From bdaae76d9df4ee6cd292421c1aff89d72cbfce87 Mon Sep 17 00:00:00 2001 From: mrexodia Date: Sat, 27 Aug 2016 21:03:42 +0200 Subject: [PATCH] added UE_DLLCHARACTERISTICS --- SDK/C/TitanEngine.h | 1 + SDK/CPP/TitanEngine.h | 1 + SDK/CPP/TitanEngine.hpp | 3 ++- TitanEngine/TitanEngine.PE.Data.cpp | 18 ++++++++++++++++++ TitanEngine/TitanEngine.Resourcer.cpp | 8 ++++---- TitanEngine/stdafx.h | 1 + 6 files changed, 27 insertions(+), 5 deletions(-) diff --git a/SDK/C/TitanEngine.h b/SDK/C/TitanEngine.h index 08d0148..3ed5b6e 100644 --- a/SDK/C/TitanEngine.h +++ b/SDK/C/TitanEngine.h @@ -116,6 +116,7 @@ #define UE_SECTIONRAWOFFSET 43 #define UE_SECTIONRAWSIZE 44 #define UE_SECTIONFLAGS 45 +#define UE_DLLCHARACTERISTICS 46 #define UE_VANOTFOUND = -2; diff --git a/SDK/CPP/TitanEngine.h b/SDK/CPP/TitanEngine.h index a4647be..7901ce0 100644 --- a/SDK/CPP/TitanEngine.h +++ b/SDK/CPP/TitanEngine.h @@ -112,6 +112,7 @@ const BYTE UE_SECTIONVIRTUALSIZE = 42; const BYTE UE_SECTIONRAWOFFSET = 43; const BYTE UE_SECTIONRAWSIZE = 44; const BYTE UE_SECTIONFLAGS = 45; +const BYTE UE_DLLCHARACTERISTICS = 46; const long UE_VANOTFOUND = -2; diff --git a/SDK/CPP/TitanEngine.hpp b/SDK/CPP/TitanEngine.hpp index e91fd66..4e44730 100644 --- a/SDK/CPP/TitanEngine.hpp +++ b/SDK/CPP/TitanEngine.hpp @@ -158,7 +158,8 @@ enum ePE32Data : DWORD UE_SECTIONVIRTUALSIZE = UE::UE_SECTIONVIRTUALSIZE, UE_SECTIONRAWOFFSET = UE::UE_SECTIONRAWOFFSET, UE_SECTIONRAWSIZE = UE::UE_SECTIONRAWSIZE, - UE_SECTIONFLAGS = UE::UE_SECTIONFLAGS + UE_SECTIONFLAGS = UE::UE_SECTIONFLAGS, + UE_DLLCHARACTERISTICS = UE::UE_DLLCHARACTERISTICS }; const long UE_VANOTFOUND = UE::UE_VANOTFOUND; diff --git a/TitanEngine/TitanEngine.PE.Data.cpp b/TitanEngine/TitanEngine.PE.Data.cpp index 292cffb..762fd7e 100644 --- a/TitanEngine/TitanEngine.PE.Data.cpp +++ b/TitanEngine/TitanEngine.PE.Data.cpp @@ -139,6 +139,10 @@ __declspec(dllexport) ULONG_PTR TITCALL GetPE32DataFromMappedFile(ULONG_PTR File { return(PEHeader32->OptionalHeader.NumberOfRvaAndSizes); } + else if(WhichData == UE_DLLCHARACTERISTICS) + { + return(PEHeader32->OptionalHeader.DllCharacteristics); + } else { return(0); @@ -289,6 +293,10 @@ __declspec(dllexport) ULONG_PTR TITCALL GetPE32DataFromMappedFile(ULONG_PTR File { return(PEHeader64->OptionalHeader.NumberOfRvaAndSizes); } + else if(WhichData == UE_DLLCHARACTERISTICS) + { + return(PEHeader64->OptionalHeader.DllCharacteristics); + } else { return(0); @@ -693,6 +701,11 @@ __declspec(dllexport) bool TITCALL SetPE32DataForMappedFile(ULONG_PTR FileMapVA, PEHeader32->OptionalHeader.NumberOfRvaAndSizes = (DWORD)NewDataValue; return true; } + else if(WhichData == UE_DLLCHARACTERISTICS) + { + PEHeader32->OptionalHeader.DllCharacteristics = (WORD)NewDataValue; + return true; + } else { return false; @@ -879,6 +892,11 @@ __declspec(dllexport) bool TITCALL SetPE32DataForMappedFile(ULONG_PTR FileMapVA, PEHeader64->OptionalHeader.NumberOfRvaAndSizes = (DWORD)NewDataValue; return true; } + else if(WhichData == UE_DLLCHARACTERISTICS) + { + PEHeader64->OptionalHeader.DllCharacteristics = (WORD)NewDataValue; + return true; + } else { return(0); diff --git a/TitanEngine/TitanEngine.Resourcer.cpp b/TitanEngine/TitanEngine.Resourcer.cpp index f3c5aa6..d9e6413 100644 --- a/TitanEngine/TitanEngine.Resourcer.cpp +++ b/TitanEngine/TitanEngine.Resourcer.cpp @@ -315,8 +315,8 @@ __declspec(dllexport) void TITCALL ResourcerEnumerateResourceEx(ULONG_PTR FileMa PEResourceItem = (PIMAGE_RESOURCE_DATA_ENTRY)((ULONG_PTR)PEResourcePtr + PEResourceDir2->OffsetToData); if(PEResourceDir->NameIsString) { - WORD resourceTypeLen = *(WORD*) ((ULONG_PTR)PEResourcePtr + PEResourceDir->NameOffset); - wcsncpy(uniResourceType, (wchar_t*)((ULONG_PTR)PEResourcePtr + PEResourceDir->NameOffset)+1, resourceTypeLen); + WORD resourceTypeLen = *(WORD*)((ULONG_PTR)PEResourcePtr + PEResourceDir->NameOffset); + wcsncpy(uniResourceType, (wchar_t*)((ULONG_PTR)PEResourcePtr + PEResourceDir->NameOffset) + 1, resourceTypeLen); pUniResourceType = uniResourceType; } else @@ -325,8 +325,8 @@ __declspec(dllexport) void TITCALL ResourcerEnumerateResourceEx(ULONG_PTR FileMa } if(PEResourceDir1->NameIsString) { - WORD resourceNameLen = *(WORD*) ((ULONG_PTR)PEResourcePtr + PEResourceDir1->NameOffset); - wcsncpy(uniResourceName, (wchar_t*)((ULONG_PTR)PEResourcePtr + PEResourceDir1->NameOffset)+1, resourceNameLen); + WORD resourceNameLen = *(WORD*)((ULONG_PTR)PEResourcePtr + PEResourceDir1->NameOffset); + wcsncpy(uniResourceName, (wchar_t*)((ULONG_PTR)PEResourcePtr + PEResourceDir1->NameOffset) + 1, resourceNameLen); pUniResourceName = uniResourceName; } else diff --git a/TitanEngine/stdafx.h b/TitanEngine/stdafx.h index 7dec727..6e07c94 100644 --- a/TitanEngine/stdafx.h +++ b/TitanEngine/stdafx.h @@ -509,6 +509,7 @@ typedef struct HOOK_ENTRY #define UE_SECTIONRAWOFFSET 43 #define UE_SECTIONRAWSIZE 44 #define UE_SECTIONFLAGS 45 +#define UE_DLLCHARACTERISTICS 46 #define UE_CH_BREAKPOINT 1 #define UE_CH_SINGLESTEP 2