x64dbg
/
TitanEngine
mirror of https://github.com/x64dbg/TitanEngine
1
0
Fork 0
Code Releases Activity

commented all functions that are either obsolete or need change since scylla integration. see scylla_integration.txt

This commit is contained in:
cypherpunk 2014-01-16 14:48:00 +01:00
parent 095950b16d
commit b29e53cd16
2 changed files with 116 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

77
TitanEngine/TitanEngine.cpp
View File

@ -18498,7 +18498,9 @@ __declspec(dllexport) bool TITCALL FindOEPGenericallyW(wchar_t* szFileName, LPVO
// TitanEngine.Importer.functions: // TitanEngine.Importer.functions:
__declspec(dllexport) void TITCALL ImporterCleanup() __declspec(dllexport) void TITCALL ImporterCleanup()
{ {
//TODO scylla obsoleted this
return;
/*
int i = 0; int i = 0;
for(i = 0; i < 1000; i++) for(i = 0; i < 1000; i++)
@ -18518,24 +18520,29 @@ __declspec(dllexport) void TITCALL ImporterCleanup()
impOrdinalList[i][0] = 0; impOrdinalList[i][0] = 0;
impOrdinalList[i][1] = 0; impOrdinalList[i][1] = 0;
} }
*/
} }
__declspec(dllexport) void TITCALL ImporterSetImageBase(ULONG_PTR ImageBase) __declspec(dllexport) void TITCALL ImporterSetImageBase(ULONG_PTR ImageBase)
{ {
// scylla obsoleted this
impImageBase = ImageBase; impImageBase = ImageBase;
} }
__declspec(dllexport) void TITCALL ImporterSetUnknownDelta(ULONG_PTR DeltaAddress) __declspec(dllexport) void TITCALL ImporterSetUnknownDelta(ULONG_PTR DeltaAddress)
{ {
//scylla obsoleted this
impDeltaStart = DeltaAddress; impDeltaStart = DeltaAddress;
impDeltaCurrent = DeltaAddress; impDeltaCurrent = DeltaAddress;
} }
__declspec(dllexport) long long TITCALL ImporterGetCurrentDelta() __declspec(dllexport) long long TITCALL ImporterGetCurrentDelta()
{ {
//scylla obsoleted this
return((ULONG_PTR)impDeltaCurrent); return((ULONG_PTR)impDeltaCurrent);
} }
__declspec(dllexport) void TITCALL ImporterInit(DWORD MemorySize, ULONG_PTR ImageBase) __declspec(dllexport) void TITCALL ImporterInit(DWORD MemorySize, ULONG_PTR ImageBase)
{ {
//TODO scylla obsoleted this
return;
/*
impImageBase = ImageBase; impImageBase = ImageBase;
if(MemorySize != NULL) if(MemorySize != NULL)
{ {
@ -18550,10 +18557,13 @@ __declspec(dllexport) void TITCALL ImporterInit(DWORD MemorySize, ULONG_PTR Imag
impDLLNumber = 0xFFFFFFFF; impDLLNumber = 0xFFFFFFFF;
impDeltaStart = NULL; impDeltaStart = NULL;
impDeltaCurrent = NULL; impDeltaCurrent = NULL;
*/
} }
__declspec(dllexport) void TITCALL ImporterAddNewDll(char* szDLLName, ULONG_PTR FirstThunk) __declspec(dllexport) void TITCALL ImporterAddNewDll(char* szDLLName, ULONG_PTR FirstThunk)
{ {
//TODO scylla enable
return;
/*
int CopyDummy = 1; int CopyDummy = 1;
impDLLNumber++; impDLLNumber++;
@ -18579,11 +18589,13 @@ __declspec(dllexport) void TITCALL ImporterAddNewDll(char* szDLLName, ULONG_PTR
if(FirstThunk == NULL && impDeltaStart != NULL) if(FirstThunk == NULL && impDeltaStart != NULL)
{ {
impDeltaCurrent = impDeltaCurrent + sizeof ULONG_PTR; impDeltaCurrent = impDeltaCurrent + sizeof ULONG_PTR;
} }*/
} }
__declspec(dllexport) void TITCALL ImporterAddNewAPI(char* szAPIName, ULONG_PTR ThunkValue) __declspec(dllexport) void TITCALL ImporterAddNewAPI(char* szAPIName, ULONG_PTR ThunkValue)
{ {
//TODO scylla enable
return;
/*
int i = NULL; int i = NULL;
int CopyDummy = NULL; int CopyDummy = NULL;
ULONG_PTR LastThunkValue = NULL; ULONG_PTR LastThunkValue = NULL;
@ -18644,10 +18656,13 @@ __declspec(dllexport) void TITCALL ImporterAddNewAPI(char* szAPIName, ULONG_PTR
RtlMoveMemory(&CopyDummy, (LPVOID)(impDLLDataList[impDLLNumber][0] + 2 * sizeof ULONG_PTR), 4); RtlMoveMemory(&CopyDummy, (LPVOID)(impDLLDataList[impDLLNumber][0] + 2 * sizeof ULONG_PTR), 4);
CopyDummy++; CopyDummy++;
RtlMoveMemory((LPVOID)(impDLLDataList[impDLLNumber][0] + 2 * sizeof ULONG_PTR), &CopyDummy, 4); RtlMoveMemory((LPVOID)(impDLLDataList[impDLLNumber][0] + 2 * sizeof ULONG_PTR), &CopyDummy, 4);
*/
} }
__declspec(dllexport) void TITCALL ImporterAddNewOrdinalAPI(ULONG_PTR OrdinalNumber, ULONG_PTR ThunkValue) __declspec(dllexport) void TITCALL ImporterAddNewOrdinalAPI(ULONG_PTR OrdinalNumber, ULONG_PTR ThunkValue)
{ {
//TODO scylla enable
return;
/*
if(OrdinalNumber & IMAGE_ORDINAL_FLAG) if(OrdinalNumber & IMAGE_ORDINAL_FLAG)
{ {
OrdinalNumber = OrdinalNumber ^ IMAGE_ORDINAL_FLAG; OrdinalNumber = OrdinalNumber ^ IMAGE_ORDINAL_FLAG;
@ -18657,14 +18672,21 @@ __declspec(dllexport) void TITCALL ImporterAddNewOrdinalAPI(ULONG_PTR OrdinalNum
{ {
ImporterAddNewAPI((char*)OrdinalNumber, ThunkValue); ImporterAddNewAPI((char*)OrdinalNumber, ThunkValue);
} }
*/
} }
__declspec(dllexport) long TITCALL ImporterGetAddedDllCount() __declspec(dllexport) long TITCALL ImporterGetAddedDllCount()
{ {
//TODO scylla enable
return 0;
/*
return(impDLLNumber + 1); return(impDLLNumber + 1);
*/
} }
__declspec(dllexport) long TITCALL ImporterGetAddedAPICount() __declspec(dllexport) long TITCALL ImporterGetAddedAPICount()
{ {
//TODO scylla enable
return 0;
/*
int i = 0; int i = 0;
int CopyDummy = NULL; int CopyDummy = NULL;
DWORD DLLNumber = NULL; DWORD DLLNumber = NULL;
@ -18679,9 +18701,13 @@ __declspec(dllexport) long TITCALL ImporterGetAddedAPICount()
i++; i++;
} }
return(APINumber); return(APINumber);
*/
} }
__declspec(dllexport) void* TITCALL ImporterGetLastAddedDLLName() __declspec(dllexport) void* TITCALL ImporterGetLastAddedDLLName()
{ {
//TODO scylla enable
return NULL;
/*
if(impDLLNumber != 0xFFFFFFFF && impDLLNumber < 1000) if(impDLLNumber != 0xFFFFFFFF && impDLLNumber < 1000)
{ {
return((void*)impDLLStringList[impDLLNumber][0]); return((void*)impDLLStringList[impDLLNumber][0]);
@ -18689,7 +18715,7 @@ __declspec(dllexport) void* TITCALL ImporterGetLastAddedDLLName()
else else
{ {
return(NULL); return(NULL);
} }*/
} }
__declspec(dllexport) void TITCALL ImporterMoveIAT() __declspec(dllexport) void TITCALL ImporterMoveIAT()
{ {
@ -18705,7 +18731,9 @@ __declspec(dllexport) bool TITCALL ImporterExportIAT(ULONG_PTR StorePlace, ULONG
} }
__declspec(dllexport) long TITCALL ImporterEstimatedSize() __declspec(dllexport) long TITCALL ImporterEstimatedSize()
{ {
//TODO scylla enable
return 0;
/*
int i = 0; int i = 0;
DWORD DLLNumber = NULL; DWORD DLLNumber = NULL;
long EstimatedSize = 0x200; long EstimatedSize = 0x200;
@ -18730,6 +18758,7 @@ __declspec(dllexport) long TITCALL ImporterEstimatedSize()
} }
} }
return(EstimatedSize); return(EstimatedSize);
*/
} }
__declspec(dllexport) bool TITCALL ImporterExportIATEx(char* szDumpFileName, char* szExportFileName, char* szSectionName) __declspec(dllexport) bool TITCALL ImporterExportIATEx(char* szDumpFileName, char* szExportFileName, char* szSectionName)
{ {
@ -18760,7 +18789,8 @@ __declspec(dllexport) bool TITCALL ImporterExportIATExW(wchar_t* szDumpFileName,
} }
__declspec(dllexport) long long TITCALL ImporterFindAPIWriteLocation(char* szAPIName) __declspec(dllexport) long long TITCALL ImporterFindAPIWriteLocation(char* szAPIName)
{ {
//TODO scylla enable
/*
int i = 0; int i = 0;
int j = 0; int j = 0;
DWORD DLLNumber = NULL; DWORD DLLNumber = NULL;
@ -18812,6 +18842,7 @@ __declspec(dllexport) long long TITCALL ImporterFindAPIWriteLocation(char* szAPI
} }
} }
} }
*/
return(NULL); return(NULL);
} }
__declspec(dllexport) long long TITCALL ImporterFindOrdinalAPIWriteLocation(ULONG_PTR OrdinalNumber) __declspec(dllexport) long long TITCALL ImporterFindOrdinalAPIWriteLocation(ULONG_PTR OrdinalNumber)
@ -18820,7 +18851,8 @@ __declspec(dllexport) long long TITCALL ImporterFindOrdinalAPIWriteLocation(ULON
} }
__declspec(dllexport) long long TITCALL ImporterFindAPIByWriteLocation(ULONG_PTR APIWriteLocation) __declspec(dllexport) long long TITCALL ImporterFindAPIByWriteLocation(ULONG_PTR APIWriteLocation)
{ {
//TODO scylla enable
/*
int i = 0; int i = 0;
DWORD DLLNumber = NULL; DWORD DLLNumber = NULL;
LPVOID NameReadPlace = NULL; LPVOID NameReadPlace = NULL;
@ -18849,12 +18881,13 @@ __declspec(dllexport) long long TITCALL ImporterFindAPIByWriteLocation(ULONG_PTR
DLLNumber--; DLLNumber--;
i++; i++;
} }
} }*/
return(NULL); return(NULL);
} }
__declspec(dllexport) long long TITCALL ImporterFindDLLByWriteLocation(ULONG_PTR APIWriteLocation) __declspec(dllexport) long long TITCALL ImporterFindDLLByWriteLocation(ULONG_PTR APIWriteLocation)
{ {
//TODO scylla enable
/*
int i = 0; int i = 0;
DWORD DLLNumber = NULL; DWORD DLLNumber = NULL;
LPVOID NameReadPlace = NULL; LPVOID NameReadPlace = NULL;
@ -18882,7 +18915,7 @@ __declspec(dllexport) long long TITCALL ImporterFindDLLByWriteLocation(ULONG_PTR
DLLNumber--; DLLNumber--;
i++; i++;
} }
} }*/
return(NULL); return(NULL);
} }
__declspec(dllexport) void* TITCALL ImporterGetDLLName(ULONG_PTR APIAddress) __declspec(dllexport) void* TITCALL ImporterGetDLLName(ULONG_PTR APIAddress)
@ -19052,7 +19085,8 @@ __declspec(dllexport) long long TITCALL ImporterGetRemoteDLLBaseEx(HANDLE hProce
} }
__declspec(dllexport) bool TITCALL ImporterRelocateWriteLocation(ULONG_PTR AddValue) __declspec(dllexport) bool TITCALL ImporterRelocateWriteLocation(ULONG_PTR AddValue)
{ {
//TODO scylla obsoleted this
/*
unsigned int i; unsigned int i;
ULONG_PTR RealignData = NULL; ULONG_PTR RealignData = NULL;
@ -19080,6 +19114,7 @@ __declspec(dllexport) bool TITCALL ImporterRelocateWriteLocation(ULONG_PTR AddVa
{ {
return(false); return(false);
} }
*/
return(false); return(false);
} }
__declspec(dllexport) bool TITCALL ImporterIsForwardedAPI(HANDLE hProcess, ULONG_PTR APIAddress) __declspec(dllexport) bool TITCALL ImporterIsForwardedAPI(HANDLE hProcess, ULONG_PTR APIAddress)
@ -19242,7 +19277,9 @@ __declspec(dllexport) bool TITCALL ImporterLoadImportTable(char* szFileName)
} }
__declspec(dllexport) bool TITCALL ImporterLoadImportTableW(wchar_t* szFileName) __declspec(dllexport) bool TITCALL ImporterLoadImportTableW(wchar_t* szFileName)
{ {
//TODO scylla enable
return false;
/*
PIMAGE_DOS_HEADER DOSHeader; PIMAGE_DOS_HEADER DOSHeader;
PIMAGE_NT_HEADERS32 PEHeader32; PIMAGE_NT_HEADERS32 PEHeader32;
PIMAGE_NT_HEADERS64 PEHeader64; PIMAGE_NT_HEADERS64 PEHeader64;
@ -19383,6 +19420,7 @@ __declspec(dllexport) bool TITCALL ImporterLoadImportTableW(wchar_t* szFileName)
} }
UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA); UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA);
return(false); return(false);
*/
} }
__declspec(dllexport) bool TITCALL ImporterMoveOriginalIAT(char* szOriginalFile, char* szDumpFile, char* szSectionName) __declspec(dllexport) bool TITCALL ImporterMoveOriginalIAT(char* szOriginalFile, char* szDumpFile, char* szSectionName)
{ {
@ -19452,7 +19490,9 @@ __declspec(dllexport) void TITCALL ImporterAutoSearchIATEx(DWORD ProcessId, ULON
} }
__declspec(dllexport) void TITCALL ImporterEnumAddedData(LPVOID EnumCallBack) __declspec(dllexport) void TITCALL ImporterEnumAddedData(LPVOID EnumCallBack)
{ {
//TODO scylla enable
return;
/*
int i = 0; int i = 0;
int j = 0; int j = 0;
int x = 0; int x = 0;
@ -19529,6 +19569,7 @@ __declspec(dllexport) void TITCALL ImporterEnumAddedData(LPVOID EnumCallBack)
i++; i++;
} }
} }
*/
} }
__declspec(dllexport) long TITCALL ImporterAutoFixIATEx(DWORD ProcessId, char* szDumpedFile, char* szSectionName, bool DumpRunningProcess, bool RealignFile, ULONG_PTR EntryPointAddress, ULONG_PTR ImageBase, ULONG_PTR SearchStart, bool TryAutoFix, bool FixEliminations, LPVOID UnknownPointerFixCallback) __declspec(dllexport) long TITCALL ImporterAutoFixIATEx(DWORD ProcessId, char* szDumpedFile, char* szSectionName, bool DumpRunningProcess, bool RealignFile, ULONG_PTR EntryPointAddress, ULONG_PTR ImageBase, ULONG_PTR SearchStart, bool TryAutoFix, bool FixEliminations, LPVOID UnknownPointerFixCallback)
{ {

57
scylla_integration.txt Normal file
View File

@ -0,0 +1,57 @@
scylla-integration possible TODO
obsolete functions:
Init
SetImageBase
Cleanup
MoveIAT
RelocateWriteLocation //only used for MoveIAT
SetUnknownDelta //only used for MoveIAT
GetCurrentDelta //only used for MoveIAT
defunct until scylla-enabled:
AddNewDLL
AddNewAPI
AddNewOrdinal
GetLastAddedDLLName
GetAddedDllCount
GetAddedAPICount
EnumAddedData //useful for investigating complete iat moduleList
EstimatedSize
GetDLLIndexEx
GetDLLIndex
FindAPIWriteLocation
FindOrdinalAPIWriteLocation
FindAPIByWriteLocation
FindDLLByWriteLocation
LoadImportTable
MoveOriginalIAT
questionable if working, all proxy to EngineGlobalAPIHandler which is buggy
GetDLLName -> EngineGlobalAPIHandler
GetAPIName -> EngineGlobalAPIHandler
GetAPINameEx -> EngineGlobalAPIHandler
GetAPIOrdinalNumber -> EngineGlobalAPIHandler
GetRemoteAPIAddress -> EngineGlobalAPIHandler
GetLocalAPIAddress-> EngineGlobalAPIHandler
GetDLLNameFromDebuggee-> EngineGlobalAPIHandler
GetAPIOrdinalNumberFromDebuggee -> EngineGlobalAPIHandler
GetRemoteDLLBase -> EngineGlobalAPIHandler
IsForwardedAPI -> EngineGlobalAPIHandler
GetForwardedAPIName- > EngineGlobalAPIHandler
GetForwardedAPIOrdinalNumber -> EngineGlobalAPIHandler
GetForwardedDLLName -> EngineGlobalAPIHandler
GetNearestAPIAddress -> EngineGlobalAPIHandler
GetNearestAPIName -> EngineGlobalAPIHandler
no change required:
CopyOriginalIAT
GetRemoteAPIAddressEX
GetRemoteDLLBaseEX