UNICODE-FIX new ImporterGetRemoteDLLBaseExW

SDK/C/TitanEngine.h

@@ -756,6 +756,7 @@ __declspec(dllexport) long TITCALL ImporterGetDLLIndexEx(ULONG_PTR APIAddress, U
 __declspec(dllexport) long TITCALL ImporterGetDLLIndex(HANDLE hProcess, ULONG_PTR APIAddress, ULONG_PTR DLLBasesList);
 __declspec(dllexport) long long TITCALL ImporterGetRemoteDLLBase(HANDLE hProcess, HMODULE LocalModuleBase);
 __declspec(dllexport) long long TITCALL ImporterGetRemoteDLLBaseEx(HANDLE hProcess, char* szModuleName);
+__declspec(dllexport) void* TITCALL ImporterGetRemoteDLLBaseExW(HANDLE hProcess, wchar_t* szModuleName);
 __declspec(dllexport) bool TITCALL ImporterIsForwardedAPI(HANDLE hProcess, ULONG_PTR APIAddress);
 __declspec(dllexport) void* TITCALL ImporterGetForwardedAPIName(HANDLE hProcess, ULONG_PTR APIAddress);
 __declspec(dllexport) void* TITCALL ImporterGetForwardedDLLName(HANDLE hProcess, ULONG_PTR APIAddress);

SDK/CPP/TitanEngine.h

@@ -754,6 +754,8 @@ __declspec(dllimport) long long TITCALL ImporterGetAPIOrdinalNumberFromDebugee(H
 __declspec(dllimport) long TITCALL ImporterGetDLLIndexEx(ULONG_PTR APIAddress, ULONG_PTR DLLBasesList);
 __declspec(dllimport) long TITCALL ImporterGetDLLIndex(HANDLE hProcess, ULONG_PTR APIAddress, ULONG_PTR DLLBasesList);
 __declspec(dllimport) long long TITCALL ImporterGetRemoteDLLBase(HANDLE hProcess, HMODULE LocalModuleBase);
+__declspec(dllimport) long long TITCALL ImporterGetRemoteDLLBaseEx(HANDLE hProcess, char* szModuleName);
+__declspec(dllimport) void* TITCALL ImporterGetRemoteDLLBaseExW(HANDLE hProcess, wchar_t* szModuleName);
 __declspec(dllimport) bool TITCALL ImporterIsForwardedAPI(HANDLE hProcess, ULONG_PTR APIAddress);
 __declspec(dllimport) void* TITCALL ImporterGetForwardedAPIName(HANDLE hProcess, ULONG_PTR APIAddress);
 __declspec(dllimport) void* TITCALL ImporterGetForwardedDLLName(HANDLE hProcess, ULONG_PTR APIAddress);

SDK/CPP/TitanEngine.hpp

@@ -1737,6 +1737,14 @@ protected:
     {
         return UE::ImporterGetRemoteDLLBase(hProcess, LocalModuleBase);
     }
+	static long long GetRemoteDLLBaseEx(HANDLE hProcess, char* szModuleName)
+	{
+	    return UE::ImporterGetRemoteDLLBaseEx(hProcess, szModuleName);
+	}
+	static void* GetRemoteDLLBaseExW(HANDLE hProcess, WCHAR* szModuleName)
+	{
+	    return UE::ImporterGetRemoteDLLBaseExW(hProcess, szModuleName);
+	}
     static bool IsForwardedAPI(HANDLE hProcess, ULONG_PTR APIAddress)
     {
         return UE::ImporterIsForwardedAPI(hProcess, APIAddress);

TitanEngine/TitanEngine.Importer.cpp

@@ -127,7 +127,7 @@ __declspec(dllexport) long long TITCALL ImporterGetRemoteAPIAddressEx(char* szDL
     WCHAR uniDLLName[MAX_PATH] = {0};
     if (MultiByteToWideChar(CP_ACP, NULL, szDLLName, -1, uniDLLName, _countof(uniDLLName)))
     {
-        return EngineGetProcAddressRemote(szDLLName, szAPIName);
+        return EngineGetProcAddressRemote(uniDLLName, szAPIName);
     }
     else
     {
@@ -162,27 +162,39 @@ __declspec(dllexport) long long TITCALL ImporterGetRemoteDLLBase(HANDLE hProcess
 {
     return((ULONG_PTR)EngineGlobalAPIHandler(hProcess, NULL, (ULONG_PTR)LocalModuleBase, NULL, UE_OPTION_IMPORTER_RETURN_DLLBASE));
 }
-__declspec(dllexport) long long TITCALL ImporterGetRemoteDLLBaseEx(HANDLE hProcess, char* szModuleName)
+__declspec(dllexport) void* TITCALL ImporterGetRemoteDLLBaseExW(HANDLE hProcess, WCHAR * szModuleName)
 {
     DWORD cbNeeded = NULL;
-    HMODULE EnumeratedModules[0x1024] = {0};
+    HMODULE EnumeratedModules[1024] = {0};
-    char RemoteDLLName[MAX_PATH] = {0};
+    WCHAR RemoteDLLName[MAX_PATH] = {0};
 
     if(EnumProcessModules(hProcess, EnumeratedModules, sizeof(EnumeratedModules), &cbNeeded))
     {
         for(int i = 0; i < (int)(cbNeeded / sizeof(HMODULE)); i++)
         {
             RemoteDLLName[0] = 0;
-            if(GetModuleBaseNameA(hProcess, EnumeratedModules[i], (LPSTR)RemoteDLLName, _countof(RemoteDLLName)) > NULL)
+            if(GetModuleBaseNameW(hProcess, EnumeratedModules[i], RemoteDLLName, _countof(RemoteDLLName)) > NULL)
             {
-                if(lstrcmpiA((LPCSTR)RemoteDLLName, (LPCSTR)szModuleName))
+                if(_wcsicmp(RemoteDLLName, szModuleName) == 0)
                 {
-                    return((ULONG_PTR)EnumeratedModules[i]);
+                    return (void*)EnumeratedModules[i];
                 }
             }
         }
     }
-    return(NULL);
+    return 0;
+}
+__declspec(dllexport) long long TITCALL ImporterGetRemoteDLLBaseEx(HANDLE hProcess, char* szModuleName)
+{
+    WCHAR uniModuleName[MAX_PATH] = {0};
+    if (MultiByteToWideChar(CP_ACP, NULL, szModuleName, -1, uniModuleName, _countof(uniModuleName)))
+    {
+        return (long long)ImporterGetRemoteDLLBaseExW(hProcess, uniModuleName);
+    }
+    else
+    {
+        return 0;
+    }
 }
 
 __declspec(dllexport) bool TITCALL ImporterIsForwardedAPI(HANDLE hProcess, ULONG_PTR APIAddress)

TitanEngine/TitanEngine.def

@@ -186,6 +186,7 @@ ImporterGetDLLIndexEx
 ImporterGetDLLIndex
 ImporterGetRemoteDLLBase
 ImporterGetRemoteDLLBaseEx
+ImporterGetRemoteDLLBaseExW
 ImporterIsForwardedAPI
 ImporterAutoSearchIAT
 ImporterAutoSearchIATW

TitanEngine/definitions.h

@@ -262,6 +262,7 @@ __declspec(dllexport) long TITCALL ImporterGetDLLIndexEx(ULONG_PTR APIAddress, U
 __declspec(dllexport) long TITCALL ImporterGetDLLIndex(HANDLE hProcess, ULONG_PTR APIAddress, ULONG_PTR DLLBasesList);
 __declspec(dllexport) long long TITCALL ImporterGetRemoteDLLBase(HANDLE hProcess, HMODULE LocalModuleBase);
 __declspec(dllexport) long long TITCALL ImporterGetRemoteDLLBaseEx(HANDLE hProcess, char* szModuleName);
+__declspec(dllexport) void* TITCALL ImporterGetRemoteDLLBaseExW(HANDLE hProcess, WCHAR* szModuleName);
 __declspec(dllexport) bool TITCALL ImporterIsForwardedAPI(HANDLE hProcess, ULONG_PTR APIAddress);
 __declspec(dllexport) void* TITCALL ImporterGetForwardedAPIName(HANDLE hProcess, ULONG_PTR APIAddress);
 __declspec(dllexport) void* TITCALL ImporterGetForwardedDLLName(HANDLE hProcess, ULONG_PTR APIAddress);