[MaximumBreakPoints].CmpCondition == UE_CMP_GREATEROREQUAL) - { - CmpValue2 = BreakPointBuffer[MaximumBreakPoints].CmpValue; - if(CmpValue1 >= CmpValue2) - { - CompareResult = true; - } - } - else if(BreakPointBuffer[MaximumBreakPoints].CmpCondition == UE_CMP_LOWER) - { - CmpValue2 = BreakPointBuffer[MaximumBreakPoints].CmpValue; - if(CmpValue1 < CmpValue2) - { - CompareResult = true; - } - } - else if(BreakPointBuffer[MaximumBreakPoints].CmpCondition == UE_CMP_LOWEROREQUAL) - { - CmpValue2 = BreakPointBuffer[MaximumBreakPoints].CmpValue; - if(CmpValue1 <= CmpValue2) - { - CompareResult = true; - } - } - else if(BreakPointBuffer[MaximumBreakPoints].CmpCondition == UE_CMP_REG_EQUAL) - { - CmpValue2 = (ULONG_PTR)GetContextData((DWORD)BreakPointBuffer[MaximumBreakPoints].CmpValue); - if(CmpValue1 == CmpValue2) - { - CompareResult = true; - } - } - else if(BreakPointBuffer[MaximumBreakPoints].CmpCondition == UE_CMP_REG_NOTEQUAL) - { - CmpValue2 = (ULONG_PTR)GetContextData((DWORD)BreakPointBuffer[MaximumBreakPoints].CmpValue); - if(CmpValue1 != CmpValue2) - { - CompareResult = true; - } - } - else if(BreakPointBuffer[MaximumBreakPoints].CmpCondition == UE_CMP_REG_GREATER) - { - CmpValue2 = (ULONG_PTR)GetContextData((DWORD)BreakPointBuffer[MaximumBreakPoints].CmpValue); - if(CmpValue1 > CmpValue2) - { - CompareResult = true; - } - } - else if(BreakPointBuffer[MaximumBreakPoints].CmpCondition == UE_CMP_REG_GREATEROREQUAL) - { - CmpValue2 = (ULONG_PTR)GetContextData((DWORD)BreakPointBuffer[MaximumBreakPoints].CmpValue); - if(CmpValue1 >= CmpValue2) - { - CompareResult = true; - } - } - else if(BreakPointBuffer[MaximumBreakPoints].CmpCondition == UE_CMP_REG_LOWER) - { - CmpValue2 = (ULONG_PTR)GetContextData((DWORD)BreakPointBuffer[MaximumBreakPoints].CmpValue); - if(CmpValue1 < CmpValue2) - { - CompareResult = true; - } - } - else if(BreakPointBuffer[MaximumBreakPoints].CmpCondition == UE_CMP_REG_LOWEROREQUAL) - { - CmpValue2 = (ULONG_PTR)GetContextData((DWORD)BreakPointBuffer[MaximumBreakPoints].CmpValue); - if(CmpValue1 <= CmpValue2) - { - CompareResult = true; - } - } - if(CompareResult) - { - __try - { - myCustomBreakPoint(); - } - __except(EXCEPTION_EXECUTE_HANDLER) - { + } + if(!(myDBGContext.EFlags & 0x10000)) + { + myDBGContext.EFlags = myDBGContext.EFlags ^ 0x10000; + } + SetThreadContext(hActiveThread, &myDBGContext); + EngineCloseHandle(hActiveThread); + VirtualProtectEx(dbgProcessInformation.hProcess, (LPVOID)FoundBreakPoint.BreakPointAddress, FoundBreakPoint.BreakPointSize, OldProtect, &OldProtect); + myCustomBreakPoint = (fCustomBreakPoint)((LPVOID)FoundBreakPoint.ExecuteCallBack); + //execute callback + __try + { + myCustomBreakPoint(); + } + __except(EXCEPTION_EXECUTE_HANDLER) + { - } - } - } - else - { - __try - { - myCustomBreakPoint(); - } - __except(EXCEPTION_EXECUTE_HANDLER) - { - - } - } - if(BreakPointBuffer[MaximumBreakPoints].BreakPointType != UE_SINGLESHOOT) - { - DisableBPX((ULONG_PTR)BreakPointBuffer[MaximumBreakPoints].BreakPointAddress); - ResetBPXSize = BreakPointBuffer[MaximumBreakPoints].BreakPointSize - 1; - ResetBPXAddressTo = (ULONG_PTR)BreakPointBuffer[MaximumBreakPoints].BreakPointAddress; - ResetBPX = true; - } - else - { - DeleteBPX((ULONG_PTR)BreakPointBuffer[MaximumBreakPoints].BreakPointAddress); - ResetBPXSize = BreakPointBuffer[MaximumBreakPoints].BreakPointSize - 1; - ResetBPXAddressTo = NULL; - ResetBPX = false; - } + } + if(FoundBreakPoint.BreakPointType != UE_SINGLESHOOT) + { + DisableBPX((ULONG_PTR)FoundBreakPoint.BreakPointAddress); + ResetBPXSize = FoundBreakPoint.BreakPointSize - 1; + ResetBPXAddressTo = (ULONG_PTR)FoundBreakPoint.BreakPointAddress; + ResetBPX = true; } else { - VirtualProtectEx(dbgProcessInformation.hProcess, (LPVOID)BreakPointBuffer[MaximumBreakPoints].BreakPointAddress, BreakPointBuffer[MaximumBreakPoints].BreakPointSize, OldProtect, &OldProtect); - DBGCode = DBG_CONTINUE; + DeleteBPX((ULONG_PTR)FoundBreakPoint.BreakPointAddress); + ResetBPXSize = FoundBreakPoint.BreakPointSize - 1; + ResetBPXAddressTo = NULL; + ResetBPX = false; } } else - { - VirtualProtectEx(dbgProcessInformation.hProcess, (LPVOID)BreakPointBuffer[MaximumBreakPoints].BreakPointAddress, BreakPointBuffer[MaximumBreakPoints].BreakPointSize, OldProtect, &OldProtect); - DBGCode = DBG_EXCEPTION_NOT_HANDLED; - } + VirtualProtectEx(dbgProcessInformation.hProcess, (LPVOID)FoundBreakPoint.BreakPointAddress, FoundBreakPoint.BreakPointSize, OldProtect, &OldProtect); } else - { - DBGCode = DBG_EXCEPTION_NOT_HANDLED; - } + DBGCode=DBG_EXCEPTION_NOT_HANDLED; + //application-generated exception if(DBGCode==DBG_EXCEPTION_NOT_HANDLED) { @@ -1773,4 +1517,4 @@ __declspec(dllexport) void TITCALL SetDebugLoopTimeOut(DWORD TimeOut) TimeOut = INFINITE; } engineWaitForDebugEventTimeOut = TimeOut; -} \ No newline at end of file +} diff --git a/TitanEngine/TitanEngine.Debugger.Helper.cpp b/TitanEngine/TitanEngine.Debugger.Helper.cpp index 7ed2129..7b4a368 100644 --- a/TitanEngine/TitanEngine.Debugger.Helper.cpp +++ b/TitanEngine/TitanEngine.Debugger.Helper.cpp @@ -32,11 +32,11 @@ __declspec(dllexport) bool TITCALL GetRemoteString(HANDLE hProcess, LPVOID Strin RtlZeroMemory(StringStorage, MaximumStringSize); if(ReadProcessMemory(hProcess, (LPVOID)StringAddress, StringStorage, StringReadSize, &ueNumberOfBytesRW)) { - return(true); + return true; } else { - return(false); + return false; } } __declspec(dllexport) long long TITCALL GetFunctionParameter(HANDLE hProcess, DWORD FunctionType, DWORD ParameterNumber, DWORD ParameterType) @@ -579,244 +579,244 @@ __declspec(dllexport) bool TITCALL IsJumpGoingToExecuteEx(HANDLE hProcess, HANDL } else if(lstrcmpiA(DisassembledString, "JMP") == NULL) { - return(true); + return true; } else if(lstrcmpiA(DisassembledString, "JA") == NULL) { if(bCF == false && bZF == false) { - return(true); + return true; } } else if(lstrcmpiA(DisassembledString, "JAE") == NULL) { if(!bCF) { - return(true); + return true; } } else if(lstrcmpiA(DisassembledString, "JB") == NULL) { if(bCF) { - return(true); + return true; } } else if(lstrcmpiA(DisassembledString, "JBE") == NULL) { if(bCF == true || bZF == true) { - return(true); + return true; } } else if(lstrcmpiA(DisassembledString, "JC") == NULL) { if(bCF) { - return(true); + return true; } } else if(lstrcmpiA(DisassembledString, "JCXZ") == NULL) { if((WORD)GetContextDataEx(hThread, UE_ECX) == NULL) { - return(true); + return true; } } else if(lstrcmpiA(DisassembledString, "JECXZ") == NULL) { if((DWORD)GetContextDataEx(hThread, UE_ECX) == NULL) { - return(true); + return true; } } else if(lstrcmpiA(DisassembledString, "JRCXZ") == NULL) { if((ULONG_PTR)GetContextDataEx(hThread, UE_RCX) == NULL) { - return(true); + return true; } } else if(lstrcmpiA(DisassembledString, "JZ") == NULL) { if(bZF) { - return(true); + return true; } } else if(lstrcmpiA(DisassembledString, "JNZ") == NULL) { if(!bZF) { - return(true); + return true; } } else if(lstrcmpiA(DisassembledString, "JE") == NULL) { if(bZF) { - return(true); + return true; } } else if(lstrcmpiA(DisassembledString, "JNE") == NULL) { if(!bZF) { - return(true); + return true; } } else if(lstrcmpiA(DisassembledString, "JG") == NULL) { if(bZF == false && bSF == bOF) { - return(true); + return true; } } else if(lstrcmpiA(DisassembledString, "JGE") == NULL) { if(bSF == bOF) { - return(true); + return true; } } else if(lstrcmpiA(DisassembledString, "JL") == NULL) { if(bSF != bOF) { - return(true); + return true; } } else if(lstrcmpiA(DisassembledString, "JLE") == NULL) { if(bZF == true || bSF != bOF) { - return(true); + return true; } } else if(lstrcmpiA(DisassembledString, "JNA") == NULL) { if(bCF == true || bZF == true) { - return(true); + return true; } } else if(lstrcmpiA(DisassembledString, "JNAE") == NULL) { if(bCF) { - return(true); + return true; } } else if(lstrcmpiA(DisassembledString, "JNB") == NULL) { if(!bCF) { - return(true); + return true; } } else if(lstrcmpiA(DisassembledString, "JNBE") == NULL) { if(bCF == false && bZF == false) { - return(true); + return true; } } else if(lstrcmpiA(DisassembledString, "JNC") == NULL) { if(!bCF) { - return(true); + return true; } } else if(lstrcmpiA(DisassembledString, "JNG") == NULL) { if(bZF == true || bSF != bOF) { - return(true); + return true; } } else if(lstrcmpiA(DisassembledString, "JNGE") == NULL) { if(bSF != bOF) { - return(true); + return true; } } else if(lstrcmpiA(DisassembledString, "JNL") == NULL) { if(bSF == bOF) { - return(true); + return true; } } else if(lstrcmpiA(DisassembledString, "JNLE") == NULL) { if(bZF == false && bSF == bOF) { - return(true); + return true; } } else if(lstrcmpiA(DisassembledString, "JNO") == NULL) { if(!bOF) { - return(true); + return true; } } else if(lstrcmpiA(DisassembledString, "JNP") == NULL) { if(!bPF) { - return(true); + return true; } } else if(lstrcmpiA(DisassembledString, "JNS") == NULL) { if(!bSF) { - return(true); + return true; } } else if(lstrcmpiA(DisassembledString, "JO") == NULL) { if(bOF) { - return(true); + return true; } } else if(lstrcmpiA(DisassembledString, "JP") == NULL) { if(bPF) { - return(true); + return true; } } else if(lstrcmpiA(DisassembledString, "JPE") == NULL) { if(bPF) { - return(true); + return true; } } else if(lstrcmpiA(DisassembledString, "JPO") == NULL) { if(!bPF) { - return(true); + return true; } } else if(lstrcmpiA(DisassembledString, "JS") == NULL) { if(bSF) { - return(true); + return true; } } } } - return(false); + return false; } __declspec(dllexport) bool TITCALL IsJumpGoingToExecute() { return(IsJumpGoingToExecuteEx(dbgProcessInformation.hProcess, dbgProcessInformation.hThread, NULL, NULL)); -} \ No newline at end of file +} diff --git a/TitanEngine/TitanEngine.Debugger.Memory.cpp b/TitanEngine/TitanEngine.Debugger.Memory.cpp index 4d5f5e7..394f039 100644 --- a/TitanEngine/TitanEngine.Debugger.Memory.cpp +++ b/TitanEngine/TitanEngine.Debugger.Memory.cpp @@ -63,23 +63,23 @@ __declspec(dllexport) bool TITCALL MatchPatternEx(HANDLE hProcess, void* MemoryT { if(memCmp->Array.bArrayEntry[i] != memPattern->Array.bArrayEntry[i] && memPattern->Array.bArrayEntry[i] != *WildCard) { - return(false); + return false; } SizeOfPatternToMatch--; i++; } VirtualFree(ueReadBuffer, NULL, MEM_RELEASE); - return(true); + return true; } __except(EXCEPTION_EXECUTE_HANDLER) { VirtualFree(ueReadBuffer, NULL, MEM_RELEASE); - return(false); + return false; } } else { - return(false); + return false; } } __declspec(dllexport) bool TITCALL MatchPattern(void* MemoryToCheck, int SizeOfMemoryToCheck, void* PatternToMatch, int SizeOfPatternToMatch, PBYTE WildCard) @@ -224,9 +224,9 @@ __declspec(dllexport) bool TITCALL FillEx(HANDLE hProcess, LPVOID MemoryStart, D MemoryStart = (LPVOID)((ULONG_PTR)MemoryStart + 1); } VirtualProtectEx(hProcess, MemoryStart, MemorySize, OldProtect, &OldProtect); - return(true); + return true; } - return(false); + return false; } __declspec(dllexport) bool TITCALL Fill(LPVOID MemoryStart, DWORD MemorySize, PBYTE FillByte) { @@ -289,9 +289,9 @@ __declspec(dllexport) bool TITCALL PatchEx(HANDLE hProcess, LPVOID MemoryStart, WriteProcessMemory(hProcess, MemoryStart, ReplacePattern, ReplaceSize, &ueNumberOfBytesRead); } VirtualProtectEx(hProcess, MemoryStart, MemorySize, OldProtect, &OldProtect); - return(true); + return true; } - return(false); + return false; } __declspec(dllexport) bool TITCALL Patch(LPVOID MemoryStart, DWORD MemorySize, LPVOID ReplacePattern, DWORD ReplaceSize, bool AppendNOP, bool PrependNOP) { @@ -338,11 +338,11 @@ __declspec(dllexport) bool TITCALL ReplaceEx(HANDLE hProcess, LPVOID MemoryStart VirtualFree(lpReadMemory, NULL, MEM_RELEASE); if(NumberOfRepetitions != NULL) { - return(false); + return false; } else { - return(true); + return true; } } __declspec(dllexport) bool TITCALL Replace(LPVOID MemoryStart, DWORD MemorySize, LPVOID SearchPattern, DWORD PatternSize, DWORD NumberOfRepetitions, LPVOID ReplacePattern, DWORD ReplaceSize, PBYTE WildCard) @@ -356,4 +356,4 @@ __declspec(dllexport) bool TITCALL Replace(LPVOID MemoryStart, DWORD MemorySize, { return(ReplaceEx(GetCurrentProcess(), MemoryStart, MemorySize, SearchPattern, PatternSize, NumberOfRepetitions, ReplacePattern, ReplaceSize, WildCard)); } -} \ No newline at end of file +} diff --git a/TitanEngine/TitanEngine.Debugger.cpp b/TitanEngine/TitanEngine.Debugger.cpp index 288f6c1..1c1a7b7 100644 --- a/TitanEngine/TitanEngine.Debugger.cpp +++ b/TitanEngine/TitanEngine.Debugger.cpp @@ -5,6 +5,7 @@ #include "Global.Handle.h" #include "Global.Breakpoints.h" #include "Global.Threader.h" +#include static wchar_t szBackupDebuggedFileName[512]; static wchar_t szDebuggerName[512]; @@ -55,15 +56,14 @@ __declspec(dllexport) void* TITCALL InitDebugW(wchar_t* szFileName, wchar_t* szC { DebugConsoleFlag = CREATE_NO_WINDOW; } - BreakPointSetCount = 0; - RtlZeroMemory(&BreakPointBuffer, sizeof BreakPointBuffer); + std::vector().swap(BreakPointBuffer); if(szCommandLine == NULL) { if(CreateProcessW(szFileName, NULL, NULL, NULL, false, DEBUG_PROCESS|DEBUG_ONLY_THIS_PROCESS|DebugConsoleFlag|CREATE_NEW_CONSOLE, NULL, szCurrentFolder, &dbgStartupInfo, &dbgProcessInformation)) { DebugAttachedToProcess = false; DebugAttachedProcessCallBack = NULL; - RtlZeroMemory(&BreakPointBuffer, sizeof BreakPointBuffer); + std::vector().swap(BreakPointBuffer); return(&dbgProcessInformation); } else @@ -79,7 +79,7 @@ __declspec(dllexport) void* TITCALL InitDebugW(wchar_t* szFileName, wchar_t* szC { DebugAttachedToProcess = false; DebugAttachedProcessCallBack = NULL; - RtlZeroMemory(&BreakPointBuffer, sizeof BreakPointBuffer); + std::vector().swap(BreakPointBuffer); return(&dbgProcessInformation); } else @@ -227,11 +227,11 @@ __declspec(dllexport) bool TITCALL StopDebug() { TerminateThread(dbgProcessInformation.hThread, NULL); TerminateProcess(dbgProcessInformation.hProcess, NULL); - return(true); + return true; } else { - return(false); + return false; } } @@ -244,7 +244,7 @@ __declspec(dllexport) bool TITCALL AttachDebugger(DWORD ProcessId, bool KillOnEx if(ProcessId != NULL && dbgProcessInformation.hProcess == NULL) { - RtlZeroMemory(&BreakPointBuffer, sizeof BreakPointBuffer); + std::vector().swap(BreakPointBuffer); if(DebugActiveProcess(ProcessId)) { if(KillOnExit) @@ -256,7 +256,7 @@ __declspec(dllexport) bool TITCALL AttachDebugger(DWORD ProcessId, bool KillOnEx myDebugSetProcessKillOnExit(KillOnExit); } } - BreakPointSetCount = 0; + std::vector().swap(BreakPointBuffer); DebugDebuggingDLL = false; DebugAttachedToProcess = true; DebugAttachedProcessCallBack = (ULONG_PTR)CallBack; @@ -265,14 +265,14 @@ __declspec(dllexport) bool TITCALL AttachDebugger(DWORD ProcessId, bool KillOnEx DebugLoop(); DebugAttachedToProcess = false; DebugAttachedProcessCallBack = NULL; - return(true); + return true; } } else { - return(false); + return false; } - return(false); + return false; } __declspec(dllexport) bool TITCALL DetachDebugger(DWORD ProcessId) @@ -295,14 +295,14 @@ __declspec(dllexport) bool TITCALL DetachDebugger(DWORD ProcessId) DebugAttachedToProcess = false; if(FuncReturn) { - return(true); + return true; } else { - return(false); + return false; } } - return(false); + return false; } __declspec(dllexport) bool TITCALL DetachDebuggerEx(DWORD ProcessId) @@ -338,7 +338,7 @@ __declspec(dllexport) bool TITCALL DetachDebuggerEx(DWORD ProcessId) } else { - return(false); + return false; } } @@ -418,4 +418,4 @@ __declspec(dllexport) void TITCALL AutoDebugExW(wchar_t* szFileName, bool Reserv RtlZeroMemory(&expertDebug, sizeof ExpertDebug); SetDebugLoopTimeOut(INFINITE); } -} \ No newline at end of file +} diff --git a/TitanEngine/TitanEngine.Dumper.cpp b/TitanEngine/TitanEngine.Dumper.cpp index 9d96e82..21db09f 100644 --- a/TitanEngine/TitanEngine.Dumper.cpp +++ b/TitanEngine/TitanEngine.Dumper.cpp @@ -64,7 +64,7 @@ __declspec(dllexport) bool TITCALL DumpProcessW(HANDLE hProcess, LPVOID ImageBas { VirtualFree(ueReadBuffer, NULL, MEM_RELEASE); VirtualFree(ueCopyBuffer, NULL, MEM_RELEASE); - return(false); + return false; } else { @@ -92,7 +92,7 @@ __declspec(dllexport) bool TITCALL DumpProcessW(HANDLE hProcess, LPVOID ImageBas { VirtualFree(ueReadBuffer, NULL, MEM_RELEASE); VirtualFree(ueCopyBuffer, NULL, MEM_RELEASE); - return(false); + return false; } if(!FileIs64) { @@ -176,14 +176,14 @@ __declspec(dllexport) bool TITCALL DumpProcessW(HANDLE hProcess, LPVOID ImageBas EngineCloseHandle(hFile); VirtualFree(ueReadBuffer, NULL, MEM_RELEASE); VirtualFree(ueCopyBuffer, NULL, MEM_RELEASE); - return(true); + return true; } __except(EXCEPTION_EXECUTE_HANDLER) { EngineCloseHandle(hFile); VirtualFree(ueReadBuffer, NULL, MEM_RELEASE); VirtualFree(ueCopyBuffer, NULL, MEM_RELEASE); - return(false); + return false; } } else @@ -191,14 +191,14 @@ __declspec(dllexport) bool TITCALL DumpProcessW(HANDLE hProcess, LPVOID ImageBas EngineCloseHandle(hFile); VirtualFree(ueReadBuffer, NULL, MEM_RELEASE); VirtualFree(ueCopyBuffer, NULL, MEM_RELEASE); - return(false); + return false; } } else { VirtualFree(ueReadBuffer, NULL, MEM_RELEASE); VirtualFree(ueCopyBuffer, NULL, MEM_RELEASE); - return(false); + return false; } } } @@ -284,13 +284,13 @@ __declspec(dllexport) bool TITCALL DumpProcessW(HANDLE hProcess, LPVOID ImageBas EngineCloseHandle(hFile); VirtualFree(ueReadBuffer, NULL, MEM_RELEASE); VirtualFree(ueCopyBuffer, NULL, MEM_RELEASE); - return(true); + return true; } __except(EXCEPTION_EXECUTE_HANDLER) { VirtualFree(ueReadBuffer, NULL, MEM_RELEASE); VirtualFree(ueCopyBuffer, NULL, MEM_RELEASE); - return(false); + return false; } } else @@ -298,7 +298,7 @@ __declspec(dllexport) bool TITCALL DumpProcessW(HANDLE hProcess, LPVOID ImageBas EngineCloseHandle(hFile); VirtualFree(ueReadBuffer, NULL, MEM_RELEASE); VirtualFree(ueCopyBuffer, NULL, MEM_RELEASE); - return(false); + return false; } } else @@ -306,7 +306,7 @@ __declspec(dllexport) bool TITCALL DumpProcessW(HANDLE hProcess, LPVOID ImageBas EngineCloseHandle(hFile); VirtualFree(ueReadBuffer, NULL, MEM_RELEASE); VirtualFree(ueCopyBuffer, NULL, MEM_RELEASE); - return(false); + return false; } } } @@ -315,16 +315,16 @@ __declspec(dllexport) bool TITCALL DumpProcessW(HANDLE hProcess, LPVOID ImageBas { VirtualFree(ueReadBuffer, NULL, MEM_RELEASE); VirtualFree(ueCopyBuffer, NULL, MEM_RELEASE); - return(false); + return false; } } else { VirtualFree(ueReadBuffer, NULL, MEM_RELEASE); VirtualFree(ueCopyBuffer, NULL, MEM_RELEASE); - return(false); + return false; } - return(false); + return false; } __declspec(dllexport) bool TITCALL DumpProcessEx(DWORD ProcessId, LPVOID ImageBase, char* szDumpFileName, ULONG_PTR EntryPoint) @@ -339,7 +339,7 @@ __declspec(dllexport) bool TITCALL DumpProcessEx(DWORD ProcessId, LPVOID ImageBa } else { - return(false); + return false; } } @@ -356,16 +356,16 @@ __declspec(dllexport) bool TITCALL DumpProcessExW(DWORD ProcessId, LPVOID ImageB EngineCloseHandle(hProcess); if(ReturnValue) { - return(true); + return true; } else { - return(false); + return false; } } else { - return(false); + return false; } } @@ -381,7 +381,7 @@ __declspec(dllexport) bool TITCALL DumpMemory(HANDLE hProcess, LPVOID MemoryStar } else { - return(false); + return false; } } @@ -434,15 +434,15 @@ __declspec(dllexport) bool TITCALL DumpMemoryW(HANDLE hProcess, LPVOID MemorySta } EngineCloseHandle(hFile); VirtualFree(ueCopyBuffer, NULL, MEM_RELEASE); - return(true); + return true; } else { VirtualFree(ueCopyBuffer, NULL, MEM_RELEASE); - return(false); + return false; } } - return(true); + return true; } __declspec(dllexport) bool TITCALL DumpMemoryEx(DWORD ProcessId, LPVOID MemoryStart, ULONG_PTR MemorySize, char* szDumpFileName) @@ -457,7 +457,7 @@ __declspec(dllexport) bool TITCALL DumpMemoryEx(DWORD ProcessId, LPVOID MemorySt } else { - return(false); + return false; } } @@ -474,11 +474,11 @@ __declspec(dllexport) bool TITCALL DumpMemoryExW(DWORD ProcessId, LPVOID MemoryS EngineCloseHandle(hProcess); if(ReturnValue) { - return(true); + return true; } } - return(false); + return false; } __declspec(dllexport) bool TITCALL DumpRegions(HANDLE hProcess, char* szDumpFolder, bool DumpAboveImageBaseOnly) @@ -493,7 +493,7 @@ __declspec(dllexport) bool TITCALL DumpRegions(HANDLE hProcess, char* szDumpFold } else { - return(false); + return false; } } @@ -545,9 +545,9 @@ __declspec(dllexport) bool TITCALL DumpRegionsW(HANDLE hProcess, wchar_t* szDump } DumpAddress = DumpAddress + (ULONG_PTR)MemInfo.RegionSize; } - return(true); + return true; } - return(false); + return false; } __declspec(dllexport) bool TITCALL DumpRegionsEx(DWORD ProcessId, char* szDumpFolder, bool DumpAboveImageBaseOnly) @@ -562,7 +562,7 @@ __declspec(dllexport) bool TITCALL DumpRegionsEx(DWORD ProcessId, char* szDumpFo } else { - return(false); + return false; } } @@ -579,11 +579,11 @@ __declspec(dllexport) bool TITCALL DumpRegionsExW(DWORD ProcessId, wchar_t* szDu EngineCloseHandle(hProcess); if(ReturnValue) { - return(true); + return true; } } - return(false); + return false; } __declspec(dllexport) bool TITCALL DumpModule(HANDLE hProcess, LPVOID ModuleBase, char* szDumpFileName) @@ -598,7 +598,7 @@ __declspec(dllexport) bool TITCALL DumpModule(HANDLE hProcess, LPVOID ModuleBase } else { - return(false); + return false; } } @@ -621,7 +621,7 @@ __declspec(dllexport) bool TITCALL DumpModuleW(HANDLE hProcess, LPVOID ModuleBas } } } - return(false); + return false; } __declspec(dllexport) bool TITCALL DumpModuleEx(DWORD ProcessId, LPVOID ModuleBase, char* szDumpFileName) @@ -636,7 +636,7 @@ __declspec(dllexport) bool TITCALL DumpModuleEx(DWORD ProcessId, LPVOID ModuleBa } else { - return(false); + return false; } } @@ -653,9 +653,9 @@ __declspec(dllexport) bool TITCALL DumpModuleExW(DWORD ProcessId, LPVOID ModuleB EngineCloseHandle(hProcess); if(ReturnValue) { - return(true); + return true; } } - return(false); -} \ No newline at end of file + return false; +} diff --git a/TitanEngine/TitanEngine.Engine.Simplification.cpp b/TitanEngine/TitanEngine.Engine.Simplification.cpp index f2b397f..7ccbbdd 100644 --- a/TitanEngine/TitanEngine.Engine.Simplification.cpp +++ b/TitanEngine/TitanEngine.Engine.Simplification.cpp @@ -119,7 +119,7 @@ __declspec(dllexport) bool TITCALL EngineUnpackerSetBreakCondition(void* SearchS if(SetBPX(fPatternLocation, UE_BREAKPOINT, &EngineSimplifyLoadLibraryCallBack)) { EngineUnpackerBreakInfo.push_back(fUnpackerInformation); - return(true); + return true; } } else if(BreakType == UE_UNPACKER_CONDITION_GETPROCADDRESS) @@ -127,7 +127,7 @@ __declspec(dllexport) bool TITCALL EngineUnpackerSetBreakCondition(void* SearchS if(SetBPX(fPatternLocation, UE_BREAKPOINT, &EngineSimplifyGetProcAddressCallBack)) { EngineUnpackerBreakInfo.push_back(fUnpackerInformation); - return(true); + return true; } } else if(BreakType == UE_UNPACKER_CONDITION_ENTRYPOINTBREAK) @@ -135,7 +135,7 @@ __declspec(dllexport) bool TITCALL EngineUnpackerSetBreakCondition(void* SearchS if(SetBPX(fPatternLocation, UE_BREAKPOINT, &EngineSimplifyGetProcAddressCallBack)) { EngineUnpackerBreakInfo.push_back(fUnpackerInformation); - return(true); + return true; } } else if(BreakType == UE_UNPACKER_CONDITION_RELOCSNAPSHOT1) @@ -144,7 +144,7 @@ __declspec(dllexport) bool TITCALL EngineUnpackerSetBreakCondition(void* SearchS { fUnpackerInformation.SnapShotNumber = 1; EngineUnpackerBreakInfo.push_back(fUnpackerInformation); - return(true); + return true; } } else if(BreakType == UE_UNPACKER_CONDITION_RELOCSNAPSHOT2) @@ -153,7 +153,7 @@ __declspec(dllexport) bool TITCALL EngineUnpackerSetBreakCondition(void* SearchS { fUnpackerInformation.SnapShotNumber = 2; EngineUnpackerBreakInfo.push_back(fUnpackerInformation); - return(true); + return true; } } else @@ -161,11 +161,11 @@ __declspec(dllexport) bool TITCALL EngineUnpackerSetBreakCondition(void* SearchS if(SetBPX(fPatternLocation, fBreakPointType, (void*)BreakType)) { EngineUnpackerBreakInfo.push_back(fUnpackerInformation); - return(true); + return true; } } } - return(false); + return false; } __declspec(dllexport) void TITCALL EngineUnpackerSetEntryPointAddress(ULONG_PTR UnpackedEntryPointAddress) { @@ -176,4 +176,4 @@ __declspec(dllexport) void TITCALL EngineUnpackerFinalizeUnpacking() EngineSimplifyEntryPointCallBack(); EmptyGarbage(); -} \ No newline at end of file +} diff --git a/TitanEngine/TitanEngine.Engine.cpp b/TitanEngine/TitanEngine.Engine.cpp index 4dad766..9cf8596 100644 --- a/TitanEngine/TitanEngine.Engine.cpp +++ b/TitanEngine/TitanEngine.Engine.cpp @@ -96,7 +96,7 @@ __declspec(dllexport) bool TITCALL EngineCreateMissingDependenciesW(wchar_t* szF else { UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); - return(false); + return false; } if(LogCreatedFiles) { @@ -216,15 +216,15 @@ __declspec(dllexport) bool TITCALL EngineCreateMissingDependenciesW(wchar_t* szF } } UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); - return(true); + return true; } else { UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); - return(false); + return false; } } - return(false); + return false; } __declspec(dllexport) bool TITCALL EngineFakeMissingDependencies(HANDLE hProcess) { @@ -234,7 +234,7 @@ __declspec(dllexport) bool TITCALL EngineFakeMissingDependencies(HANDLE hProcess SetAPIBreakPoint("ntdll.dll", "LdrLoadDll", UE_BREAKPOINT, UE_APIEND, (LPVOID)&EngineFakeLoadLibraryReturn); SetAPIBreakPoint("ntdll.dll", "LdrGetProcedureAddress", UE_BREAKPOINT, UE_APIEND, (LPVOID)&EngineFakeGetProcAddressReturn); } - return(false); + return false; } __declspec(dllexport) bool TITCALL EngineDeleteCreatedDependencies() { @@ -269,9 +269,9 @@ __declspec(dllexport) bool TITCALL EngineDeleteCreatedDependencies() VirtualFree(engineDependencyFiles, NULL, MEM_RELEASE); engineDependencyFiles = NULL; engineDependencyFilesCWP = NULL; - return(true); + return true; } - return(false); + return false; } __declspec(dllexport) bool TITCALL EngineCreateUnpackerWindow(char* WindowUnpackerTitle, char* WindowUnpackerLongTitle, char* WindowUnpackerName, char* WindowUnpackerAuthor, void* StartUnpackingCallBack) @@ -285,11 +285,11 @@ __declspec(dllexport) bool TITCALL EngineCreateUnpackerWindow(char* WindowUnpack lstrcpyA(szWindowUnpackerName, WindowUnpackerName); if(DialogBoxParamA((HINSTANCE)engineHandle, MAKEINTRESOURCEA(IDD_MAINWINDOW), NULL, (DLGPROC)EngineWndProc, NULL) != -1) { - return(true); + return true; } else { - return(false); + return false; } } __declspec(dllexport) void TITCALL EngineAddUnpackerWindowLogMessage(char* szLogMessage) @@ -301,4 +301,4 @@ __declspec(dllexport) void TITCALL EngineAddUnpackerWindowLogMessage(char* szLog cSelect = (int)SendMessageA(EngineBoxHandle, LB_GETCOUNT, NULL, NULL); cSelect--; SendMessageA(EngineBoxHandle, LB_SETCURSEL, (WPARAM)cSelect, NULL); -} \ No newline at end of file +} diff --git a/TitanEngine/TitanEngine.Exporter.cpp b/TitanEngine/TitanEngine.Exporter.cpp index 5e7ff1e..4454a51 100644 --- a/TitanEngine/TitanEngine.Exporter.cpp +++ b/TitanEngine/TitanEngine.Exporter.cpp @@ -75,7 +75,7 @@ __declspec(dllexport) bool TITCALL ExporterAddNewExport(char* szExportName, DWOR { if(expNameHashes[i] == NameHash) { - return(true); + return true; } } expExportAddress[expExportNumber] = ExportRelativeAddress; @@ -85,9 +85,9 @@ __declspec(dllexport) bool TITCALL ExporterAddNewExport(char* szExportName, DWOR RtlMoveMemory(expTableDataCWP, szExportName, lstrlenA(szExportName)); expTableDataCWP = (LPVOID)((ULONG_PTR)expTableDataCWP + lstrlenA(szExportName) + 2); expExportNumber++; - return(true); + return true; } - return(false); + return false; } __declspec(dllexport) bool TITCALL ExporterAddNewOrdinalExport(DWORD OrdinalNumber, DWORD ExportRelativeAddress) { @@ -119,15 +119,15 @@ __declspec(dllexport) bool TITCALL ExporterAddNewOrdinalExport(DWORD OrdinalNumb wsprintfA(szExportFunctionName, "Func%d", expExportNumber + 1); ExporterAddNewExport(szExportFunctionName, ExportRelativeAddress); } - return(true); + return true; } else { - return(true); + return true; } } } - return(false); + return false; } __declspec(dllexport) long TITCALL ExporterGetAddedExportCount() { @@ -212,7 +212,7 @@ __declspec(dllexport) bool TITCALL ExporterBuildExportTable(ULONG_PTR StorePlace { VirtualFree(expBuildExportData, NULL, MEM_RELEASE); ExporterCleanup(); - return(false); + return false; } if(FileMapVA != NULL) @@ -248,9 +248,9 @@ __declspec(dllexport) bool TITCALL ExporterBuildExportTable(ULONG_PTR StorePlace } VirtualFree(expBuildExportData, NULL, MEM_RELEASE); ExporterCleanup(); - return(true); + return true; } - return(false); + return false; } __declspec(dllexport) bool TITCALL ExporterBuildExportTableEx(char* szExportFileName, char* szSectionName) { @@ -264,7 +264,7 @@ __declspec(dllexport) bool TITCALL ExporterBuildExportTableEx(char* szExportFile } else { - return(false); + return false; } } __declspec(dllexport) bool TITCALL ExporterBuildExportTableExW(wchar_t* szExportFileName, char* szSectionName) @@ -288,21 +288,21 @@ __declspec(dllexport) bool TITCALL ExporterBuildExportTableExW(wchar_t* szExport UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); if(ReturnValue) { - return(true); + return true; } else { - return(false); + return false; } } else { - return(false); + return false; } } else { - return(false); + return false; } } __declspec(dllexport) bool TITCALL ExporterLoadExportTable(char* szFileName) @@ -317,7 +317,7 @@ __declspec(dllexport) bool TITCALL ExporterLoadExportTable(char* szFileName) } else { - return(false); + return false; } } __declspec(dllexport) bool TITCALL ExporterLoadExportTableW(wchar_t* szFileName) @@ -360,7 +360,7 @@ __declspec(dllexport) bool TITCALL ExporterLoadExportTableW(wchar_t* szFileName) else { UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); - return(false); + return false; } if(!FileIs64) { @@ -426,24 +426,24 @@ __declspec(dllexport) bool TITCALL ExporterLoadExportTableW(wchar_t* szFileName) ExportedFunctions = (PEXPORTED_DATA)((ULONG_PTR)ExportedFunctions + 4); } UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); - return(true); + return true; } else { UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); - return(false); + return false; } } else { UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); - return(false); + return false; } } else { - return(false); + return false; } UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); - return(false); -} \ No newline at end of file + return false; +} diff --git a/TitanEngine/TitanEngine.Handler.cpp b/TitanEngine/TitanEngine.Handler.cpp index a7703bd..7a5d767 100644 --- a/TitanEngine/TitanEngine.Handler.cpp +++ b/TitanEngine/TitanEngine.Handler.cpp @@ -92,10 +92,10 @@ __declspec(dllexport) bool TITCALL HandlerIsHandleOpen(DWORD ProcessId, HANDLE h VirtualFree(QuerySystemBuffer, NULL, MEM_RELEASE); if(HandleActive) { - return(true); + return true; } } - return(false); + return false; } __declspec(dllexport) void* TITCALL HandlerGetHandleName(HANDLE hProcess, DWORD ProcessId, HANDLE hHandle, bool TranslateName) { @@ -453,7 +453,7 @@ __declspec(dllexport) bool TITCALL HandlerCloseRemoteHandle(HANDLE hProcess, HAN DuplicateHandle(hProcess, hHandle, GetCurrentProcess(), &myHandle, NULL, false, DUPLICATE_CLOSE_SOURCE); EngineCloseHandle(myHandle); } - return(false); + return false; } __declspec(dllexport) long TITCALL HandlerEnumerateLockHandles(char* szFileOrFolderName, bool NameIsFolder, bool NameIsTranslated, LPVOID HandleDataBuffer, DWORD MaxHandleCount) { @@ -595,7 +595,7 @@ __declspec(dllexport) bool TITCALL HandlerCloseAllLockHandles(char* szFileOrFold } else { - return(false); + return false; } } __declspec(dllexport) bool TITCALL HandlerCloseAllLockHandlesW(wchar_t* szFileOrFolderName, bool NameIsFolder, bool NameIsTranslated) @@ -704,16 +704,16 @@ __declspec(dllexport) bool TITCALL HandlerCloseAllLockHandlesW(wchar_t* szFileOr VirtualFree(HandleFullName, NULL, MEM_RELEASE); if(AllHandled) { - return(true); + return true; } else { - return(false); + return false; } } VirtualFree(ObjectNameInfo, NULL, MEM_RELEASE); VirtualFree(HandleFullName, NULL, MEM_RELEASE); - return(false); + return false; } __declspec(dllexport) bool TITCALL HandlerIsFileLocked(char* szFileOrFolderName, bool NameIsFolder, bool NameIsTranslated) { @@ -727,7 +727,7 @@ __declspec(dllexport) bool TITCALL HandlerIsFileLocked(char* szFileOrFolderName, } else { - return(false); + return false; } } __declspec(dllexport) bool TITCALL HandlerIsFileLockedW(wchar_t* szFileOrFolderName, bool NameIsFolder, bool NameIsTranslated) @@ -821,7 +821,7 @@ __declspec(dllexport) bool TITCALL HandlerIsFileLockedW(wchar_t* szFileOrFolderN VirtualFree(QuerySystemBuffer, NULL, MEM_RELEASE); VirtualFree(HandleFullName, NULL, MEM_RELEASE); EngineCloseHandle(myHandle); - return(true); + return true; } } EngineCloseHandle(myHandle); @@ -834,11 +834,11 @@ __declspec(dllexport) bool TITCALL HandlerIsFileLockedW(wchar_t* szFileOrFolderN VirtualFree(ObjectNameInfo, NULL, MEM_RELEASE); VirtualFree(QuerySystemBuffer, NULL, MEM_RELEASE); VirtualFree(HandleFullName, NULL, MEM_RELEASE); - return(false); + return false; } VirtualFree(ObjectNameInfo, NULL, MEM_RELEASE); VirtualFree(HandleFullName, NULL, MEM_RELEASE); - return(false); + return false; } // TitanEngine.Handler[Mutex].functions: __declspec(dllexport) long TITCALL HandlerEnumerateOpenMutexes(HANDLE hProcess, DWORD ProcessId, LPVOID HandleBuffer, DWORD MaxHandleCount) @@ -1087,4 +1087,4 @@ __declspec(dllexport) long TITCALL HandlerGetProcessIdWhichCreatedMutexW(wchar_t VirtualFree(HandleNameData, NULL, MEM_RELEASE); VirtualFree(ObjectNameInfo, NULL, MEM_RELEASE); return(NULL); -} \ No newline at end of file +} diff --git a/TitanEngine/TitanEngine.Hooks.cpp b/TitanEngine/TitanEngine.Hooks.cpp index 7f88c17..e9bcbeb 100644 --- a/TitanEngine/TitanEngine.Hooks.cpp +++ b/TitanEngine/TitanEngine.Hooks.cpp @@ -22,7 +22,7 @@ static bool ProcessHookScanAddNewHook(PHOOK_ENTRY HookDetails, void* ptrOriginal RtlMoveMemory(&MyhookEntry, HookDetails, sizeof HOOK_ENTRY); hookEntry.push_back(MyhookEntry); - return(true); + return true; } // Global.Engine.Hook.functions: @@ -86,15 +86,15 @@ __declspec(dllexport) bool TITCALL HooksSafeTransitionEx(LPVOID HookAddressArray VirtualFree(hListThread, NULL, MEM_RELEASE); hListThread = NULL; } - return(true); + return true; } } else { - return(false); + return false; } } - return(false); + return false; } __declspec(dllexport) bool TITCALL HooksSafeTransition(LPVOID HookAddress, bool TransitionStart) { @@ -111,10 +111,10 @@ __declspec(dllexport) bool TITCALL HooksIsAddressRedirected(LPVOID HookAddress) { if(hookEntry[i].HookAddress == HookAddress && hookEntry[i].IATHook == false && hookEntry[i].HookIsEnabled == true) { - return(true); + return true; } } - return(false); + return false; } __declspec(dllexport) void* TITCALL HooksGetTrampolineAddress(LPVOID HookAddress) { @@ -243,11 +243,11 @@ __declspec(dllexport) bool TITCALL HooksInsertNewRedirection(LPVOID HookAddress, returnData = HooksInsertNewRedirection(HookAddress, RedirectTo, HookType); if(returnData) { - return(true); + return true; } else { - return(false); + return false; } } } @@ -382,7 +382,7 @@ __declspec(dllexport) bool TITCALL HooksInsertNewRedirection(LPVOID HookAddress, RtlMoveMemory(&myHook.HookBytes[0], HookAddress, TEE_MAXIMUM_HOOK_SIZE); VirtualProtect(HookAddress, TEE_MAXIMUM_HOOK_SIZE, OldProtect, &OldProtect); hookEntry.push_back(myHook); - return(true); + return true; } #else if(VirtualProtect(HookAddress, TEE_MAXIMUM_HOOK_SIZE, PAGE_EXECUTE_READWRITE, &OldProtect)) @@ -394,7 +394,7 @@ __declspec(dllexport) bool TITCALL HooksInsertNewRedirection(LPVOID HookAddress, RtlMoveMemory(&myHook.HookBytes[0], HookAddress, TEE_MAXIMUM_HOOK_SIZE); VirtualProtect(HookAddress, TEE_MAXIMUM_HOOK_SIZE, OldProtect, &OldProtect); hookEntry.push_back(myHook); - return(true); + return true; } #endif } @@ -409,7 +409,7 @@ __declspec(dllexport) bool TITCALL HooksInsertNewRedirection(LPVOID HookAddress, RtlMoveMemory(&myHook.HookBytes[0], HookAddress, TEE_MAXIMUM_HOOK_SIZE); VirtualProtect(HookAddress, TEE_MAXIMUM_HOOK_SIZE, OldProtect, &OldProtect); hookEntry.push_back(myHook); - return(true); + return true; } #else if(VirtualProtect(HookAddress, TEE_MAXIMUM_HOOK_SIZE, PAGE_EXECUTE_READWRITE, &OldProtect)) @@ -421,12 +421,12 @@ __declspec(dllexport) bool TITCALL HooksInsertNewRedirection(LPVOID HookAddress, RtlMoveMemory(&myHook.HookBytes[0], HookAddress, TEE_MAXIMUM_HOOK_SIZE); VirtualProtect(HookAddress, TEE_MAXIMUM_HOOK_SIZE, OldProtect, &OldProtect); hookEntry.push_back(myHook); - return(true); + return true; } #endif } } - return(false); + return false; } __declspec(dllexport) bool TITCALL HooksInsertNewIATRedirectionEx(ULONG_PTR FileMapVA, ULONG_PTR LoadedModuleBase, char* szHookFunction, LPVOID RedirectTo) { @@ -466,7 +466,7 @@ __declspec(dllexport) bool TITCALL HooksInsertNewIATRedirectionEx(ULONG_PTR File } else { - return(false); + return false; } if(!FileIs64) { @@ -509,11 +509,11 @@ __declspec(dllexport) bool TITCALL HooksInsertNewIATRedirectionEx(ULONG_PTR File } ImportIID = (PIMAGE_IMPORT_DESCRIPTOR)((ULONG_PTR)ImportIID + sizeof IMAGE_IMPORT_DESCRIPTOR); } - return(true); + return true; } __except(EXCEPTION_EXECUTE_HANDLER) { - return(false); + return false; } } } @@ -558,25 +558,25 @@ __declspec(dllexport) bool TITCALL HooksInsertNewIATRedirectionEx(ULONG_PTR File } ImportIID = (PIMAGE_IMPORT_DESCRIPTOR)((ULONG_PTR)ImportIID + sizeof IMAGE_IMPORT_DESCRIPTOR); } - return(true); + return true; } __except(EXCEPTION_EXECUTE_HANDLER) { - return(false); + return false; } } } } else { - return(false); + return false; } } else { - return(false); + return false; } - return(false); + return false; } __declspec(dllexport) bool TITCALL HooksInsertNewIATRedirection(char* szModuleName, char* szHookFunction, LPVOID RedirectTo) { @@ -597,7 +597,7 @@ __declspec(dllexport) bool TITCALL HooksInsertNewIATRedirection(char* szModuleNa if(HooksInsertNewIATRedirectionEx(FileMapVA, (ULONG_PTR)SelectedModule, szHookFunction, RedirectTo)) { UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); - return(true); + return true; } else { @@ -605,7 +605,7 @@ __declspec(dllexport) bool TITCALL HooksInsertNewIATRedirection(char* szModuleNa } } } - return(false); + return false; } __declspec(dllexport) bool TITCALL HooksRemoveRedirection(LPVOID HookAddress, bool RemoveAll) { @@ -623,11 +623,11 @@ __declspec(dllexport) bool TITCALL HooksRemoveRedirection(LPVOID HookAddress, bo RtlMoveMemory(HookAddress, &hookEntry[i].OriginalBytes, hookEntry[i].HookSize); VirtualProtect(HookAddress, TEE_MAXIMUM_HOOK_SIZE, OldProtect, &OldProtect); hookEntry.erase(hookEntry.begin() + i); - return(true); + return true; } } } - return(false); + return false; } else { @@ -640,7 +640,7 @@ __declspec(dllexport) bool TITCALL HooksRemoveRedirection(LPVOID HookAddress, bo } } hookEntry.clear(); - return(true); + return true; } } __declspec(dllexport) bool TITCALL HooksRemoveRedirectionsForModule(HMODULE ModuleBase) @@ -669,14 +669,14 @@ __declspec(dllexport) bool TITCALL HooksRemoveRedirectionsForModule(HMODULE Modu } if(j == NULL) { - return(false); + return false; } } else { - return(false); + return false; } - return(true); + return true; } __declspec(dllexport) bool TITCALL HooksRemoveIATRedirection(char* szModuleName, char* szHookFunction, bool RemoveAll) { @@ -702,7 +702,7 @@ __declspec(dllexport) bool TITCALL HooksRemoveIATRedirection(char* szModuleName, i--; } } - return(false); + return false; } __declspec(dllexport) bool TITCALL HooksDisableRedirection(LPVOID HookAddress, bool DisableAll) { @@ -720,11 +720,11 @@ __declspec(dllexport) bool TITCALL HooksDisableRedirection(LPVOID HookAddress, b RtlMoveMemory(HookAddress, &hookEntry[i].OriginalBytes, hookEntry[i].HookSize); VirtualProtect(HookAddress, TEE_MAXIMUM_HOOK_SIZE, OldProtect, &OldProtect); hookEntry[i].HookIsEnabled = false; - return(true); + return true; } } } - return(false); + return false; } else { @@ -737,7 +737,7 @@ __declspec(dllexport) bool TITCALL HooksDisableRedirection(LPVOID HookAddress, b hookEntry[i].HookIsEnabled = false; } } - return(true); + return true; } } __declspec(dllexport) bool TITCALL HooksDisableRedirectionsForModule(HMODULE ModuleBase) @@ -766,14 +766,14 @@ __declspec(dllexport) bool TITCALL HooksDisableRedirectionsForModule(HMODULE Mod } if(j == NULL) { - return(false); + return false; } } else { - return(false); + return false; } - return(true); + return true; } __declspec(dllexport) bool TITCALL HooksDisableIATRedirection(char* szModuleName, char* szHookFunction, bool DisableAll) { @@ -802,7 +802,7 @@ __declspec(dllexport) bool TITCALL HooksDisableIATRedirection(char* szModuleName i--; } } - return(false); + return false; } __declspec(dllexport) bool TITCALL HooksEnableRedirection(LPVOID HookAddress, bool EnableAll) { @@ -820,11 +820,11 @@ __declspec(dllexport) bool TITCALL HooksEnableRedirection(LPVOID HookAddress, bo RtlMoveMemory(HookAddress, &hookEntry[i].HookBytes, hookEntry[i].HookSize); VirtualProtect(HookAddress, TEE_MAXIMUM_HOOK_SIZE, OldProtect, &OldProtect); hookEntry[i].HookIsEnabled = true; - return(true); + return true; } } } - return(false); + return false; } else { @@ -837,7 +837,7 @@ __declspec(dllexport) bool TITCALL HooksEnableRedirection(LPVOID HookAddress, bo hookEntry[i].HookIsEnabled = true; } } - return(true); + return true; } } __declspec(dllexport) bool TITCALL HooksEnableRedirectionsForModule(HMODULE ModuleBase) @@ -866,14 +866,14 @@ __declspec(dllexport) bool TITCALL HooksEnableRedirectionsForModule(HMODULE Modu } if(j == NULL) { - return(false); + return false; } } else { - return(false); + return false; } - return(true); + return true; } __declspec(dllexport) bool TITCALL HooksEnableIATRedirection(char* szModuleName, char* szHookFunction, bool EnableAll) { @@ -902,7 +902,7 @@ __declspec(dllexport) bool TITCALL HooksEnableIATRedirection(char* szModuleName, i--; } } - return(false); + return false; } __declspec(dllexport) void TITCALL HooksScanModuleMemory(HMODULE ModuleBase, LPVOID CallBack) { @@ -1143,4 +1143,4 @@ __declspec(dllexport) void TITCALL HooksScanEntireProcessMemory(LPVOID CallBack) __declspec(dllexport) void TITCALL HooksScanEntireProcessMemoryEx() { HooksScanEntireProcessMemory(&ProcessHookScanAddNewHook); -} \ No newline at end of file +} diff --git a/TitanEngine/TitanEngine.Importer.cpp b/TitanEngine/TitanEngine.Importer.cpp index 3e97021..4141d89 100644 --- a/TitanEngine/TitanEngine.Importer.cpp +++ b/TitanEngine/TitanEngine.Importer.cpp @@ -73,7 +73,7 @@ __declspec(dllexport) bool TITCALL ImporterExportIATEx(char* szDumpFileName, cha } else { - return(false); + return false; } } __declspec(dllexport) bool TITCALL ImporterExportIATExW(wchar_t* szDumpFileName, wchar_t* szExportFileName, wchar_t* szSectionName) @@ -271,11 +271,11 @@ __declspec(dllexport) bool TITCALL ImporterIsForwardedAPI(HANDLE hProcess, ULONG { if((ULONG_PTR)EngineGlobalAPIHandler(hProcess, NULL, APIAddress, NULL, UE_OPTION_IMPORTER_RETURN_FORWARDER_DLLINDEX) > NULL) { - return(true); + return true; } else { - return(false); + return false; } } __declspec(dllexport) void* TITCALL ImporterGetForwardedAPIName(HANDLE hProcess, ULONG_PTR APIAddress) @@ -316,7 +316,7 @@ __declspec(dllexport) bool TITCALL ImporterCopyOriginalIAT(char* szOriginalFile, } else { - return(false); + return false; } } __declspec(dllexport) bool TITCALL ImporterCopyOriginalIATW(wchar_t* szOriginalFile, wchar_t* szDumpFile) @@ -362,7 +362,7 @@ __declspec(dllexport) bool TITCALL ImporterCopyOriginalIATW(wchar_t* szOriginalF { UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); UnMapFileEx(FileHandle1, FileSize1, FileMap1, FileMapVA1); - return(false); + return false; } if(!FileIs64) { @@ -388,13 +388,13 @@ __declspec(dllexport) bool TITCALL ImporterCopyOriginalIATW(wchar_t* szOriginalF SetPE32DataForMappedFile(FileMapVA1, NULL, UE_IMPORTTABLESIZE, (ULONG_PTR)IATHeaderData); UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); UnMapFileEx(FileHandle1, FileSize1, FileMap1, FileMapVA1); - return(true); + return true; } __except(EXCEPTION_EXECUTE_HANDLER) { UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); UnMapFileEx(FileHandle1, FileSize1, FileMap1, FileMapVA1); - return(false); + return false; } } } @@ -403,7 +403,7 @@ __declspec(dllexport) bool TITCALL ImporterCopyOriginalIATW(wchar_t* szOriginalF UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); } - return(false); + return false; } __declspec(dllexport) bool TITCALL ImporterLoadImportTable(char* szFileName) { @@ -417,7 +417,7 @@ __declspec(dllexport) bool TITCALL ImporterLoadImportTable(char* szFileName) } else { - return(false); + return false; } } __declspec(dllexport) bool TITCALL ImporterLoadImportTableW(wchar_t* szFileName) @@ -456,7 +456,7 @@ __declspec(dllexport) bool TITCALL ImporterLoadImportTableW(wchar_t* szFileName) else { UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); - return(false); + return false; } if(!FileIs64) { @@ -495,13 +495,13 @@ __declspec(dllexport) bool TITCALL ImporterLoadImportTableW(wchar_t* szFileName) ImportIID = (PIMAGE_IMPORT_DESCRIPTOR)((ULONG_PTR)ImportIID + sizeof IMAGE_IMPORT_DESCRIPTOR); } UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); - return(true); + return true; } __except(EXCEPTION_EXECUTE_HANDLER) { ImporterCleanup(); UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); - return(false); + return false; } } } @@ -542,13 +542,13 @@ __declspec(dllexport) bool TITCALL ImporterLoadImportTableW(wchar_t* szFileName) ImportIID = (PIMAGE_IMPORT_DESCRIPTOR)((ULONG_PTR)ImportIID + sizeof IMAGE_IMPORT_DESCRIPTOR); } UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); - return(true); + return true; } __except(EXCEPTION_EXECUTE_HANDLER) { ImporterCleanup(); UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); - return(false); + return false; } } } @@ -556,15 +556,15 @@ __declspec(dllexport) bool TITCALL ImporterLoadImportTableW(wchar_t* szFileName) else { UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); - return(false); + return false; } } else { - return(false); + return false; } UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); - return(false); + return false; */ } __declspec(dllexport) bool TITCALL ImporterMoveOriginalIAT(char* szOriginalFile, char* szDumpFile, char* szSectionName) @@ -574,7 +574,7 @@ __declspec(dllexport) bool TITCALL ImporterMoveOriginalIAT(char* szOriginalFile, { return(ImporterExportIATEx(szDumpFile, szSectionName)); }*/ - return(false); + return false; } __declspec(dllexport) bool TITCALL ImporterMoveOriginalIATW(wchar_t* szOriginalFile, wchar_t* szDumpFile, char* szSectionName) { @@ -583,7 +583,7 @@ __declspec(dllexport) bool TITCALL ImporterMoveOriginalIATW(wchar_t* szOriginalF { return(ImporterExportIATExW(szDumpFile, szSectionName)); }*/ - return(false); + return false; } __declspec(dllexport) void TITCALL ImporterAutoSearchIAT(DWORD ProcessId, char* szFileName, ULONG_PTR SearchStart, LPVOID pIATStart, LPVOID pIATSize) { @@ -743,4 +743,4 @@ __declspec(dllexport) long TITCALL ImporterAutoFixIATW(DWORD ProcessId, wchar_t* __declspec(dllexport) bool TITCALL ImporterDeleteAPI(DWORD_PTR apiAddr) { return scylla_cutImport(apiAddr); -} \ No newline at end of file +} diff --git a/TitanEngine/TitanEngine.Injector.cpp b/TitanEngine/TitanEngine.Injector.cpp index 1d86a3d..42b2310 100644 --- a/TitanEngine/TitanEngine.Injector.cpp +++ b/TitanEngine/TitanEngine.Injector.cpp @@ -15,7 +15,7 @@ __declspec(dllexport) bool TITCALL RemoteLoadLibrary(HANDLE hProcess, char* szLi } else { - return(false); + return false; } } __declspec(dllexport) bool TITCALL RemoteLoadLibraryW(HANDLE hProcess, wchar_t* szLibraryFile, bool WaitForThreadExit) @@ -68,7 +68,7 @@ __declspec(dllexport) bool TITCALL RemoteLoadLibraryW(HANDLE hProcess, wchar_t* { if(ExitCode == NULL) { - return(false); + return false; } } } @@ -86,7 +86,7 @@ __declspec(dllexport) bool TITCALL RemoteLoadLibraryW(HANDLE hProcess, wchar_t* engineReservedMemoryProcess = hProcess; ThreaderSetCallBackForNextExitThreadEvent((LPVOID)&injectedTerminator); } - return(true); + return true; } else { @@ -94,7 +94,7 @@ __declspec(dllexport) bool TITCALL RemoteLoadLibraryW(HANDLE hProcess, wchar_t* VirtualFreeEx(hProcess, remStringData, NULL, MEM_RELEASE); } } - return(false); + return false; } __declspec(dllexport) bool TITCALL RemoteFreeLibrary(HANDLE hProcess, HMODULE hModule, char* szLibraryFile, bool WaitForThreadExit) { @@ -108,7 +108,7 @@ __declspec(dllexport) bool TITCALL RemoteFreeLibrary(HANDLE hProcess, HMODULE hM } else { - return(false); + return false; } } __declspec(dllexport) bool TITCALL RemoteFreeLibraryW(HANDLE hProcess, HMODULE hModule, wchar_t* szLibraryFile, bool WaitForThreadExit) @@ -165,7 +165,7 @@ __declspec(dllexport) bool TITCALL RemoteFreeLibraryW(HANDLE hProcess, HMODULE h { if(ExitCode == NULL) { - return(false); + return false; } } } @@ -183,7 +183,7 @@ __declspec(dllexport) bool TITCALL RemoteFreeLibraryW(HANDLE hProcess, HMODULE h engineReservedMemoryProcess = hProcess; ThreaderSetCallBackForNextExitThreadEvent((LPVOID)&injectedTerminator); } - return(true); + return true; } else { @@ -211,7 +211,7 @@ __declspec(dllexport) bool TITCALL RemoteFreeLibraryW(HANDLE hProcess, HMODULE h { if(ExitCode == NULL) { - return(false); + return false; } } } @@ -229,7 +229,7 @@ __declspec(dllexport) bool TITCALL RemoteFreeLibraryW(HANDLE hProcess, HMODULE h engineReservedMemoryProcess = hProcess; ThreaderSetCallBackForNextExitThreadEvent((LPVOID)&injectedTerminator); } - return(true); + return true; } else { @@ -238,7 +238,7 @@ __declspec(dllexport) bool TITCALL RemoteFreeLibraryW(HANDLE hProcess, HMODULE h } } } - return(false); + return false; } __declspec(dllexport) bool TITCALL RemoteExitProcess(HANDLE hProcess, DWORD ExitCode) { @@ -268,7 +268,7 @@ __declspec(dllexport) bool TITCALL RemoteExitProcess(HANDLE hProcess, DWORD Exit WriteProcessMemory(hProcess, remStringData, &APIData, sizeof InjectCodeData, &NumberOfBytesWritten); hThread = CreateRemoteThread(hProcess, NULL, NULL, (LPTHREAD_START_ROUTINE)remCodeData, remStringData, NULL, &ThreadId); VirtualFreeEx(hProcess, remCodeData, NULL, MEM_RELEASE); - return(true); + return true; } else { @@ -276,5 +276,5 @@ __declspec(dllexport) bool TITCALL RemoteExitProcess(HANDLE hProcess, DWORD Exit VirtualFreeEx(hProcess, remStringData, NULL, MEM_RELEASE); } } - return(false); -} \ No newline at end of file + return false; +} diff --git a/TitanEngine/TitanEngine.Librarian.cpp b/TitanEngine/TitanEngine.Librarian.cpp index 1568a16..cb05908 100644 --- a/TitanEngine/TitanEngine.Librarian.cpp +++ b/TitanEngine/TitanEngine.Librarian.cpp @@ -20,9 +20,9 @@ __declspec(dllexport) bool TITCALL LibrarianSetBreakPoint(char* szLibraryName, D ptrLibrarianData->bpxCallBack = bpxCallBack; ptrLibrarianData->bpxSingleShoot = SingleShoot; ptrLibrarianData->bpxType = bpxType; - return(true); + return true; } - return(false); + return false; } __declspec(dllexport) bool TITCALL LibrarianRemoveBreakPoint(char* szLibraryName, DWORD bpxType) @@ -45,9 +45,9 @@ __declspec(dllexport) bool TITCALL LibrarianRemoveBreakPoint(char* szLibraryName ptrLibrarianData = (PLIBRARY_BREAK_DATA)((ULONG_PTR)ptrLibrarianData + sizeof LIBRARY_BREAK_DATA); i--; } - return(true); + return true; } - return(false); + return false; } __declspec(dllexport) void* TITCALL LibrarianGetLibraryInfo(char* szLibraryName) @@ -213,4 +213,4 @@ __declspec(dllexport) void TITCALL LibrarianEnumLibraryInfoW(void* EnumCallBack) hListLibraryPtr = (PLIBRARY_ITEM_DATAW)((ULONG_PTR)hListLibraryPtr + sizeof LIBRARY_ITEM_DATAW); } } -} \ No newline at end of file +} diff --git a/TitanEngine/TitanEngine.OEPFinder.cpp b/TitanEngine/TitanEngine.OEPFinder.cpp index 5068b94..12fac3f 100644 --- a/TitanEngine/TitanEngine.OEPFinder.cpp +++ b/TitanEngine/TitanEngine.OEPFinder.cpp @@ -19,7 +19,7 @@ __declspec(dllexport) bool TITCALL FindOEPGenerically(char* szFileName, LPVOID T } else { - return(false); + return false; } } __declspec(dllexport) bool TITCALL FindOEPGenericallyW(wchar_t* szFileName, LPVOID TraceInitCallBack, LPVOID CallBack) @@ -36,5 +36,5 @@ __declspec(dllexport) bool TITCALL FindOEPGenericallyW(wchar_t* szFileName, LPVO VirtualFree(glbEntryTracerData.SectionData[i].AllocatedSection, NULL, MEM_RELEASE); } } - return(false); -} \ No newline at end of file + return false; +} diff --git a/TitanEngine/TitanEngine.PE.Data.cpp b/TitanEngine/TitanEngine.PE.Data.cpp index fe0ad68..6ff76e5 100644 --- a/TitanEngine/TitanEngine.PE.Data.cpp +++ b/TitanEngine/TitanEngine.PE.Data.cpp @@ -406,7 +406,7 @@ __declspec(dllexport) bool TITCALL GetPE32DataFromMappedFileEx(ULONG_PTR FileMap } else { - return(false); + return false; } if(!FileIs64) { @@ -436,7 +436,7 @@ __declspec(dllexport) bool TITCALL GetPE32DataFromMappedFileEx(ULONG_PTR FileMap PE32Structure->SubSystem = PEHeader32->OptionalHeader.Subsystem; PE32Structure->Characteristics = PEHeader32->FileHeader.Characteristics; PE32Structure->NumberOfRvaAndSizes = PEHeader32->OptionalHeader.NumberOfRvaAndSizes; - return(true); + return true; } else { @@ -466,15 +466,15 @@ __declspec(dllexport) bool TITCALL GetPE32DataFromMappedFileEx(ULONG_PTR FileMap PE64Structure->SubSystem = PEHeader64->OptionalHeader.Subsystem; PE64Structure->Characteristics = PEHeader64->FileHeader.Characteristics; PE64Structure->NumberOfRvaAndSizes = PEHeader64->OptionalHeader.NumberOfRvaAndSizes; - return(true); + return true; } } else { - return(false); + return false; } } - return(false); + return false; } __declspec(dllexport) bool TITCALL GetPE32DataEx(char* szFileName, LPVOID DataStorage) { @@ -491,16 +491,16 @@ __declspec(dllexport) bool TITCALL GetPE32DataEx(char* szFileName, LPVOID DataSt UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); if(ReturnValue) { - return(true); + return true; } else { - return(false); + return false; } } else { - return(false); + return false; } } __declspec(dllexport) bool TITCALL GetPE32DataExW(wchar_t* szFileName, LPVOID DataStorage) @@ -518,16 +518,16 @@ __declspec(dllexport) bool TITCALL GetPE32DataExW(wchar_t* szFileName, LPVOID Da UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); if(ReturnValue) { - return(true); + return true; } else { - return(false); + return false; } } else { - return(false); + return false; } } __declspec(dllexport) bool TITCALL SetPE32DataForMappedFile(ULONG_PTR FileMapVA, DWORD WhichSection, DWORD WhichData, ULONG_PTR NewDataValue) @@ -557,7 +557,7 @@ __declspec(dllexport) bool TITCALL SetPE32DataForMappedFile(ULONG_PTR FileMapVA, } else { - return(false); + return false; } if(!FileIs64) { @@ -570,131 +570,131 @@ __declspec(dllexport) bool TITCALL SetPE32DataForMappedFile(ULONG_PTR FileMapVA, if(WhichData == UE_PE_OFFSET) { DOSHeader->e_lfanew = (DWORD)NewDataValue; - return(true); + return true; } else if(WhichData == UE_IMAGEBASE) { PEHeader32->OptionalHeader.ImageBase = (DWORD)NewDataValue; - return(true); + return true; } else if(WhichData == UE_OEP) { PEHeader32->OptionalHeader.AddressOfEntryPoint = (DWORD)NewDataValue; - return(true); + return true; } else if(WhichData == UE_BASEOFCODE) { PEHeader32->OptionalHeader.BaseOfCode = (DWORD)NewDataValue; - return(true); + return true; } else if(WhichData == UE_BASEOFDATA) { PEHeader32->OptionalHeader.BaseOfData = (DWORD)NewDataValue; - return(true); + return true; } else if(WhichData == UE_SIZEOFIMAGE) { PEHeader32->OptionalHeader.SizeOfImage = (DWORD)NewDataValue; - return(true); + return true; } else if(WhichData == UE_SIZEOFHEADERS) { PEHeader32->OptionalHeader.SizeOfHeaders = (DWORD)NewDataValue; - return(true); + return true; } else if(WhichData == UE_SIZEOFOPTIONALHEADER) { PEHeader32->FileHeader.SizeOfOptionalHeader = (WORD)NewDataValue; - return(true); + return true; } else if(WhichData == UE_SECTIONALIGNMENT) { PEHeader32->OptionalHeader.SectionAlignment = (WORD)NewDataValue; - return(true); + return true; } else if(WhichData == UE_IMPORTTABLEADDRESS) { PEHeader32->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_IMPORT].VirtualAddress = (DWORD)NewDataValue; - return(true); + return true; } else if(WhichData == UE_IMPORTTABLESIZE) { PEHeader32->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_IMPORT].Size = (DWORD)NewDataValue; - return(true); + return true; } else if(WhichData == UE_RESOURCETABLEADDRESS) { PEHeader32->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_RESOURCE].VirtualAddress = (DWORD)NewDataValue; - return(true); + return true; } else if(WhichData == UE_RESOURCETABLESIZE) { PEHeader32->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_RESOURCE].Size = (DWORD)NewDataValue; - return(true); + return true; } else if(WhichData == UE_EXPORTTABLEADDRESS) { PEHeader32->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_EXPORT].VirtualAddress = (DWORD)NewDataValue; - return(true); + return true; } else if(WhichData == UE_EXPORTTABLESIZE) { PEHeader32->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_EXPORT].Size = (DWORD)NewDataValue; - return(true); + return true; } else if(WhichData == UE_TLSTABLEADDRESS) { PEHeader32->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_TLS].VirtualAddress = (DWORD)NewDataValue; - return(true); + return true; } else if(WhichData == UE_TLSTABLESIZE) { PEHeader32->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_TLS].Size = (DWORD)NewDataValue; - return(true); + return true; } else if(WhichData == UE_RELOCATIONTABLEADDRESS) { PEHeader32->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_BASERELOC].VirtualAddress = (DWORD)NewDataValue; - return(true); + return true; } else if(WhichData == UE_RELOCATIONTABLESIZE) { PEHeader32->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_BASERELOC].Size = (DWORD)NewDataValue; - return(true); + return true; } else if(WhichData == UE_TIMEDATESTAMP) { PEHeader32->FileHeader.TimeDateStamp = (DWORD)NewDataValue; - return(true); + return true; } else if(WhichData == UE_SECTIONNUMBER) { PEHeader32->FileHeader.NumberOfSections = (WORD)NewDataValue; - return(true); + return true; } else if(WhichData == UE_CHECKSUM) { PEHeader32->OptionalHeader.CheckSum = (DWORD)NewDataValue; - return(true); + return true; } else if(WhichData == UE_SUBSYSTEM) { PEHeader32->OptionalHeader.Subsystem = (WORD)NewDataValue; - return(true); + return true; } else if(WhichData == UE_CHARACTERISTICS) { PEHeader32->FileHeader.Characteristics = (WORD)NewDataValue; - return(true); + return true; } else if(WhichData == UE_NUMBEROFRVAANDSIZES) { PEHeader32->OptionalHeader.NumberOfRvaAndSizes = (DWORD)NewDataValue; - return(true); + return true; } else { - return(false); + return false; } } else @@ -705,45 +705,45 @@ __declspec(dllexport) bool TITCALL SetPE32DataForMappedFile(ULONG_PTR FileMapVA, if(WhichData == UE_SECTIONNAME) { memcpy(PESections->Name, (void*)NewDataValue, 8); - return(true); + return true; } else if(WhichData == UE_SECTIONVIRTUALOFFSET) { PESections->VirtualAddress = (DWORD)NewDataValue; - return(true); + return true; } else if(WhichData == UE_SECTIONVIRTUALSIZE) { PESections->Misc.VirtualSize = (DWORD)NewDataValue; - return(true); + return true; } else if(WhichData == UE_SECTIONRAWOFFSET) { PESections->PointerToRawData = (DWORD)NewDataValue; - return(true); + return true; } else if(WhichData == UE_SECTIONRAWSIZE) { PESections->SizeOfRawData = (DWORD)NewDataValue; - return(true); + return true; } else if(WhichData == UE_SECTIONFLAGS) { PESections->Characteristics = (DWORD)NewDataValue; - return(true); + return true; } else { - return(false); + return false; } } } } __except(EXCEPTION_EXECUTE_HANDLER) { - return(false); + return false; } - return(false); + return false; } else { @@ -756,127 +756,127 @@ __declspec(dllexport) bool TITCALL SetPE32DataForMappedFile(ULONG_PTR FileMapVA, if(WhichData == UE_PE_OFFSET) { DOSHeader->e_lfanew = (DWORD)NewDataValue; - return(true); + return true; } else if(WhichData == UE_IMAGEBASE) { PEHeader64->OptionalHeader.ImageBase = NewDataValue; - return(true); + return true; } else if(WhichData == UE_OEP) { PEHeader64->OptionalHeader.AddressOfEntryPoint = (DWORD)NewDataValue; - return(true); + return true; } else if(WhichData == UE_BASEOFCODE) { PEHeader64->OptionalHeader.BaseOfCode = (DWORD)NewDataValue; - return(true); + return true; } else if(WhichData == UE_BASEOFDATA) { //non-existant in IMAGE_OPTIONAL_HEADER64 - return(false); + return false; } else if(WhichData == UE_SIZEOFIMAGE) { PEHeader64->OptionalHeader.SizeOfImage = (DWORD)NewDataValue; - return(true); + return true; } else if(WhichData == UE_SIZEOFHEADERS) { PEHeader64->OptionalHeader.SizeOfHeaders = (DWORD)NewDataValue; - return(true); + return true; } else if(WhichData == UE_SIZEOFOPTIONALHEADER) { PEHeader64->FileHeader.SizeOfOptionalHeader = (WORD)NewDataValue; - return(true); + return true; } else if(WhichData == UE_SECTIONALIGNMENT) { PEHeader64->OptionalHeader.SectionAlignment = (DWORD)NewDataValue; - return(true); + return true; } else if(WhichData == UE_IMPORTTABLEADDRESS) { PEHeader64->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_IMPORT].VirtualAddress = (DWORD)NewDataValue; - return(true); + return true; } else if(WhichData == UE_IMPORTTABLESIZE) { PEHeader64->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_IMPORT].Size = (DWORD)NewDataValue; - return(true); + return true; } else if(WhichData == UE_RESOURCETABLEADDRESS) { PEHeader64->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_RESOURCE].VirtualAddress = (DWORD)NewDataValue; - return(true); + return true; } else if(WhichData == UE_RESOURCETABLESIZE) { PEHeader64->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_RESOURCE].Size = (DWORD)NewDataValue; - return(true); + return true; } else if(WhichData == UE_EXPORTTABLEADDRESS) { PEHeader64->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_EXPORT].VirtualAddress = (DWORD)NewDataValue; - return(true); + return true; } else if(WhichData == UE_EXPORTTABLESIZE) { PEHeader64->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_EXPORT].Size = (DWORD)NewDataValue; - return(true); + return true; } else if(WhichData == UE_TLSTABLEADDRESS) { PEHeader64->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_TLS].VirtualAddress = (DWORD)NewDataValue; - return(true); + return true; } else if(WhichData == UE_TLSTABLESIZE) { PEHeader64->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_TLS].Size = (DWORD)NewDataValue; - return(true); + return true; } else if(WhichData == UE_RELOCATIONTABLEADDRESS) { PEHeader64->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_BASERELOC].VirtualAddress = (DWORD)NewDataValue; - return(true); + return true; } else if(WhichData == UE_RELOCATIONTABLESIZE) { PEHeader64->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_BASERELOC].Size = (DWORD)NewDataValue; - return(true); + return true; } else if(WhichData == UE_TIMEDATESTAMP) { PEHeader64->FileHeader.TimeDateStamp = (DWORD)NewDataValue; - return(true); + return true; } else if(WhichData == UE_SECTIONNUMBER) { PEHeader64->FileHeader.NumberOfSections = (WORD)NewDataValue; - return(true); + return true; } else if(WhichData == UE_CHECKSUM) { PEHeader64->OptionalHeader.CheckSum = (DWORD)NewDataValue; - return(true); + return true; } else if(WhichData == UE_SUBSYSTEM) { PEHeader64->OptionalHeader.Subsystem = (WORD)NewDataValue; - return(true); + return true; } else if(WhichData == UE_CHARACTERISTICS) { PEHeader64->FileHeader.Characteristics = (WORD)NewDataValue; - return(true); + return true; } else if(WhichData == UE_NUMBEROFRVAANDSIZES) { PEHeader64->OptionalHeader.NumberOfRvaAndSizes = (DWORD)NewDataValue; - return(true); + return true; } else { @@ -890,53 +890,53 @@ __declspec(dllexport) bool TITCALL SetPE32DataForMappedFile(ULONG_PTR FileMapVA, PESections = (PIMAGE_SECTION_HEADER)((ULONG_PTR)PESections + WhichSection * IMAGE_SIZEOF_SECTION_HEADER); if(WhichData == UE_SECTIONNAME) { - return(false); + return false; } else if(WhichData == UE_SECTIONVIRTUALOFFSET) { PESections->VirtualAddress = (DWORD)NewDataValue; - return(true); + return true; } else if(WhichData == UE_SECTIONVIRTUALSIZE) { PESections->Misc.VirtualSize = (DWORD)NewDataValue; - return(true); + return true; } else if(WhichData == UE_SECTIONRAWOFFSET) { PESections->PointerToRawData = (DWORD)NewDataValue; - return(true); + return true; } else if(WhichData == UE_SECTIONRAWSIZE) { PESections->SizeOfRawData = (DWORD)NewDataValue; - return(true); + return true; } else if(WhichData == UE_SECTIONFLAGS) { PESections->Characteristics = (DWORD)NewDataValue; - return(true); + return true; } else { - return(false); + return false; } } } } __except(EXCEPTION_EXECUTE_HANDLER) { - return(false); + return false; } - return(false); + return false; } } else { - return(false); + return false; } } - return(false); + return false; } __declspec(dllexport) bool TITCALL SetPE32Data(char* szFileName, DWORD WhichSection, DWORD WhichData, ULONG_PTR NewDataValue) { @@ -953,16 +953,16 @@ __declspec(dllexport) bool TITCALL SetPE32Data(char* szFileName, DWORD WhichSect UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); if(ReturnValue) { - return(true); + return true; } else { - return(false); + return false; } } else { - return(false); + return false; } } __declspec(dllexport) bool TITCALL SetPE32DataW(wchar_t* szFileName, DWORD WhichSection, DWORD WhichData, ULONG_PTR NewDataValue) @@ -980,16 +980,16 @@ __declspec(dllexport) bool TITCALL SetPE32DataW(wchar_t* szFileName, DWORD Which UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); if(ReturnValue) { - return(true); + return true; } else { - return(false); + return false; } } else { - return(false); + return false; } } __declspec(dllexport) bool TITCALL SetPE32DataForMappedFileEx(ULONG_PTR FileMapVA, LPVOID DataStorage) @@ -1019,7 +1019,7 @@ __declspec(dllexport) bool TITCALL SetPE32DataForMappedFileEx(ULONG_PTR FileMapV } else { - return(false); + return false; } if(!FileIs64) { @@ -1051,11 +1051,11 @@ __declspec(dllexport) bool TITCALL SetPE32DataForMappedFileEx(ULONG_PTR FileMapV PEHeader32->OptionalHeader.Subsystem = PE32Structure->SubSystem; PEHeader32->FileHeader.Characteristics = PE32Structure->Characteristics; PEHeader32->OptionalHeader.NumberOfRvaAndSizes = PE32Structure->NumberOfRvaAndSizes; - return(true); + return true; } __except(EXCEPTION_EXECUTE_HANDLER) { - return(false); + return false; } } else @@ -1087,20 +1087,20 @@ __declspec(dllexport) bool TITCALL SetPE32DataForMappedFileEx(ULONG_PTR FileMapV PEHeader64->OptionalHeader.Subsystem = PE64Structure->SubSystem; PEHeader64->FileHeader.Characteristics = PE64Structure->Characteristics; PEHeader64->OptionalHeader.NumberOfRvaAndSizes = PE64Structure->NumberOfRvaAndSizes; - return(true); + return true; } __except(EXCEPTION_EXECUTE_HANDLER) { - return(false); + return false; } } } else { - return(false); + return false; } } - return(false); + return false; } __declspec(dllexport) bool TITCALL SetPE32DataEx(char* szFileName, LPVOID DataStorage) { @@ -1117,16 +1117,16 @@ __declspec(dllexport) bool TITCALL SetPE32DataEx(char* szFileName, LPVOID DataSt UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); if(ReturnValue) { - return(true); + return true; } else { - return(false); + return false; } } else { - return(false); + return false; } } __declspec(dllexport) bool TITCALL SetPE32DataExW(wchar_t* szFileName, LPVOID DataStorage) @@ -1144,16 +1144,16 @@ __declspec(dllexport) bool TITCALL SetPE32DataExW(wchar_t* szFileName, LPVOID Da UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); if(ReturnValue) { - return(true); + return true; } else { - return(false); + return false; } } else { - return(false); + return false; } } @@ -1164,17 +1164,17 @@ __declspec(dllexport) bool TITCALL IsFileDLL(char* szFileName, ULONG_PTR FileMap { if((DWORD)GetPE32Data(szFileName, NULL, UE_CHARACTERISTICS) & 0x2000) { - return(true); + return true; } } else if(FileMapVA != NULL) { if((DWORD)GetPE32DataFromMappedFile(FileMapVA, NULL, UE_CHARACTERISTICS) & 0x2000) { - return(true); + return true; } } - return(false); + return false; } __declspec(dllexport) bool TITCALL IsFileDLLW(wchar_t* szFileName, ULONG_PTR FileMapVA) @@ -1184,15 +1184,15 @@ __declspec(dllexport) bool TITCALL IsFileDLLW(wchar_t* szFileName, ULONG_PTR Fil { if((DWORD)GetPE32DataW(szFileName, NULL, UE_CHARACTERISTICS) & 0x2000) { - return(true); + return true; } } else if(FileMapVA != NULL) { if((DWORD)GetPE32DataFromMappedFile(FileMapVA, NULL, UE_CHARACTERISTICS) & 0x2000) { - return(true); + return true; } } - return(false); -} \ No newline at end of file + return false; +} diff --git a/TitanEngine/TitanEngine.PE.Fixer.cpp b/TitanEngine/TitanEngine.PE.Fixer.cpp index 83d81cd..23cf5e3 100644 --- a/TitanEngine/TitanEngine.PE.Fixer.cpp +++ b/TitanEngine/TitanEngine.PE.Fixer.cpp @@ -15,7 +15,7 @@ __declspec(dllexport) bool TITCALL IsPE32FileValidEx(char* szFileName, DWORD Che } else { - return(false); + return false; } } @@ -84,7 +84,7 @@ __declspec(dllexport) bool TITCALL IsPE32FileValidExW(wchar_t* szFileName, DWORD RtlMoveMemory(FileStatusInfo, &myFileStatusInfo, sizeof FILE_STATUS_INFO); } UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); - return(false); + return false; } if(!FileIs64) { @@ -809,7 +809,7 @@ __declspec(dllexport) bool TITCALL IsPE32FileValidExW(wchar_t* szFileName, DWORD UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); if(myFileStatusInfo.OveralEvaluation == UE_RESULT_FILE_OK) { - return(true); + return true; } } __except(EXCEPTION_EXECUTE_HANDLER) @@ -822,7 +822,7 @@ __declspec(dllexport) bool TITCALL IsPE32FileValidExW(wchar_t* szFileName, DWORD RtlMoveMemory(FileStatusInfo, &myFileStatusInfo, sizeof FILE_STATUS_INFO); } UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); - return(false); + return false; } } else @@ -1548,7 +1548,7 @@ __declspec(dllexport) bool TITCALL IsPE32FileValidExW(wchar_t* szFileName, DWORD UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); if(myFileStatusInfo.OveralEvaluation == UE_RESULT_FILE_OK) { - return(true); + return true; } } __except(EXCEPTION_EXECUTE_HANDLER) @@ -1561,7 +1561,7 @@ __declspec(dllexport) bool TITCALL IsPE32FileValidExW(wchar_t* szFileName, DWORD RtlMoveMemory(FileStatusInfo, &myFileStatusInfo, sizeof FILE_STATUS_INFO); } UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); - return(false); + return false; } } } @@ -1574,14 +1574,14 @@ __declspec(dllexport) bool TITCALL IsPE32FileValidExW(wchar_t* szFileName, DWORD RtlMoveMemory(FileStatusInfo, &myFileStatusInfo, sizeof FILE_STATUS_INFO); } UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); - return(false); + return false; } } if(FileStatusInfo != NULL) { RtlMoveMemory(FileStatusInfo, &myFileStatusInfo, sizeof FILE_STATUS_INFO); } - return(false); + return false; } __declspec(dllexport) bool TITCALL FixBrokenPE32FileEx(char* szFileName, LPVOID FileStatusInfo, LPVOID FileFixInfo) { @@ -1595,7 +1595,7 @@ __declspec(dllexport) bool TITCALL FixBrokenPE32FileEx(char* szFileName, LPVOID } else { - return(false); + return false; } } __declspec(dllexport) bool TITCALL FixBrokenPE32FileExW(wchar_t* szFileName, LPVOID FileStatusInfo, LPVOID FileFixInfo) @@ -1667,37 +1667,37 @@ __declspec(dllexport) bool TITCALL FixBrokenPE32FileExW(wchar_t* szFileName, LPV else { UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); - return(false); + return false; } if(myFileStatusInfo->SignatureMZ != UE_FIELD_OK) { UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); - return(false); + return false; } else if(myFileStatusInfo->SignaturePE != UE_FIELD_OK) { UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); - return(false); + return false; } else if(myFileStatusInfo->SectionAlignment != UE_FIELD_OK) { UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); - return(false); + return false; } else if(myFileStatusInfo->FileAlignment != UE_FIELD_OK) { UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); - return(false); + return false; } else if(myFileStatusInfo->ImportTable != UE_FIELD_OK) { UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); - return(false); + return false; } else if(myFileStatusInfo->ImportTableData != UE_FIELD_OK) { UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); - return(false); + return false; } if(!FileIs64) { @@ -1733,7 +1733,7 @@ __declspec(dllexport) bool TITCALL FixBrokenPE32FileExW(wchar_t* szFileName, LPV if(!SetPE32DataForMappedFile(FileMapVA, SectionAttributes, UE_SECTIONFLAGS, 0xE0000020)) { UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); - return(false); + return false; } } if(PEHeader32->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_IMPORT].VirtualAddress != NULL) @@ -2269,7 +2269,7 @@ __declspec(dllexport) bool TITCALL FixBrokenPE32FileExW(wchar_t* szFileName, LPV if(!SetPE32DataForMappedFile(FileMapVA, SectionNumber, UE_SECTIONFLAGS, 0xE0000020)) { UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); - return(false); + return false; } } } @@ -2283,13 +2283,13 @@ __declspec(dllexport) bool TITCALL FixBrokenPE32FileExW(wchar_t* szFileName, LPV myFileFixInfo->OveralEvaluation = UE_RESULT_FILE_OK; myFileFixInfo->FileFixPerformed = FileFixed; } - return(true); + return true; } __except(EXCEPTION_EXECUTE_HANDLER) { myFileFixInfo->FixingTerminatedByException = true; UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); - return(false); + return false; } } else @@ -2326,7 +2326,7 @@ __declspec(dllexport) bool TITCALL FixBrokenPE32FileExW(wchar_t* szFileName, LPV if(!SetPE32DataForMappedFile(FileMapVA, SectionAttributes, UE_SECTIONFLAGS, 0xE0000020)) { UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); - return(false); + return false; } } if(PEHeader64->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_IMPORT].VirtualAddress != NULL) @@ -2862,7 +2862,7 @@ __declspec(dllexport) bool TITCALL FixBrokenPE32FileExW(wchar_t* szFileName, LPV if(!SetPE32DataForMappedFile(FileMapVA, SectionNumber, UE_SECTIONFLAGS, 0xE0000020)) { UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); - return(false); + return false; } } } @@ -2876,20 +2876,20 @@ __declspec(dllexport) bool TITCALL FixBrokenPE32FileExW(wchar_t* szFileName, LPV myFileFixInfo->OveralEvaluation = UE_RESULT_FILE_OK; myFileFixInfo->FileFixPerformed = FileFixed; } - return(true); + return true; } __except(EXCEPTION_EXECUTE_HANDLER) { myFileFixInfo->FixingTerminatedByException = true; UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); - return(false); + return false; } } } else { UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); - return(false); + return false; } } } @@ -2913,7 +2913,7 @@ __declspec(dllexport) bool TITCALL FixBrokenPE32FileExW(wchar_t* szFileName, LPV else { UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); - return(false); + return false; } if(!FileIs64) { @@ -3002,9 +3002,9 @@ __declspec(dllexport) bool TITCALL FixBrokenPE32FileExW(wchar_t* szFileName, LPV } } UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); - return(true); + return true; } } } - return(false); -} \ No newline at end of file + return false; +} diff --git a/TitanEngine/TitanEngine.PE.Overlay.cpp b/TitanEngine/TitanEngine.PE.Overlay.cpp index a59c484..d4a10cc 100644 --- a/TitanEngine/TitanEngine.PE.Overlay.cpp +++ b/TitanEngine/TitanEngine.PE.Overlay.cpp @@ -19,7 +19,7 @@ __declspec(dllexport) bool TITCALL FindOverlay(char* szFileName, LPDWORD Overlay } else { - return(false); + return false; } } @@ -57,7 +57,7 @@ __declspec(dllexport) bool TITCALL FindOverlayW(wchar_t* szFileName, LPDWORD Ove else { UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); - return(false); + return false; } if(!FileIs64) { @@ -86,17 +86,17 @@ __declspec(dllexport) bool TITCALL FindOverlayW(wchar_t* szFileName, LPDWORD Ove *OverlayStart = (DWORD)(SectionRawOffset + SectionRawSize); *OverlaySize = (DWORD)(FileSize - SectionRawOffset - SectionRawSize); } - return(true); + return true; } else { - return(false); + return false; } } __except(EXCEPTION_EXECUTE_HANDLER) { UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); - return(false); + return false; } } else @@ -126,27 +126,27 @@ __declspec(dllexport) bool TITCALL FindOverlayW(wchar_t* szFileName, LPDWORD Ove *OverlayStart = (DWORD)(SectionRawOffset + SectionRawSize); *OverlaySize = (DWORD)(FileSize - SectionRawOffset - SectionRawSize); } - return(true); + return true; } else { - return(false); + return false; } } __except(EXCEPTION_EXECUTE_HANDLER) { UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); - return(false); + return false; } } } else { UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); - return(false); + return false; } } - return(false); + return false; } __declspec(dllexport) bool TITCALL ExtractOverlay(char* szFileName, char* szExtactedFileName) { @@ -162,7 +162,7 @@ __declspec(dllexport) bool TITCALL ExtractOverlay(char* szFileName, char* szExta } else { - return(false); + return false; } } __declspec(dllexport) bool TITCALL ExtractOverlayW(wchar_t* szFileName, wchar_t* szExtactedFileName) @@ -224,19 +224,19 @@ __declspec(dllexport) bool TITCALL ExtractOverlayW(wchar_t* szFileName, wchar_t* VirtualFree(ueReadBuffer, NULL, MEM_RELEASE); EngineCloseHandle(hFile); EngineCloseHandle(hFileWrite); - return(true); + return true; } else { VirtualFree(ueReadBuffer, NULL, MEM_RELEASE); EngineCloseHandle(hFile); - return(false); + return false; } } } } VirtualFree(ueReadBuffer, NULL, MEM_RELEASE); - return(false); + return false; } __declspec(dllexport) bool TITCALL AddOverlay(char* szFileName, char* szOverlayFileName) { @@ -252,7 +252,7 @@ __declspec(dllexport) bool TITCALL AddOverlay(char* szFileName, char* szOverlayF } else { - return(false); + return false; } } __declspec(dllexport) bool TITCALL AddOverlayW(wchar_t* szFileName, wchar_t* szOverlayFileName) @@ -310,15 +310,15 @@ __declspec(dllexport) bool TITCALL AddOverlayW(wchar_t* szFileName, wchar_t* szO } EngineCloseHandle(hFile); EngineCloseHandle(hFileRead); - return(true); + return true; } else { EngineCloseHandle(hFile); - return(false); + return false; } } - return(false); + return false; } __declspec(dllexport) bool TITCALL CopyOverlay(char* szInFileName, char* szOutFileName) { @@ -334,7 +334,7 @@ __declspec(dllexport) bool TITCALL CopyOverlay(char* szInFileName, char* szOutFi } else { - return(false); + return false; } } __declspec(dllexport) bool TITCALL CopyOverlayW(wchar_t* szInFileName, wchar_t* szOutFileName) @@ -351,11 +351,11 @@ __declspec(dllexport) bool TITCALL CopyOverlayW(wchar_t* szInFileName, wchar_t* { AddOverlayW(szOutFileName, szTempName); DeleteFileW(szTempName); - return(true); + return true; } } } - return(false); + return false; } __declspec(dllexport) bool TITCALL RemoveOverlay(char* szFileName) { @@ -369,7 +369,7 @@ __declspec(dllexport) bool TITCALL RemoveOverlay(char* szFileName) } else { - return(false); + return false; } } __declspec(dllexport) bool TITCALL RemoveOverlayW(wchar_t* szFileName) @@ -388,10 +388,10 @@ __declspec(dllexport) bool TITCALL RemoveOverlayW(wchar_t* szFileName) { FileSize = FileSize - OverlaySize; UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); - return(true); + return true; } } - return(false); + return false; } __declspec(dllexport) void TITCALL SetSharedOverlay(char* szFileName) @@ -409,4 +409,4 @@ __declspec(dllexport) char* TITCALL GetSharedOverlay() __declspec(dllexport) wchar_t* TITCALL GetSharedOverlayW() { return(szSharedOverlayW); -} \ No newline at end of file +} diff --git a/TitanEngine/TitanEngine.PE.Section.cpp b/TitanEngine/TitanEngine.PE.Section.cpp index dc367f1..50678a9 100644 --- a/TitanEngine/TitanEngine.PE.Section.cpp +++ b/TitanEngine/TitanEngine.PE.Section.cpp @@ -18,7 +18,7 @@ __declspec(dllexport) bool TITCALL ExtractSection(char* szFileName, char* szDump } else { - return(false); + return false; } } @@ -55,7 +55,7 @@ __declspec(dllexport) bool TITCALL ExtractSectionW(wchar_t* szFileName, wchar_t* else { UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); - return(false); + return false; } if(!FileIs64) { @@ -73,20 +73,20 @@ __declspec(dllexport) bool TITCALL ExtractSectionW(wchar_t* szFileName, wchar_t* WriteFile(hFile, (LPCVOID)(FileMapVA + PESections->PointerToRawData), PESections->SizeOfRawData, &NumberOfBytesWritten, NULL); EngineCloseHandle(hFile); UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); - return(true); + return true; } __except(EXCEPTION_EXECUTE_HANDLER) { EngineCloseHandle(hFile); UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); DeleteFileW(szDumpFileName); - return(false); + return false; } } } } UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); - return(false); + return false; } else { @@ -104,29 +104,29 @@ __declspec(dllexport) bool TITCALL ExtractSectionW(wchar_t* szFileName, wchar_t* WriteFile(hFile, (LPCVOID)(FileMapVA + PESections->PointerToRawData), PESections->SizeOfRawData, &NumberOfBytesWritten, NULL); EngineCloseHandle(hFile); UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); - return(true); + return true; } __except(EXCEPTION_EXECUTE_HANDLER) { EngineCloseHandle(hFile); UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); DeleteFileW(szDumpFileName); - return(false); + return false; } } } } UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); - return(false); + return false; } } else { UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); - return(false); + return false; } } - return(false); + return false; } __declspec(dllexport) bool TITCALL ResortFileSections(char* szFileName) @@ -141,7 +141,7 @@ __declspec(dllexport) bool TITCALL ResortFileSections(char* szFileName) } else { - return(false); + return false; } } @@ -198,7 +198,7 @@ __declspec(dllexport) bool TITCALL ResortFileSectionsW(wchar_t* szFileName) { UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); RemoveGarbageItem(szBackupItem, true); - return(false); + return false; } if(!FileIs64) { @@ -248,17 +248,17 @@ __declspec(dllexport) bool TITCALL ResortFileSectionsW(wchar_t* szFileName) if(CopyFileW(szBackupFile, szFileName, false)) { RemoveGarbageItem(szBackupItem, true); - return(true); + return true; } else { RemoveGarbageItem(szBackupItem, true); - return(false); + return false; } } else { - return(true); + return true; } } __except(EXCEPTION_EXECUTE_HANDLER) @@ -266,7 +266,7 @@ __declspec(dllexport) bool TITCALL ResortFileSectionsW(wchar_t* szFileName) UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); VirtualFree(sortedFileName, NULL, MEM_RELEASE); RemoveGarbageItem(szBackupItem, true); - return(false); + return false; } } else @@ -317,17 +317,17 @@ __declspec(dllexport) bool TITCALL ResortFileSectionsW(wchar_t* szFileName) if(CopyFileW(szBackupFile, szFileName, false)) { RemoveGarbageItem(szBackupItem, true); - return(true); + return true; } else { RemoveGarbageItem(szBackupItem, true); - return(false); + return false; } } else { - return(true); + return true; } } __except(EXCEPTION_EXECUTE_HANDLER) @@ -335,7 +335,7 @@ __declspec(dllexport) bool TITCALL ResortFileSectionsW(wchar_t* szFileName) UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); VirtualFree(sortedFileName, NULL, MEM_RELEASE); RemoveGarbageItem(szBackupItem, true); - return(false); + return false; } } } @@ -343,11 +343,11 @@ __declspec(dllexport) bool TITCALL ResortFileSectionsW(wchar_t* szFileName) { UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); RemoveGarbageItem(szBackupItem, true); - return(false); + return false; } } RemoveGarbageItem(szBackupItem, true); - return(false); + return false; } __declspec(dllexport) bool TITCALL MakeAllSectionsRWE(char* szFileName) @@ -362,7 +362,7 @@ __declspec(dllexport) bool TITCALL MakeAllSectionsRWE(char* szFileName) } else { - return(false); + return false; } } @@ -414,7 +414,7 @@ __declspec(dllexport) bool TITCALL MakeAllSectionsRWEW(wchar_t* szFileName) { UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); RemoveGarbageItem(szBackupItem, true); - return(false); + return false; } if(!FileIs64) { @@ -434,25 +434,25 @@ __declspec(dllexport) bool TITCALL MakeAllSectionsRWEW(wchar_t* szFileName) if(CopyFileW(szBackupFile, szFileName, false)) { RemoveGarbageItem(szBackupItem, true); - return(true); + return true; } else { RemoveGarbageItem(szBackupItem, true); - return(false); + return false; } } else { - return(true); + return true; } - return(true); + return true; } __except(EXCEPTION_EXECUTE_HANDLER) { UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); RemoveGarbageItem(szBackupItem, true); - return(false); + return false; } } else @@ -473,25 +473,25 @@ __declspec(dllexport) bool TITCALL MakeAllSectionsRWEW(wchar_t* szFileName) if(CopyFileW(szBackupFile, szFileName, false)) { RemoveGarbageItem(szBackupItem, true); - return(true); + return true; } else { RemoveGarbageItem(szBackupItem, true); - return(false); + return false; } } else { - return(true); + return true; } - return(true); + return true; } __except(EXCEPTION_EXECUTE_HANDLER) { UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); RemoveGarbageItem(szBackupItem, true); - return(false); + return false; } } } @@ -499,11 +499,11 @@ __declspec(dllexport) bool TITCALL MakeAllSectionsRWEW(wchar_t* szFileName) { UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); RemoveGarbageItem(szBackupItem, true); - return(false); + return false; } } RemoveGarbageItem(szBackupItem, true); - return(false); + return false; } __declspec(dllexport) long TITCALL AddNewSectionEx(char* szFileName, char* szSectionName, DWORD SectionSize, DWORD SectionAttributes, LPVOID SectionContent, DWORD ContentSize) @@ -903,7 +903,7 @@ __declspec(dllexport) bool TITCALL ResizeLastSection(char* szFileName, DWORD Num } else { - return(false); + return false; } } @@ -957,7 +957,7 @@ __declspec(dllexport) bool TITCALL ResizeLastSectionW(wchar_t* szFileName, DWORD FileSize = FileSize - NumberOfExpandBytes; UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); RemoveGarbageItem(szBackupItem, true); - return(false); + return false; } if(!FileIs64) { @@ -1009,23 +1009,23 @@ __declspec(dllexport) bool TITCALL ResizeLastSectionW(wchar_t* szFileName, DWORD RemoveGarbageItem(szBackupItem, true); if(CopyFileW(szBackupFile, szFileName, false)) { - return(true); + return true; } else { - return(false); + return false; } } else { - return(true); + return true; } } __except(EXCEPTION_EXECUTE_HANDLER) { UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); RemoveGarbageItem(szBackupItem, true); - return(false); + return false; } } else @@ -1078,24 +1078,24 @@ __declspec(dllexport) bool TITCALL ResizeLastSectionW(wchar_t* szFileName, DWORD if(CopyFileW(szBackupFile, szFileName, false)) { RemoveGarbageItem(szBackupItem, true); - return(true); + return true; } else { RemoveGarbageItem(szBackupItem, true); - return(false); + return false; } } else { - return(true); + return true; } } __except(EXCEPTION_EXECUTE_HANDLER) { UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); RemoveGarbageItem(szBackupItem, true); - return(false); + return false; } } } @@ -1104,11 +1104,11 @@ __declspec(dllexport) bool TITCALL ResizeLastSectionW(wchar_t* szFileName, DWORD FileSize = FileSize - NumberOfExpandBytes; UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); RemoveGarbageItem(szBackupItem, true); - return(false); + return false; } } RemoveGarbageItem(szBackupItem, true); - return(false); + return false; } __declspec(dllexport) bool TITCALL DeleteLastSection(char* szFileName) @@ -1123,7 +1123,7 @@ __declspec(dllexport) bool TITCALL DeleteLastSection(char* szFileName) } else { - return(false); + return false; } } @@ -1175,7 +1175,7 @@ __declspec(dllexport) bool TITCALL DeleteLastSectionW(wchar_t* szFileName) { UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); RemoveGarbageItem(szBackupItem, true); - return(false); + return false; } if(!FileIs64) { @@ -1196,31 +1196,31 @@ __declspec(dllexport) bool TITCALL DeleteLastSectionW(wchar_t* szFileName) if(CopyFileW(szBackupFile, szFileName, false)) { RemoveGarbageItem(szBackupItem, true); - return(true); + return true; } else { RemoveGarbageItem(szBackupItem, true); - return(false); + return false; } } else { - return(true); + return true; } } else { UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); RemoveGarbageItem(szBackupItem, true); - return(false); + return false; } } __except(EXCEPTION_EXECUTE_HANDLER) { UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); RemoveGarbageItem(szBackupItem, true); - return(false); + return false; } } else @@ -1242,31 +1242,31 @@ __declspec(dllexport) bool TITCALL DeleteLastSectionW(wchar_t* szFileName) if(CopyFileW(szBackupFile, szFileName, false)) { RemoveGarbageItem(szBackupItem, true); - return(true); + return true; } else { RemoveGarbageItem(szBackupItem, true); - return(false); + return false; } } else { - return(true); + return true; } } else { UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); RemoveGarbageItem(szBackupItem, true); - return(false); + return false; } } __except(EXCEPTION_EXECUTE_HANDLER) { UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); RemoveGarbageItem(szBackupItem, true); - return(false); + return false; } } } @@ -1274,11 +1274,11 @@ __declspec(dllexport) bool TITCALL DeleteLastSectionW(wchar_t* szFileName) { UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); RemoveGarbageItem(szBackupItem, true); - return(false); + return false; } } RemoveGarbageItem(szBackupItem, true); - return(false); + return false; } __declspec(dllexport) bool TITCALL DeleteLastSectionEx(char* szFileName, DWORD NumberOfSections) @@ -1289,7 +1289,7 @@ __declspec(dllexport) bool TITCALL DeleteLastSectionEx(char* szFileName, DWORD N DeleteLastSection(szFileName); NumberOfSections--; } - return(true); + return true; } __declspec(dllexport) bool TITCALL DeleteLastSectionExW(wchar_t* szFileName, DWORD NumberOfSections) @@ -1300,7 +1300,7 @@ __declspec(dllexport) bool TITCALL DeleteLastSectionExW(wchar_t* szFileName, DWO DeleteLastSectionW(szFileName); NumberOfSections--; } - return(true); + return true; } __declspec(dllexport) bool TITCALL WipeSection(char* szFileName, int WipeSectionNumber, bool RemovePhysically) @@ -1315,7 +1315,7 @@ __declspec(dllexport) bool TITCALL WipeSection(char* szFileName, int WipeSection } else { - return(false); + return false; } } __declspec(dllexport) bool TITCALL WipeSectionW(wchar_t* szFileName, int WipeSectionNumber, bool RemovePhysically) @@ -1375,7 +1375,7 @@ __declspec(dllexport) bool TITCALL WipeSectionW(wchar_t* szFileName, int WipeSec { UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); RemoveGarbageItem(szBackupItem, true); - return(false); + return false; } if(!FileIs64) { @@ -1433,24 +1433,24 @@ __declspec(dllexport) bool TITCALL WipeSectionW(wchar_t* szFileName, int WipeSec if(CopyFileW(szBackupFile, szFileName, false)) { RemoveGarbageItem(szBackupItem, true); - return(true); + return true; } else { RemoveGarbageItem(szBackupItem, true); - return(false); + return false; } } else { - return(true); + return true; } } __except(EXCEPTION_EXECUTE_HANDLER) { UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); RemoveGarbageItem(szBackupItem, true); - return(false); + return false; } } } @@ -1519,24 +1519,24 @@ __declspec(dllexport) bool TITCALL WipeSectionW(wchar_t* szFileName, int WipeSec if(CopyFileW(szBackupFile, szFileName, false)) { RemoveGarbageItem(szBackupItem, true); - return(true); + return true; } else { RemoveGarbageItem(szBackupItem, true); - return(false); + return false; } } else { - return(true); + return true; } } __except(EXCEPTION_EXECUTE_HANDLER) { UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); RemoveGarbageItem(szBackupItem, true); - return(false); + return false; } } } @@ -1545,10 +1545,10 @@ __declspec(dllexport) bool TITCALL WipeSectionW(wchar_t* szFileName, int WipeSec { UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); RemoveGarbageItem(szBackupItem, true); - return(false); + return false; } } UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); RemoveGarbageItem(szBackupItem, true); - return(false); -} \ No newline at end of file + return false; +} diff --git a/TitanEngine/TitanEngine.PE.cpp b/TitanEngine/TitanEngine.PE.cpp index 117379e..bc4d1ee 100644 --- a/TitanEngine/TitanEngine.PE.cpp +++ b/TitanEngine/TitanEngine.PE.cpp @@ -15,7 +15,7 @@ __declspec(dllexport) bool TITCALL PastePEHeader(HANDLE hProcess, LPVOID ImageBa } else { - return(false); + return false; } } @@ -69,7 +69,7 @@ __declspec(dllexport) bool TITCALL PastePEHeaderW(HANDLE hProcess, LPVOID ImageB { EngineCloseHandle(hFile); VirtualFree(ueReadBuffer, NULL, MEM_RELEASE); - return(false); + return false; } } if(PEHeader32->OptionalHeader.Magic == 0x10B) @@ -92,7 +92,7 @@ __declspec(dllexport) bool TITCALL PastePEHeaderW(HANDLE hProcess, LPVOID ImageB { EngineCloseHandle(hFile); VirtualFree(ueReadBuffer, NULL, MEM_RELEASE); - return(false); + return false; } if(!FileIs64) { @@ -104,20 +104,20 @@ __declspec(dllexport) bool TITCALL PastePEHeaderW(HANDLE hProcess, LPVOID ImageB EngineCloseHandle(hFile); VirtualProtectEx(hProcess, ImageBase, PEHeaderSize, OldProtect, &OldProtect); VirtualFree(ueReadBuffer, NULL, MEM_RELEASE); - return(true); + return true; } else { EngineCloseHandle(hFile); VirtualFree(ueReadBuffer, NULL, MEM_RELEASE); - return(false); + return false; } } else { EngineCloseHandle(hFile); VirtualFree(ueReadBuffer, NULL, MEM_RELEASE); - return(false); + return false; } } else @@ -130,20 +130,20 @@ __declspec(dllexport) bool TITCALL PastePEHeaderW(HANDLE hProcess, LPVOID ImageB EngineCloseHandle(hFile); VirtualProtectEx(hProcess, ImageBase, PEHeaderSize, OldProtect, &OldProtect); VirtualFree(ueReadBuffer, NULL, MEM_RELEASE); - return(true); + return true; } else { EngineCloseHandle(hFile); VirtualFree(ueReadBuffer, NULL, MEM_RELEASE); - return(false); + return false; } } else { EngineCloseHandle(hFile); VirtualFree(ueReadBuffer, NULL, MEM_RELEASE); - return(false); + return false; } } } @@ -151,21 +151,21 @@ __declspec(dllexport) bool TITCALL PastePEHeaderW(HANDLE hProcess, LPVOID ImageB { EngineCloseHandle(hFile); VirtualFree(ueReadBuffer, NULL, MEM_RELEASE); - return(false); + return false; } } else { EngineCloseHandle(hFile); VirtualFree(ueReadBuffer, NULL, MEM_RELEASE); - return(false); + return false; } } else { EngineCloseHandle(hFile); VirtualFree(ueReadBuffer, NULL, MEM_RELEASE); - return(false); + return false; } - return(false); -} \ No newline at end of file + return false; +} diff --git a/TitanEngine/TitanEngine.Realigner.cpp b/TitanEngine/TitanEngine.Realigner.cpp index ec313b1..be46481 100644 --- a/TitanEngine/TitanEngine.Realigner.cpp +++ b/TitanEngine/TitanEngine.Realigner.cpp @@ -15,11 +15,11 @@ __declspec(dllexport) bool TITCALL FixHeaderCheckSum(char* szFileName) if(MapFileAndCheckSumA(szFileName, &HeaderSum, &CheckSum) == NULL) { SetPE32Data(szFileName, NULL, UE_CHECKSUM, (ULONG_PTR)CheckSum); - return(true); + return true; } else { - return(false); + return false; } } __declspec(dllexport) bool TITCALL FixHeaderCheckSumW(wchar_t* szFileName) @@ -31,11 +31,11 @@ __declspec(dllexport) bool TITCALL FixHeaderCheckSumW(wchar_t* szFileName) if(MapFileAndCheckSumW(szFileName, &HeaderSum, &CheckSum) == NULL) { SetPE32DataW(szFileName, NULL, UE_CHECKSUM, (ULONG_PTR)CheckSum); - return(true); + return true; } else { - return(false); + return false; } } __declspec(dllexport) long TITCALL RealignPE(ULONG_PTR FileMapVA, DWORD FileSize, DWORD RealingMode) @@ -472,4 +472,4 @@ __declspec(dllexport) long TITCALL RealignPEExW(wchar_t* szFileName, DWORD Reali UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); RemoveGarbageItem(szBackupItem, true); return(-1); -} \ No newline at end of file +} diff --git a/TitanEngine/TitanEngine.Relocator.cpp b/TitanEngine/TitanEngine.Relocator.cpp index 33b2dc6..058c5c7 100644 --- a/TitanEngine/TitanEngine.Relocator.cpp +++ b/TitanEngine/TitanEngine.Relocator.cpp @@ -134,7 +134,7 @@ __declspec(dllexport) bool TITCALL RelocaterExportRelocation(ULONG_PTR StorePlac } __except(EXCEPTION_EXECUTE_HANDLER) { - return(false); + return false; } DOSHeader = (PIMAGE_DOS_HEADER)FileMapVA; @@ -153,7 +153,7 @@ __declspec(dllexport) bool TITCALL RelocaterExportRelocation(ULONG_PTR StorePlac else { RelocationData = NULL; - return(false); + return false; } if(!FileIs64) { @@ -168,10 +168,10 @@ __declspec(dllexport) bool TITCALL RelocaterExportRelocation(ULONG_PTR StorePlac PEHeader64->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_BASERELOC].Size = (DWORD)((ULONG_PTR)RelocationWritePosition - (ULONG_PTR)RelocationData); } RelocationData = NULL; - return(true); + return true; } RelocationData = NULL; - return(false); + return false; } __declspec(dllexport) bool TITCALL RelocaterExportRelocationEx(char* szFileName, char* szSectionName) { @@ -185,7 +185,7 @@ __declspec(dllexport) bool TITCALL RelocaterExportRelocationEx(char* szFileName, } else { - return(false); + return false; } } __declspec(dllexport) bool TITCALL RelocaterExportRelocationExW(wchar_t* szFileName, char* szSectionName) @@ -209,21 +209,21 @@ __declspec(dllexport) bool TITCALL RelocaterExportRelocationExW(wchar_t* szFileN UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); if(ReturnValue) { - return(true); + return true; } else { - return(false); + return false; } } else { - return(false); + return false; } } else { - return(false); + return false; } } __declspec(dllexport) bool TITCALL RelocaterGrabRelocationTable(HANDLE hProcess, ULONG_PTR MemoryStart, DWORD MemorySize) @@ -242,10 +242,10 @@ __declspec(dllexport) bool TITCALL RelocaterGrabRelocationTable(HANDLE hProcess, { RelocationWritePosition = (LPVOID)((ULONG_PTR)RelocationData + MemorySize); RelocationStartPosition = (LPVOID)(-1); - return(true); + return true; } } - return(false); + return false; } __declspec(dllexport) bool TITCALL RelocaterGrabRelocationTableEx(HANDLE hProcess, ULONG_PTR MemoryStart, ULONG_PTR MemorySize, DWORD NtSizeOfImage) { @@ -287,10 +287,10 @@ __declspec(dllexport) bool TITCALL RelocaterGrabRelocationTableEx(HANDLE hProces else { VirtualFree(ReadMemoryStorage, NULL, MEM_RELEASE); - return(false); + return false; } } - return(false); + return false; } __declspec(dllexport) bool TITCALL RelocaterMakeSnapshot(HANDLE hProcess, char* szSaveFileName, LPVOID MemoryStart, ULONG_PTR MemorySize) @@ -315,7 +315,7 @@ __declspec(dllexport) bool TITCALL RelocaterCompareTwoSnapshots(HANDLE hProcess, } else { - return(false); + return false; } } __declspec(dllexport) bool TITCALL RelocaterCompareTwoSnapshotsW(HANDLE hProcess, ULONG_PTR LoadedImageBase, ULONG_PTR NtSizeOfImage, wchar_t* szDumpFile1, wchar_t* szDumpFile2, ULONG_PTR MemStart) @@ -421,15 +421,15 @@ __declspec(dllexport) bool TITCALL RelocaterCompareTwoSnapshotsW(HANDLE hProcess RelocaterCleanup(); UnMapFileEx(FileHandle2, FileSize2, FileMap2, FileMapVA2); UnMapFileEx(FileHandle1, FileSize1, FileMap1, FileMapVA1); - return(false); + return false; } } UnMapFileEx(FileHandle2, FileSize2, FileMap2, FileMapVA2); } UnMapFileEx(FileHandle1, FileSize1, FileMap1, FileMapVA1); - return(true); + return true; } - return(false); + return false; } __declspec(dllexport) bool TITCALL RelocaterChangeFileBase(char* szFileName, ULONG_PTR NewImageBase) { @@ -443,7 +443,7 @@ __declspec(dllexport) bool TITCALL RelocaterChangeFileBase(char* szFileName, ULO } else { - return(false); + return false; } } __declspec(dllexport) bool TITCALL RelocaterChangeFileBaseW(wchar_t* szFileName, ULONG_PTR NewImageBase) @@ -501,7 +501,7 @@ __declspec(dllexport) bool TITCALL RelocaterChangeFileBaseW(wchar_t* szFileName, { UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); RemoveGarbageItem(szBackupItem, true); - return(false); + return false; } if(!FileIs64) { @@ -509,7 +509,7 @@ __declspec(dllexport) bool TITCALL RelocaterChangeFileBaseW(wchar_t* szFileName, { UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); RemoveGarbageItem(szBackupItem, true); - return(true); + return true; } RelocData = (ULONG_PTR)ConvertVAtoFileOffset(FileMapVA, (ULONG_PTR)(PEHeader32->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_BASERELOC].VirtualAddress + PEHeader32->OptionalHeader.ImageBase), true); RelocSize = PEHeader32->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_BASERELOC].Size; @@ -520,7 +520,7 @@ __declspec(dllexport) bool TITCALL RelocaterChangeFileBaseW(wchar_t* szFileName, { UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); RemoveGarbageItem(szBackupItem, true); - return(true); + return true; } RelocData = (ULONG_PTR)ConvertVAtoFileOffset(FileMapVA, (ULONG_PTR)(PEHeader64->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_BASERELOC].VirtualAddress + PEHeader64->OptionalHeader.ImageBase), true); RelocSize = PEHeader64->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_BASERELOC].Size; @@ -575,35 +575,35 @@ __declspec(dllexport) bool TITCALL RelocaterChangeFileBaseW(wchar_t* szFileName, if(CopyFileW(szBackupFile, szFileName, false)) { RemoveGarbageItem(szBackupItem, true); - return(true); + return true; } else { RemoveGarbageItem(szBackupItem, true); - return(false); + return false; } } else { - return(true); + return true; } } __except(EXCEPTION_EXECUTE_HANDLER) { UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); RemoveGarbageItem(szBackupItem, true); - return(false); + return false; } } else { UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); RemoveGarbageItem(szBackupItem, true); - return(false); + return false; } } RemoveGarbageItem(szBackupItem, true); - return(false); + return false; } __declspec(dllexport) bool TITCALL RelocaterRelocateMemoryBlock(ULONG_PTR FileMapVA, ULONG_PTR MemoryLocation, void* RelocateMemory, DWORD RelocateMemorySize, ULONG_PTR CurrentLoadedBase, ULONG_PTR RelocateBase) { @@ -638,13 +638,13 @@ __declspec(dllexport) bool TITCALL RelocaterRelocateMemoryBlock(ULONG_PTR FileMa } else { - return(false); + return false; } if(!FileIs64) { if(PEHeader32->OptionalHeader.ImageBase == (DWORD)RelocateBase) { - return(true); + return true; } RelocData = (ULONG_PTR)ConvertVAtoFileOffset(FileMapVA, (ULONG_PTR)(PEHeader32->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_BASERELOC].VirtualAddress + PEHeader32->OptionalHeader.ImageBase), true); RelocSize = PEHeader32->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_BASERELOC].Size; @@ -653,7 +653,7 @@ __declspec(dllexport) bool TITCALL RelocaterRelocateMemoryBlock(ULONG_PTR FileMa { if((ULONG_PTR)PEHeader64->OptionalHeader.ImageBase == RelocateBase) { - return(true); + return true; } RelocData = (ULONG_PTR)ConvertVAtoFileOffset(FileMapVA, (ULONG_PTR)(PEHeader64->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_BASERELOC].VirtualAddress + PEHeader64->OptionalHeader.ImageBase), true); RelocSize = PEHeader64->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_BASERELOC].Size; @@ -698,18 +698,18 @@ __declspec(dllexport) bool TITCALL RelocaterRelocateMemoryBlock(ULONG_PTR FileMa RelocData = RelocData + 2; } } - return(true); + return true; } __except(EXCEPTION_EXECUTE_HANDLER) { - return(false); + return false; } } else { - return(false); + return false; } - return(false); + return false; } __declspec(dllexport) bool TITCALL RelocaterWipeRelocationTable(char* szFileName) { @@ -723,7 +723,7 @@ __declspec(dllexport) bool TITCALL RelocaterWipeRelocationTable(char* szFileName } else { - return(false); + return false; } } __declspec(dllexport) bool TITCALL RelocaterWipeRelocationTableW(wchar_t* szFileName) @@ -758,7 +758,7 @@ __declspec(dllexport) bool TITCALL RelocaterWipeRelocationTableW(wchar_t* szFile else { UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); - return(false); + return false; } if(!FileIs64) { @@ -784,5 +784,5 @@ __declspec(dllexport) bool TITCALL RelocaterWipeRelocationTableW(wchar_t* szFile } } } - return(false); -} \ No newline at end of file + return false; +} diff --git a/TitanEngine/TitanEngine.Resourcer.cpp b/TitanEngine/TitanEngine.Resourcer.cpp index de5a42e..53c9237 100644 --- a/TitanEngine/TitanEngine.Resourcer.cpp +++ b/TitanEngine/TitanEngine.Resourcer.cpp @@ -19,11 +19,11 @@ __declspec(dllexport) bool TITCALL ResourcerFreeLoadedFile(LPVOID LoadedFileBase { if(VirtualFree(LoadedFileBase, NULL, MEM_RELEASE)) { - return(true); + return true; } else { - return(false); + return false; } } @@ -55,13 +55,13 @@ __declspec(dllexport) bool TITCALL ResourcerExtractResourceFromFileEx(ULONG_PTR } else { - return(false); + return false; } } } - return(true); + return true; } - return(false); + return false; } __declspec(dllexport) bool TITCALL ResourcerExtractResourceFromFile(char* szFileName, char* szResourceType, char* szResourceName, char* szExtractedFileName) @@ -79,10 +79,10 @@ __declspec(dllexport) bool TITCALL ResourcerExtractResourceFromFile(char* szFile UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); if(bReturn) { - return(true); + return true; } } - return(false); + return false; } __declspec(dllexport) bool TITCALL ResourcerExtractResourceFromFileW(wchar_t* szFileName, char* szResourceType, char* szResourceName, char* szExtractedFileName) @@ -100,10 +100,10 @@ __declspec(dllexport) bool TITCALL ResourcerExtractResourceFromFileW(wchar_t* sz UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); if(bReturn) { - return(true); + return true; } } - return(false); + return false; } __declspec(dllexport) bool TITCALL ResourcerFindResource(char* szFileName, char* szResourceType, DWORD ResourceType, char* szResourceName, DWORD ResourceName, DWORD ResourceLanguage, PULONG_PTR pResourceData, LPDWORD pResourceSize) @@ -138,7 +138,7 @@ __declspec(dllexport) bool TITCALL ResourcerFindResource(char* szFileName, char* } else { - return(false); + return false; } } @@ -157,14 +157,14 @@ __declspec(dllexport) bool TITCALL ResourcerFindResourceW(wchar_t* szFileName, w UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); if(ReturnValue) { - return(true); + return true; } } else { - return(false); + return false; } - return(false); + return false; } __declspec(dllexport) bool TITCALL ResourcerFindResourceEx(ULONG_PTR FileMapVA, DWORD FileSize, wchar_t* szResourceType, DWORD ResourceType, wchar_t* szResourceName, DWORD ResourceName, DWORD ResourceLanguage, PULONG_PTR pResourceData, LPDWORD pResourceSize) @@ -215,7 +215,7 @@ __declspec(dllexport) bool TITCALL ResourcerFindResourceEx(ULONG_PTR FileMapVA, { *pResourceData = PEResourceItem->OffsetToData; *pResourceSize = PEResourceItem->Size; - return(true); + return true; } PEResourceDir2 = (PIMAGE_RESOURCE_DIRECTORY_ENTRY)((ULONG_PTR)PEResourceDir2 + sizeof IMAGE_RESOURCE_DIRECTORY_ENTRY); n--; @@ -240,14 +240,14 @@ __declspec(dllexport) bool TITCALL ResourcerFindResourceEx(ULONG_PTR FileMapVA, } else { - return(false); + return false; } } __except(EXCEPTION_EXECUTE_HANDLER) { } - return(false); + return false; } __declspec(dllexport) void TITCALL ResourcerEnumerateResource(char* szFileName, void* CallBack) @@ -356,4 +356,4 @@ __declspec(dllexport) void TITCALL ResourcerEnumerateResourceEx(ULONG_PTR FileMa { } -} \ No newline at end of file +} diff --git a/TitanEngine/TitanEngine.Static.cpp b/TitanEngine/TitanEngine.Static.cpp index ecc999a..a691c8f 100644 --- a/TitanEngine/TitanEngine.Static.cpp +++ b/TitanEngine/TitanEngine.Static.cpp @@ -14,7 +14,7 @@ __declspec(dllexport) bool TITCALL StaticFileLoad(char* szFileName, DWORD Desire { if(MapFileEx(szFileName, DesiredAccess, FileHandle, LoadedSize, FileMap, FileMapVA, NULL)) { - return(true); + return true; } } else @@ -25,10 +25,10 @@ __declspec(dllexport) bool TITCALL StaticFileLoad(char* szFileName, DWORD Desire *LoadedSize = (DWORD)GetPE32DataFromMappedFile(*FileMapVA, NULL, UE_SIZEOFIMAGE); *FileHandle = NULL; *FileMap = NULL; - return(true); + return true; } } - return(false); + return false; } __declspec(dllexport) bool TITCALL StaticFileLoadW(wchar_t* szFileName, DWORD DesiredAccess, bool SimulateLoad, LPHANDLE FileHandle, LPDWORD LoadedSize, LPHANDLE FileMap, PULONG_PTR FileMapVA) { @@ -37,7 +37,7 @@ __declspec(dllexport) bool TITCALL StaticFileLoadW(wchar_t* szFileName, DWORD De { if(MapFileExW(szFileName, DesiredAccess, FileHandle, LoadedSize, FileMap, FileMapVA, NULL)) { - return(true); + return true; } } else @@ -48,10 +48,10 @@ __declspec(dllexport) bool TITCALL StaticFileLoadW(wchar_t* szFileName, DWORD De *LoadedSize = (DWORD)GetPE32DataFromMappedFile(*FileMapVA, NULL, UE_SIZEOFIMAGE); *FileHandle = NULL; *FileMap = NULL; - return(true); + return true; } } - return(false); + return false; } __declspec(dllexport) bool TITCALL StaticFileUnload(char* szFileName, bool CommitChanges, HANDLE FileHandle, DWORD LoadedSize, HANDLE FileMap, ULONG_PTR FileMapVA) { @@ -65,7 +65,7 @@ __declspec(dllexport) bool TITCALL StaticFileUnload(char* szFileName, bool Commi } else { - return(false); + return false; } } __declspec(dllexport) bool TITCALL StaticFileUnloadW(wchar_t* szFileName, bool CommitChanges, HANDLE FileHandle, DWORD LoadedSize, HANDLE FileMap, ULONG_PTR FileMapVA) @@ -88,7 +88,7 @@ __declspec(dllexport) bool TITCALL StaticFileUnloadW(wchar_t* szFileName, bool C if(FileHandle != NULL && FileMap != NULL) { UnMapFileEx(FileHandle, LoadedSize, FileMap, FileMapVA); - return(true); + return true; } else { @@ -117,7 +117,7 @@ __declspec(dllexport) bool TITCALL StaticFileUnloadW(wchar_t* szFileName, bool C { ResourcerFreeLoadedFile((LPVOID)FileMapVA); UnMapFileEx(myFileHandle, myFileSize, myFileMap, myFileMapVA); - return(false); + return false; } if(!FileIs64) { @@ -133,7 +133,7 @@ __declspec(dllexport) bool TITCALL StaticFileUnloadW(wchar_t* szFileName, bool C } ResourcerFreeLoadedFile((LPVOID)FileMapVA); UnMapFileEx(myFileHandle, myFileSize, myFileMap, myFileMapVA); - return(true); + return true; } else { @@ -149,19 +149,19 @@ __declspec(dllexport) bool TITCALL StaticFileUnloadW(wchar_t* szFileName, bool C } ResourcerFreeLoadedFile((LPVOID)FileMapVA); UnMapFileEx(myFileHandle, myFileSize, myFileMap, myFileMapVA); - return(true); + return true; } } else { ResourcerFreeLoadedFile((LPVOID)FileMapVA); UnMapFileEx(myFileHandle, myFileSize, myFileMap, myFileMapVA); - return(false); + return false; } } } } - return(false); + return false; } __declspec(dllexport) bool TITCALL StaticFileOpen(char* szFileName, DWORD DesiredAccess, LPHANDLE FileHandle, LPDWORD FileSizeLow, LPDWORD FileSizeHigh) { @@ -175,7 +175,7 @@ __declspec(dllexport) bool TITCALL StaticFileOpen(char* szFileName, DWORD Desire } else { - return(false); + return false; } } __declspec(dllexport) bool TITCALL StaticFileOpenW(wchar_t* szFileName, DWORD DesiredAccess, LPHANDLE FileHandle, LPDWORD FileSizeLow, LPDWORD FileSizeHigh) @@ -187,16 +187,16 @@ __declspec(dllexport) bool TITCALL StaticFileOpenW(wchar_t* szFileName, DWORD De if(FileHandle != INVALID_HANDLE_VALUE) { *FileSizeLow = GetFileSize(*FileHandle, FileSizeHigh); - return(true); + return true; } else { - return(false); + return false; } } __except(EXCEPTION_EXECUTE_HANDLER) { - return(false); + return false; } } __declspec(dllexport) bool TITCALL StaticFileGetContent(HANDLE FileHandle, DWORD FilePositionLow, LPDWORD FilePositionHigh, void* Buffer, DWORD Size) @@ -210,7 +210,7 @@ __declspec(dllexport) bool TITCALL StaticFileGetContent(HANDLE FileHandle, DWORD { if(rfNumberOfBytesRead == Size) { - return(true); + return true; } else { @@ -218,7 +218,7 @@ __declspec(dllexport) bool TITCALL StaticFileGetContent(HANDLE FileHandle, DWORD } } } - return(false); + return false; } __declspec(dllexport) void TITCALL StaticFileClose(HANDLE FileHandle) { @@ -419,11 +419,11 @@ __declspec(dllexport) bool TITCALL StaticMemoryDecompress(void* Source, DWORD So #if !defined (_WIN64) if(aP_depack_asm_safe(Source, SourceSize, Destination, DestinationSize) != APLIB_ERROR) { - return(true); + return true; } else if(aPsafe_depack(Source, SourceSize, Destination, DestinationSize) != APLIB_ERROR) { - return(true); + return true; } #endif } @@ -431,10 +431,10 @@ __declspec(dllexport) bool TITCALL StaticMemoryDecompress(void* Source, DWORD So { if(LzmaDecode((unsigned char*)Destination, (size_t*)DestinationSize, (unsigned char*)Source, (size_t*)SourceSize, (unsigned char*)&lzProps, LZMA_PROPS_SIZE, LZMA_FINISH_ANY, &lzStatus, &lzAlloc) == SZ_OK) { - return(true); + return true; } } - return(false); + return false; } __declspec(dllexport) bool TITCALL StaticRawMemoryCopy(HANDLE hFile, ULONG_PTR FileMapVA, ULONG_PTR VitualAddressToCopy, DWORD Size, bool AddressIsRVA, char* szDumpFileName) { @@ -448,7 +448,7 @@ __declspec(dllexport) bool TITCALL StaticRawMemoryCopy(HANDLE hFile, ULONG_PTR F } else { - return(false); + return false; } } __declspec(dllexport) bool TITCALL StaticRawMemoryCopyW(HANDLE hFile, ULONG_PTR FileMapVA, ULONG_PTR VitualAddressToCopy, DWORD Size, bool AddressIsRVA, wchar_t* szDumpFileName) @@ -529,7 +529,7 @@ __declspec(dllexport) bool TITCALL StaticRawMemoryCopyW(HANDLE hFile, ULONG_PTR EngineCloseHandle(hReadFile); EngineCloseHandle(hWriteFile); VirtualFree(ueCopyBuffer, NULL, MEM_RELEASE); - return(true); + return true; } else { @@ -541,7 +541,7 @@ __declspec(dllexport) bool TITCALL StaticRawMemoryCopyW(HANDLE hFile, ULONG_PTR EngineCloseHandle(hReadFile); } } - return(false); + return false; } __declspec(dllexport) bool TITCALL StaticRawMemoryCopyEx(HANDLE hFile, DWORD RawAddressToCopy, DWORD Size, char* szDumpFileName) { @@ -555,7 +555,7 @@ __declspec(dllexport) bool TITCALL StaticRawMemoryCopyEx(HANDLE hFile, DWORD Raw } else { - return(false); + return false; } } __declspec(dllexport) bool TITCALL StaticRawMemoryCopyExW(HANDLE hFile, DWORD RawAddressToCopy, DWORD Size, wchar_t* szDumpFileName) @@ -624,7 +624,7 @@ __declspec(dllexport) bool TITCALL StaticRawMemoryCopyExW(HANDLE hFile, DWORD Ra EngineCloseHandle(hReadFile); EngineCloseHandle(hWriteFile); VirtualFree(ueCopyBuffer, NULL, MEM_RELEASE); - return(true); + return true; } else { @@ -635,7 +635,7 @@ __declspec(dllexport) bool TITCALL StaticRawMemoryCopyExW(HANDLE hFile, DWORD Ra } EngineCloseHandle(hReadFile); } - return(false); + return false; } __declspec(dllexport) bool TITCALL StaticRawMemoryCopyEx64(HANDLE hFile, DWORD64 RawAddressToCopy, DWORD64 Size, char* szDumpFileName) { @@ -649,7 +649,7 @@ __declspec(dllexport) bool TITCALL StaticRawMemoryCopyEx64(HANDLE hFile, DWORD64 } else { - return(false); + return false; } } __declspec(dllexport) bool TITCALL StaticRawMemoryCopyEx64W(HANDLE hFile, DWORD64 RawAddressToCopy, DWORD64 Size, wchar_t* szDumpFileName) @@ -722,7 +722,7 @@ __declspec(dllexport) bool TITCALL StaticRawMemoryCopyEx64W(HANDLE hFile, DWORD6 EngineCloseHandle(hReadFile); EngineCloseHandle(hWriteFile); VirtualFree(ueCopyBuffer, NULL, MEM_RELEASE); - return(true); + return true; } else { @@ -733,7 +733,7 @@ __declspec(dllexport) bool TITCALL StaticRawMemoryCopyEx64W(HANDLE hFile, DWORD6 } EngineCloseHandle(hReadFile); } - return(false); + return false; } __declspec(dllexport) bool TITCALL StaticHashMemory(void* MemoryToHash, DWORD SizeOfMemory, void* HashDigest, bool OutputString, int Algorithm) { @@ -756,7 +756,7 @@ __declspec(dllexport) bool TITCALL StaticHashMemory(void* MemoryToHash, DWORD Si { if(!CryptAcquireContext(&hProv, NULL, NULL, PROV_RSA_FULL, CRYPT_NEWKEYSET)) { - return(false); + return false; } } if(Algorithm == UE_STATIC_HASH_MD5) @@ -770,7 +770,7 @@ __declspec(dllexport) bool TITCALL StaticHashMemory(void* MemoryToHash, DWORD Si if(!CryptCreateHash(hProv, hashAlgo, NULL, NULL, &hHash)) { CryptReleaseContext(hProv, NULL); - return(false); + return false; } else { @@ -778,7 +778,7 @@ __declspec(dllexport) bool TITCALL StaticHashMemory(void* MemoryToHash, DWORD Si { CryptReleaseContext(hProv, NULL); CryptDestroyHash(hHash); - return(false); + return false; } } if(Algorithm == UE_STATIC_HASH_MD5) @@ -788,7 +788,7 @@ __declspec(dllexport) bool TITCALL StaticHashMemory(void* MemoryToHash, DWORD Si { CryptDestroyHash(hHash); CryptReleaseContext(hProv, NULL); - return(false); + return false; } else { @@ -811,11 +811,11 @@ __declspec(dllexport) bool TITCALL StaticHashMemory(void* MemoryToHash, DWORD Si { CryptDestroyHash(hHash); CryptReleaseContext(hProv, NULL); - return(false); + return false; } CryptDestroyHash(hHash); CryptReleaseContext(hProv, NULL); - return(true); + return true; } } else if(Algorithm == UE_STATIC_HASH_SHA1) @@ -825,7 +825,7 @@ __declspec(dllexport) bool TITCALL StaticHashMemory(void* MemoryToHash, DWORD Si { CryptDestroyHash(hHash); CryptReleaseContext(hProv, NULL); - return(false); + return false; } else { @@ -849,11 +849,11 @@ __declspec(dllexport) bool TITCALL StaticHashMemory(void* MemoryToHash, DWORD Si { CryptDestroyHash(hHash); CryptReleaseContext(hProv, NULL); - return(false); + return false; } CryptDestroyHash(hHash); CryptReleaseContext(hProv, NULL); - return(true); + return true; } } } @@ -869,9 +869,9 @@ __declspec(dllexport) bool TITCALL StaticHashMemory(void* MemoryToHash, DWORD Si { RtlMoveMemory(HashDigest, &crc32, sizeof crc32); } - return(true); + return true; } - return(false); + return false; } __declspec(dllexport) bool TITCALL StaticHashFile(char* szFileName, char* HashDigest, bool OutputString, int Algorithm) { @@ -885,7 +885,7 @@ __declspec(dllexport) bool TITCALL StaticHashFile(char* szFileName, char* HashDi } else { - return(false); + return false; } } __declspec(dllexport) bool TITCALL StaticHashFileW(wchar_t* szFileName, char* HashDigest, bool OutputString, int Algorithm) @@ -909,7 +909,7 @@ __declspec(dllexport) bool TITCALL StaticHashFileW(wchar_t* szFileName, char* Ha hFile = CreateFileW(szFileName, GENERIC_READ, FILE_SHARE_READ, NULL, OPEN_EXISTING, FILE_FLAG_SEQUENTIAL_SCAN, NULL); if(hFile == INVALID_HANDLE_VALUE || HashDigest == NULL) { - return(false); + return false; } if(Algorithm != UE_STATIC_HASH_CRC32) { @@ -918,7 +918,7 @@ __declspec(dllexport) bool TITCALL StaticHashFileW(wchar_t* szFileName, char* Ha if(!CryptAcquireContext(&hProv, NULL, NULL, PROV_RSA_FULL, CRYPT_NEWKEYSET)) { CloseHandle(hFile); - return(false); + return false; } } if(Algorithm == UE_STATIC_HASH_MD5) @@ -933,7 +933,7 @@ __declspec(dllexport) bool TITCALL StaticHashFileW(wchar_t* szFileName, char* Ha { CloseHandle(hFile); CryptReleaseContext(hProv, NULL); - return(false); + return false; } while(bResult) { @@ -950,7 +950,7 @@ __declspec(dllexport) bool TITCALL StaticHashFileW(wchar_t* szFileName, char* Ha CryptReleaseContext(hProv, NULL); CryptDestroyHash(hHash); CloseHandle(hFile); - return(false); + return false; } } if(!bResult) @@ -958,7 +958,7 @@ __declspec(dllexport) bool TITCALL StaticHashFileW(wchar_t* szFileName, char* Ha CryptReleaseContext(hProv, NULL); CryptDestroyHash(hHash); CloseHandle(hFile); - return(false); + return false; } if(Algorithm == UE_STATIC_HASH_MD5) { @@ -968,7 +968,7 @@ __declspec(dllexport) bool TITCALL StaticHashFileW(wchar_t* szFileName, char* Ha CryptDestroyHash(hHash); CryptReleaseContext(hProv, NULL); CloseHandle(hFile); - return(false); + return false; } else { @@ -992,12 +992,12 @@ __declspec(dllexport) bool TITCALL StaticHashFileW(wchar_t* szFileName, char* Ha CryptDestroyHash(hHash); CryptReleaseContext(hProv, NULL); CloseHandle(hFile); - return(false); + return false; } CryptDestroyHash(hHash); CryptReleaseContext(hProv, NULL); CloseHandle(hFile); - return(true); + return true; } } else if(Algorithm == UE_STATIC_HASH_SHA1) @@ -1008,7 +1008,7 @@ __declspec(dllexport) bool TITCALL StaticHashFileW(wchar_t* szFileName, char* Ha CryptDestroyHash(hHash); CryptReleaseContext(hProv, NULL); CloseHandle(hFile); - return(false); + return false; } else { @@ -1033,12 +1033,12 @@ __declspec(dllexport) bool TITCALL StaticHashFileW(wchar_t* szFileName, char* Ha CryptDestroyHash(hHash); CryptReleaseContext(hProv, NULL); CloseHandle(hFile); - return(false); + return false; } CryptDestroyHash(hHash); CryptReleaseContext(hProv, NULL); CloseHandle(hFile); - return(true); + return true; } } } @@ -1066,8 +1066,8 @@ __declspec(dllexport) bool TITCALL StaticHashFileW(wchar_t* szFileName, char* Ha RtlMoveMemory(HashDigest, &crc32, sizeof crc32); } CloseHandle(hFile); - return(true); + return true; } CloseHandle(hFile); - return(false); -} \ No newline at end of file + return false; +} diff --git a/TitanEngine/TitanEngine.TLS.cpp b/TitanEngine/TitanEngine.TLS.cpp index 990f90a..5c3e1f4 100644 --- a/TitanEngine/TitanEngine.TLS.cpp +++ b/TitanEngine/TitanEngine.TLS.cpp @@ -28,11 +28,11 @@ __declspec(dllexport) bool TITCALL TLSBreakOnCallBack(LPVOID ArrayOfCallBacks, D } engineTLSBreakOnCallBackAddress = (ULONG_PTR)bpxCallBack; engineTLSBreakOnCallBack = true; - return(true); + return true; } else { - return(false); + return false; } } __declspec(dllexport) bool TITCALL TLSGrabCallBackData(char* szFileName, LPVOID ArrayOfCallBacks, LPDWORD NumberOfCallBacks) @@ -47,7 +47,7 @@ __declspec(dllexport) bool TITCALL TLSGrabCallBackData(char* szFileName, LPVOID } else { - return(false); + return false; } } __declspec(dllexport) bool TITCALL TLSGrabCallBackDataW(wchar_t* szFileName, LPVOID ArrayOfCallBacks, LPDWORD NumberOfCallBacks) @@ -86,7 +86,7 @@ __declspec(dllexport) bool TITCALL TLSGrabCallBackDataW(wchar_t* szFileName, LPV else { UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); - return(false); + return false; } if(!FileIs64) { @@ -106,20 +106,20 @@ __declspec(dllexport) bool TITCALL TLSGrabCallBackDataW(wchar_t* szFileName, LPV } *NumberOfCallBacks = NumberOfTLSCallBacks; UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); - return(true); + return true; } else { *NumberOfCallBacks = NULL; UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); - return(false); + return false; } } else { *NumberOfCallBacks = NULL; UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); - return(false); + return false; } } else @@ -140,20 +140,20 @@ __declspec(dllexport) bool TITCALL TLSGrabCallBackDataW(wchar_t* szFileName, LPV } *NumberOfCallBacks = NumberOfTLSCallBacks; UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); - return(true); + return true; } else { *NumberOfCallBacks = NULL; UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); - return(false); + return false; } } else { *NumberOfCallBacks = NULL; UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); - return(false); + return false; } } } @@ -161,10 +161,10 @@ __declspec(dllexport) bool TITCALL TLSGrabCallBackDataW(wchar_t* szFileName, LPV { *NumberOfCallBacks = NULL; UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); - return(false); + return false; } } - return(false); + return false; } __declspec(dllexport) bool TITCALL TLSBreakOnCallBackEx(char* szFileName, LPVOID bpxCallBack) { @@ -178,7 +178,7 @@ __declspec(dllexport) bool TITCALL TLSBreakOnCallBackEx(char* szFileName, LPVOID } else { - return(false); + return false; } } __declspec(dllexport) bool TITCALL TLSBreakOnCallBackExW(wchar_t* szFileName, LPVOID bpxCallBack) @@ -193,16 +193,16 @@ __declspec(dllexport) bool TITCALL TLSBreakOnCallBackExW(wchar_t* szFileName, LP if(TLSGrabCallBackDataW(szFileName, &TlsArrayOfCallBacks, &TlsNumberOfCallBacks)) { TLSBreakOnCallBack(&TlsArrayOfCallBacks, TlsNumberOfCallBacks, bpxCallBack); - return(true); + return true; } else { - return(false); + return false; } } else { - return(false); + return false; } } __declspec(dllexport) bool TITCALL TLSRemoveCallback(char* szFileName) @@ -217,7 +217,7 @@ __declspec(dllexport) bool TITCALL TLSRemoveCallback(char* szFileName) } else { - return(false); + return false; } } __declspec(dllexport) bool TITCALL TLSRemoveCallbackW(wchar_t* szFileName) @@ -253,7 +253,7 @@ __declspec(dllexport) bool TITCALL TLSRemoveCallbackW(wchar_t* szFileName) else { UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); - return(false); + return false; } if(!FileIs64) { @@ -267,24 +267,24 @@ __declspec(dllexport) bool TITCALL TLSRemoveCallbackW(wchar_t* szFileName) { TLSDirectoryX86->AddressOfCallBacks = NULL; UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); - return(true); + return true; } else { UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); - return(false); + return false; } } __except(EXCEPTION_EXECUTE_HANDLER) { UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); - return(false); + return false; } } else { UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); - return(false); + return false; } } else @@ -299,34 +299,34 @@ __declspec(dllexport) bool TITCALL TLSRemoveCallbackW(wchar_t* szFileName) { TLSDirectoryX64->AddressOfCallBacks = NULL; UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); - return(true); + return true; } else { UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); - return(false); + return false; } } __except(EXCEPTION_EXECUTE_HANDLER) { UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); - return(false); + return false; } } else { UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); - return(false); + return false; } } } else { UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); - return(false); + return false; } } - return(false); + return false; } __declspec(dllexport) bool TITCALL TLSRemoveTable(char* szFileName) { @@ -340,7 +340,7 @@ __declspec(dllexport) bool TITCALL TLSRemoveTable(char* szFileName) } else { - return(false); + return false; } } __declspec(dllexport) bool TITCALL TLSRemoveTableW(wchar_t* szFileName) @@ -376,7 +376,7 @@ __declspec(dllexport) bool TITCALL TLSRemoveTableW(wchar_t* szFileName) else { UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); - return(false); + return false; } if(!FileIs64) { @@ -390,18 +390,18 @@ __declspec(dllexport) bool TITCALL TLSRemoveTableW(wchar_t* szFileName) PEHeader32->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_TLS].Size = NULL; RtlZeroMemory(TLSDirectoryX86, sizeof IMAGE_TLS_DIRECTORY32); UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); - return(true); + return true; } __except(EXCEPTION_EXECUTE_HANDLER) { UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); - return(false); + return false; } } else { UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); - return(false); + return false; } } else @@ -416,28 +416,28 @@ __declspec(dllexport) bool TITCALL TLSRemoveTableW(wchar_t* szFileName) PEHeader64->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_TLS].Size = NULL; RtlZeroMemory(TLSDirectoryX64, sizeof IMAGE_TLS_DIRECTORY64); UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); - return(true); + return true; } __except(EXCEPTION_EXECUTE_HANDLER) { UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); - return(false); + return false; } } else { UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); - return(false); + return false; } } } else { UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); - return(false); + return false; } } - return(false); + return false; } __declspec(dllexport) bool TITCALL TLSBackupData(char* szFileName) { @@ -451,7 +451,7 @@ __declspec(dllexport) bool TITCALL TLSBackupData(char* szFileName) } else { - return(false); + return false; } } __declspec(dllexport) bool TITCALL TLSBackupDataW(wchar_t* szFileName) @@ -496,7 +496,7 @@ __declspec(dllexport) bool TITCALL TLSBackupDataW(wchar_t* szFileName) else { UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); - return(false); + return false; } if(!FileIs64) { @@ -521,27 +521,27 @@ __declspec(dllexport) bool TITCALL TLSBackupDataW(wchar_t* szFileName) } *NumberOfCallBacks = NumberOfTLSCallBacks; UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); - return(true); + return true; } else { *NumberOfCallBacks = NULL; UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); - return(false); + return false; } } __except(EXCEPTION_EXECUTE_HANDLER) { *NumberOfCallBacks = NULL; UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); - return(false); + return false; } } else { *NumberOfCallBacks = NULL; UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); - return(false); + return false; } } else @@ -567,27 +567,27 @@ __declspec(dllexport) bool TITCALL TLSBackupDataW(wchar_t* szFileName) } *NumberOfCallBacks = NumberOfTLSCallBacks; UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); - return(true); + return true; } else { *NumberOfCallBacks = NULL; UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); - return(false); + return false; } } __except(EXCEPTION_EXECUTE_HANDLER) { *NumberOfCallBacks = NULL; UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); - return(false); + return false; } } else { *NumberOfCallBacks = NULL; UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); - return(false); + return false; } } } @@ -595,10 +595,10 @@ __declspec(dllexport) bool TITCALL TLSBackupDataW(wchar_t* szFileName) { *NumberOfCallBacks = NULL; UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); - return(false); + return false; } } - return(false); + return false; } __declspec(dllexport) bool TITCALL TLSRestoreData() { @@ -616,13 +616,13 @@ __declspec(dllexport) bool TITCALL TLSRestoreData() if(WriteProcessMemory(dbgProcessInformation.hProcess, (LPVOID)(engineBackupTLSDataX64.AddressOfCallBacks + GetDebuggedFileBaseAddress()), engineBackupArrayOfCallBacks, sizeof IMAGE_TLS_DIRECTORY64, &ueNumberOfBytesRead)) { engineBackupTLSAddress = NULL; - return(true); + return true; } } else { engineBackupTLSAddress = NULL; - return(true); + return true; } } } @@ -635,18 +635,18 @@ __declspec(dllexport) bool TITCALL TLSRestoreData() if(WriteProcessMemory(dbgProcessInformation.hProcess, (LPVOID)(engineBackupTLSDataX86.AddressOfCallBacks + GetDebuggedFileBaseAddress()), engineBackupArrayOfCallBacks, sizeof IMAGE_TLS_DIRECTORY32, &ueNumberOfBytesRead)) { engineBackupTLSAddress = NULL; - return(true); + return true; } } else { engineBackupTLSAddress = NULL; - return(true); + return true; } } } } - return(false); + return false; } __declspec(dllexport) bool TITCALL TLSBuildNewTable(ULONG_PTR FileMapVA, ULONG_PTR StorePlace, ULONG_PTR StorePlaceRVA, LPVOID ArrayOfCallBacks, DWORD NumberOfCallBacks) { @@ -676,7 +676,7 @@ __declspec(dllexport) bool TITCALL TLSBuildNewTable(ULONG_PTR FileMapVA, ULONG_P } else { - return(false); + return false; } if(!FileIs64) { @@ -690,11 +690,11 @@ __declspec(dllexport) bool TITCALL TLSBuildNewTable(ULONG_PTR FileMapVA, ULONG_P TLSDirectoryX86->AddressOfIndex = (DWORD)TLSWriteData + 0x14; TLSDirectoryX86->AddressOfCallBacks = (DWORD)TLSWriteData + sizeof IMAGE_TLS_DIRECTORY32 + 8; RtlMoveMemory((LPVOID)(StorePlace + sizeof IMAGE_TLS_DIRECTORY32 + 8), ArrayOfCallBacks, NumberOfCallBacks * 4); - return(true); + return true; } __except(EXCEPTION_EXECUTE_HANDLER) { - return(false); + return false; } } else @@ -709,20 +709,20 @@ __declspec(dllexport) bool TITCALL TLSBuildNewTable(ULONG_PTR FileMapVA, ULONG_P TLSDirectoryX64->AddressOfIndex = TLSWriteData + 0x28; TLSDirectoryX64->AddressOfCallBacks = TLSWriteData + sizeof IMAGE_TLS_DIRECTORY64 + 12; RtlMoveMemory((LPVOID)(StorePlace + sizeof IMAGE_TLS_DIRECTORY64 + 12), ArrayOfCallBacks, NumberOfCallBacks * 8); - return(true); + return true; } __except(EXCEPTION_EXECUTE_HANDLER) { - return(false); + return false; } } } else { - return(false); + return false; } } - return(false); + return false; } __declspec(dllexport) bool TITCALL TLSBuildNewTableEx(char* szFileName, char* szSectionName, LPVOID ArrayOfCallBacks, DWORD NumberOfCallBacks) { @@ -736,7 +736,7 @@ __declspec(dllexport) bool TITCALL TLSBuildNewTableEx(char* szFileName, char* sz } else { - return(false); + return false; } } __declspec(dllexport) bool TITCALL TLSBuildNewTableExW(wchar_t* szFileName, char* szSectionName, LPVOID ArrayOfCallBacks, DWORD NumberOfCallBacks) @@ -760,15 +760,15 @@ __declspec(dllexport) bool TITCALL TLSBuildNewTableExW(wchar_t* szFileName, char UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); if(ReturnValue) { - return(true); + return true; } else { - return(false); + return false; } } else { - return(false); + return false; } -} \ No newline at end of file +} diff --git a/TitanEngine/TitanEngine.Threader.cpp b/TitanEngine/TitanEngine.Threader.cpp index e1437c6..525bc10 100644 --- a/TitanEngine/TitanEngine.Threader.cpp +++ b/TitanEngine/TitanEngine.Threader.cpp @@ -43,10 +43,10 @@ __declspec(dllexport) bool TITCALL ThreaderImportRunningThreadData(DWORD Process while(Thread32Next(hSnapShot, &ThreadEntry)); } EngineCloseHandle(hSnapShot); - return(true); + return true; } } - return(false); + return false; } __declspec(dllexport) void* TITCALL ThreaderGetThreadInfo(HANDLE hThread, DWORD ThreadId) { @@ -123,20 +123,20 @@ __declspec(dllexport) bool TITCALL ThreaderPauseThread(HANDLE hThread) { if(SuspendThread(hThread) != -1) { - return(true); + return true; } else { - return(false); + return false; } } else { - return(false); + return false; } } } - return(false); + return false; } __declspec(dllexport) bool TITCALL ThreaderResumeThread(HANDLE hThread) { @@ -155,20 +155,20 @@ __declspec(dllexport) bool TITCALL ThreaderResumeThread(HANDLE hThread) { if(ResumeThread(hThread) != -1) { - return(true); + return true; } else { - return(false); + return false; } } else { - return(false); + return false; } } } - return(false); + return false; } __declspec(dllexport) bool TITCALL ThreaderTerminateThread(HANDLE hThread, DWORD ThreadExitCode) { @@ -191,20 +191,20 @@ __declspec(dllexport) bool TITCALL ThreaderTerminateThread(HANDLE hThread, DWORD hListThreadPtr->dwThreadId = NULL; hListThreadPtr->ThreadLocalBase = NULL; hListThreadPtr->ThreadStartAddress = NULL; - return(true); + return true; } else { - return(false); + return false; } } else { - return(false); + return false; } } } - return(false); + return false; } __declspec(dllexport) bool TITCALL ThreaderPauseAllThreads(bool LeaveMainRunning) { @@ -228,9 +228,9 @@ __declspec(dllexport) bool TITCALL ThreaderPauseAllThreads(bool LeaveMainRunning } hListThreadPtr = (PTHREAD_ITEM_DATA)((ULONG_PTR)hListThreadPtr + sizeof THREAD_ITEM_DATA); } - return(true); + return true; } - return(false); + return false; } __declspec(dllexport) bool TITCALL ThreaderResumeAllThreads(bool LeaveMainPaused) { @@ -254,9 +254,9 @@ __declspec(dllexport) bool TITCALL ThreaderResumeAllThreads(bool LeaveMainPaused } hListThreadPtr = (PTHREAD_ITEM_DATA)((ULONG_PTR)hListThreadPtr + sizeof THREAD_ITEM_DATA); } - return(true); + return true; } - return(false); + return false; } __declspec(dllexport) bool TITCALL ThreaderPauseProcess() { @@ -298,14 +298,14 @@ __declspec(dllexport) bool TITCALL ThreaderInjectAndExecuteCode(LPVOID InjectCod if(WriteProcessMemory(dbgProcessInformation.hProcess, ThreadBase, InjectCode, InjectSize, &ueNumberOfBytesRead)) { ThreaderCreateRemoteThread((ULONG_PTR)((ULONG_PTR)InjectCode + StartDelta), true, NULL, NULL); - return(true); + return true; } else { - return(false); + return false; } } - return(false); + return false; } __declspec(dllexport) long long TITCALL ThreaderCreateRemoteThreadEx(HANDLE hProcess, ULONG_PTR ThreadStartAddress, bool AutoCloseTheHandle, LPVOID ThreadPassParameter, LPDWORD ThreadId) { @@ -339,14 +339,14 @@ __declspec(dllexport) bool TITCALL ThreaderInjectAndExecuteCodeEx(HANDLE hProces if(WriteProcessMemory(hProcess, ThreadBase, InjectCode, InjectSize, &ueNumberOfBytesRead)) { ThreaderCreateRemoteThread((ULONG_PTR)((ULONG_PTR)InjectCode + StartDelta), true, NULL, NULL); - return(true); + return true; } else { - return(false); + return false; } } - return(false); + return false; } __declspec(dllexport) void TITCALL ThreaderSetCallBackForNextExitThreadEvent(LPVOID exitThreadCallBack) { @@ -361,11 +361,11 @@ __declspec(dllexport) bool TITCALL ThreaderIsThreadStillRunning(HANDLE hThread) myDBGContext.ContextFlags = CONTEXT_ALL; if(GetThreadContext(hThread, &myDBGContext)) { - return(true); + return true; } else { - return(false); + return false; } } __declspec(dllexport) bool TITCALL ThreaderIsThreadActive(HANDLE hThread) @@ -373,9 +373,9 @@ __declspec(dllexport) bool TITCALL ThreaderIsThreadActive(HANDLE hThread) if(SuspendThread(hThread)) //if previous suspend count is above 0 (which means thread is suspended) { ResumeThread(hThread); //decrement suspend count - return(true); + return true; } - return(false); + return false; } __declspec(dllexport) bool TITCALL ThreaderIsAnyThreadActive() { @@ -390,13 +390,13 @@ __declspec(dllexport) bool TITCALL ThreaderIsAnyThreadActive() { if(ThreaderIsThreadActive(hListThreadPtr->hThread)) { - return(true); + return true; } } hListThreadPtr = (PTHREAD_ITEM_DATA)((ULONG_PTR)hListThreadPtr + sizeof THREAD_ITEM_DATA); } } - return(false); + return false; } __declspec(dllexport) bool TITCALL ThreaderExecuteOnlyInjectedThreads() { @@ -404,9 +404,9 @@ __declspec(dllexport) bool TITCALL ThreaderExecuteOnlyInjectedThreads() if(ThreaderPauseProcess()) { engineResumeProcessIfNoThreadIsActive = true; - return(true); + return true; } - return(false); + return false; } __declspec(dllexport) long long TITCALL ThreaderGetOpenHandleForThread(DWORD ThreadId) { @@ -438,7 +438,7 @@ __declspec(dllexport) bool TITCALL ThreaderIsExceptionInMainThread() myDBGEvent = (LPDEBUG_EVENT)GetDebugData(); if(myDBGEvent->dwThreadId == dbgProcessInformation.dwThreadId) { - return(true); + return true; } - return(false); -} \ No newline at end of file + return false; +} diff --git a/TitanEngine/TitanEngine.cbp b/TitanEngine/TitanEngine.cbp index 2e1cb80..9d4c449 100644 --- a/TitanEngine/TitanEngine.cbp +++ b/TitanEngine/TitanEngine.cbp @@ -72,6 +72,8 @@ + + diff --git a/TitanEngine/TitanEngine.def b/TitanEngine/TitanEngine.def index 7de8d84..bdbf405 100644 --- a/TitanEngine/TitanEngine.def +++ b/TitanEngine/TitanEngine.def @@ -88,7 +88,6 @@ StopDebug SetBPXOptions IsBPXEnabled SetBPX -SetBPXEx DisableBPX EnableBPX DeleteBPX diff --git a/TitanEngine/definitions.h b/TitanEngine/definitions.h index ecd271f..6b8d0de 100644 --- a/TitanEngine/definitions.h +++ b/TitanEngine/definitions.h @@ -169,12 +169,11 @@ __declspec(dllexport) bool TITCALL IsBPXEnabled(ULONG_PTR bpxAddress); __declspec(dllexport) bool TITCALL EnableBPX(ULONG_PTR bpxAddress); __declspec(dllexport) bool TITCALL DisableBPX(ULONG_PTR bpxAddress); __declspec(dllexport) bool TITCALL SetBPX(ULONG_PTR bpxAddress, DWORD bpxType, LPVOID bpxCallBack); -__declspec(dllexport) bool TITCALL SetBPXEx(ULONG_PTR bpxAddress, DWORD bpxType, DWORD NumberOfExecution, DWORD CmpRegister, DWORD CmpCondition, ULONG_PTR CmpValue, LPVOID bpxCallBack, LPVOID bpxCompareCallBack, LPVOID bpxRemoveCallBack); __declspec(dllexport) bool TITCALL DeleteBPX(ULONG_PTR bpxAddress); __declspec(dllexport) bool TITCALL SafeDeleteBPX(ULONG_PTR bpxAddress); -__declspec(dllexport) bool TITCALL SetAPIBreakPoint(char* szDLLName, char* szAPIName, DWORD bpxType, DWORD bpxPlace, LPVOID bpxCallBack); -__declspec(dllexport) bool TITCALL DeleteAPIBreakPoint(char* szDLLName, char* szAPIName, DWORD bpxPlace); -__declspec(dllexport) bool TITCALL SafeDeleteAPIBreakPoint(char* szDLLName, char* szAPIName, DWORD bpxPlace); +__declspec(dllexport) bool TITCALL SetAPIBreakPoint(const char* szDLLName, const char* szAPIName, DWORD bpxType, DWORD bpxPlace, LPVOID bpxCallBack); +__declspec(dllexport) bool TITCALL DeleteAPIBreakPoint(const char* szDLLName, const char* szAPIName, DWORD bpxPlace); +__declspec(dllexport) bool TITCALL SafeDeleteAPIBreakPoint(const char* szDLLName, const char* szAPIName, DWORD bpxPlace); __declspec(dllexport) bool TITCALL SetMemoryBPX(ULONG_PTR MemoryStart, SIZE_T SizeOfMemory, LPVOID bpxCallBack); __declspec(dllexport) bool TITCALL SetMemoryBPXEx(ULONG_PTR MemoryStart, SIZE_T SizeOfMemory, DWORD BreakPointType, bool RestoreOnHit, LPVOID bpxCallBack); __declspec(dllexport) bool TITCALL RemoveMemoryBPX(ULONG_PTR MemoryStart, SIZE_T SizeOfMemory); diff --git a/TitanEngine/stdafx.h b/TitanEngine/stdafx.h index 3cdd0c4..367d798 100644 --- a/TitanEngine/stdafx.h +++ b/TitanEngine/stdafx.h @@ -115,18 +115,11 @@ typedef struct BYTE BreakPointActive; ULONG_PTR BreakPointAddress; SIZE_T BreakPointSize; - BYTE OriginalByte[10]; + BYTE OriginalByte[UE_MAX_BREAKPOINT_SIZE]; int BreakPointType; int AdvancedBreakPointType; int MemoryBpxRestoreOnHit; - DWORD NumberOfExecutions; - DWORD CmpRegister; - int CmpCondition; - ULONG_PTR CmpValue; ULONG_PTR ExecuteCallBack; - ULONG_PTR CompareCallBack; - ULONG_PTR RemoveCallBack; - DWORD UniqueLinkId; } BreakPointDetail, *PBreakPointDetail; typedef struct @@ -995,4 +988,4 @@ typedef _PEB_T PEB64; typedef PEB64 PEB_CURRENT; #else typedef PEB32 PEB_CURRENT; -#endif \ No newline at end of file +#endif