diff --git a/TitanEngine/3rdparty-definitions.h b/TitanEngine/3rdparty-definitions.h index 3b33c12..fe9c523 100644 --- a/TitanEngine/3rdparty-definitions.h +++ b/TitanEngine/3rdparty-definitions.h @@ -19,6 +19,7 @@ int scylla_fixMappedDump(DWORD_PTR iatVA, DWORD_PTR FileMapVA, HANDLE hFileMap); int scylla_getModuleCount(); int scylla_getImportCount(); void scylla_enumImportTree(LPVOID enumCallBack); +long scylla_estimatedIATSize(); #ifdef __cplusplus } #endif /*__cplusplus*/ diff --git a/TitanEngine/TitanEngine.cpp b/TitanEngine/TitanEngine.cpp index f7f5f9a..408aabd 100644 --- a/TitanEngine/TitanEngine.cpp +++ b/TitanEngine/TitanEngine.cpp @@ -18711,34 +18711,7 @@ __declspec(dllexport) bool TITCALL ImporterExportIAT(ULONG_PTR StorePlace, ULONG } __declspec(dllexport) long TITCALL ImporterEstimatedSize() { - //TODO scylla enable - return 0; - /* - int i = 0; - DWORD DLLNumber = NULL; - long EstimatedSize = 0x200; - - if(impMoveIAT) - { - EstimatedSize = EstimatedSize + (ImporterGetAddedAPICount() * sizeof ULONG_PTR) + ((impDLLNumber + 1) * sizeof ULONG_PTR); - } - EstimatedSize = EstimatedSize + ((impDLLNumber + 2) * sizeof IMAGE_IMPORT_DESCRIPTOR); - DLLNumber = impDLLNumber + 1; - while(DLLNumber > NULL) - { - EstimatedSize = EstimatedSize + (DWORD)(impDLLStringList[i][1] - impDLLStringList[i][0]); - DLLNumber--; - i++; - } - for(i = 0; i < 1000; i++) - { - if(impOrdinalList[i][0] != NULL && impOrdinalList[i][1] != NULL) - { - EstimatedSize = EstimatedSize + sizeof ULONG_PTR; - } - } - return(EstimatedSize); - */ + return scylla_estimatedIATSize(); } __declspec(dllexport) bool TITCALL ImporterExportIATEx(char* szDumpFileName, char* szExportFileName, char* szSectionName) { diff --git a/TitanEngine/scylla_wrapper_x64.lib b/TitanEngine/scylla_wrapper_x64.lib index 7a81f94..94b44f2 100644 Binary files a/TitanEngine/scylla_wrapper_x64.lib and b/TitanEngine/scylla_wrapper_x64.lib differ diff --git a/TitanEngine/scylla_wrapper_x86.lib b/TitanEngine/scylla_wrapper_x86.lib index 29d256a..15a9416 100644 Binary files a/TitanEngine/scylla_wrapper_x86.lib and b/TitanEngine/scylla_wrapper_x86.lib differ diff --git a/TitanEngine/scylla_wrapperd_x64.lib b/TitanEngine/scylla_wrapperd_x64.lib index 657d0de..3c82f21 100644 Binary files a/TitanEngine/scylla_wrapperd_x64.lib and b/TitanEngine/scylla_wrapperd_x64.lib differ diff --git a/TitanEngine/scylla_wrapperd_x86.lib b/TitanEngine/scylla_wrapperd_x86.lib index e97e826..00ddce8 100644 Binary files a/TitanEngine/scylla_wrapperd_x86.lib and b/TitanEngine/scylla_wrapperd_x86.lib differ diff --git a/readme.txt b/readme.txt index 1ab4650..6f74439 100644 --- a/readme.txt +++ b/readme.txt @@ -1,4 +1,4 @@ -This is a fixed version of TitanEngine v2.0.3 +This is a bugfixed & enhanced version of TitanEngine v2.0.3 The following things have been fixed/added (list might be incomplete): - fixed memory breakpoints in general @@ -14,5 +14,18 @@ The following things have been fixed/added (list might be incomplete): - supports multiple calling conventions (including the callbacks) - MinGW import libraries - fixed exception handling +- Importer functions use Scyllas business logic now, much more accurate +- updated distorm lib to v3, was v1 +- countless code improvements -NOTE: LUA, Python, MASM and Delphi might not work correctly. \ No newline at end of file +NOTE: LUA, Python, MASM and Delphi might not work correctly + Mainly because their headers havent been adjusted + to these changes. However this is easy. Compare with + C/C++ headers, fix it up and send us. + + +If you are good with these kinda codes, please help review, do pull-requests, +and criticize what you think can be be improved ! + +You can discuss with us here +http://forum.tuts4you.com/forum/138-titanengine-community-edition/ \ No newline at end of file diff --git a/scylla_integration.txt b/scylla_integration.txt index b2841ff..0cb0e53 100644 --- a/scylla_integration.txt +++ b/scylla_integration.txt @@ -13,19 +13,18 @@ GetCurrentDelta //only used for MoveIAT defunct until scylla-enabled: -AddNewDLL -AddNewAPI -AddNewOrdinal -GetLastAddedDLLName -EstimatedSize -GetDLLIndexEx -GetDLLIndex -FindAPIWriteLocation -FindOrdinalAPIWriteLocation -FindAPIByWriteLocation -FindDLLByWriteLocation -LoadImportTable -MoveOriginalIAT +* AddNewDLL +* AddNewAPI +AddNewOrdinal -> AddNewAPI +GetLastAddedDLLName -> no scylla export needed, just rewrite +* GetDLLIndexEx +* GetDLLIndex +* FindAPIWriteLocation +FindOrdinalAPIWriteLocation -> FindAPIWriteLocation +* FindAPIByWriteLocation +* FindDLLByWriteLocation +* LoadImportTable +* MoveOriginalIAT questionable if working, all proxy to EngineGlobalAPIHandler which is buggy