Page Menu
Home
desp's stash
Search
Configure Global Search
Log In
Files
F629021
FunctionExport.cpp
No One
Temporary
Actions
Download File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Size
3 KB
Subscribers
None
FunctionExport.cpp
View Options
#include
<windows.h>
#include
"PeParser.h"
#include
"ProcessAccessHelp.h"
#include
"Scylla.h"
#include
"Architecture.h"
#include
"FunctionExport.h"
extern
HINSTANCE
hDllModule
;
WCHAR
*
WINAPI
ScyllaVersionInformationW
()
{
return
APPNAME
L
" "
ARCHITECTURE
L
" "
APPVERSION
;
}
char
*
WINAPI
ScyllaVersionInformationA
()
{
return
APPNAME_S
" "
ARCHITECTURE_S
" "
APPVERSION_S
;
}
DWORD
WINAPI
ScyllaVersionInformationDword
()
{
return
APPVERSIONDWORD
;
}
BOOL
DumpProcessW
(
const
WCHAR
*
fileToDump
,
DWORD_PTR
imagebase
,
DWORD_PTR
entrypoint
,
const
WCHAR
*
fileResult
)
{
PeParser
*
peFile
=
0
;
if
(
fileToDump
)
{
peFile
=
new
PeParser
(
fileToDump
,
true
);
}
else
{
peFile
=
new
PeParser
(
imagebase
,
true
);
}
return
peFile
->
dumpProcess
(
imagebase
,
entrypoint
,
fileResult
);
}
BOOL
WINAPI
ScyllaRebuildFileW
(
const
WCHAR
*
fileToRebuild
,
BOOL
removeDosStub
,
BOOL
updatePeHeaderChecksum
,
BOOL
createBackup
)
{
if
(
createBackup
)
{
if
(
!
ProcessAccessHelp
::
createBackupFile
(
fileToRebuild
))
{
return
FALSE
;
}
}
PeParser
peFile
(
fileToRebuild
,
true
);
if
(
peFile
.
readPeSectionsFromFile
())
{
peFile
.
setDefaultFileAlignment
();
if
(
removeDosStub
)
{
peFile
.
removeDosStub
();
}
peFile
.
alignAllSectionHeaders
();
peFile
.
fixPeHeader
();
if
(
peFile
.
savePeFileToDisk
(
fileToRebuild
))
{
if
(
updatePeHeaderChecksum
)
{
PeParser
::
updatePeHeaderChecksum
(
fileToRebuild
,
(
DWORD
)
ProcessAccessHelp
::
getFileSize
(
fileToRebuild
));
}
return
TRUE
;
}
}
return
FALSE
;
}
BOOL
WINAPI
ScyllaRebuildFileA
(
const
char
*
fileToRebuild
,
BOOL
removeDosStub
,
BOOL
updatePeHeaderChecksum
,
BOOL
createBackup
)
{
WCHAR
fileToRebuildW
[
MAX_PATH
];
if
(
MultiByteToWideChar
(
CP_ACP
,
0
,
fileToRebuild
,
-
1
,
fileToRebuildW
,
_countof
(
fileToRebuildW
))
==
0
)
{
return
FALSE
;
}
return
ScyllaRebuildFileW
(
fileToRebuildW
,
removeDosStub
,
updatePeHeaderChecksum
,
createBackup
);
}
BOOL
WINAPI
ScyllaDumpCurrentProcessW
(
const
WCHAR
*
fileToDump
,
DWORD_PTR
imagebase
,
DWORD_PTR
entrypoint
,
const
WCHAR
*
fileResult
)
{
ProcessAccessHelp
::
setCurrentProcessAsTarget
();
return
DumpProcessW
(
fileToDump
,
imagebase
,
entrypoint
,
fileResult
);
}
BOOL
WINAPI
ScyllaDumpProcessW
(
DWORD_PTR
pid
,
const
WCHAR
*
fileToDump
,
DWORD_PTR
imagebase
,
DWORD_PTR
entrypoint
,
const
WCHAR
*
fileResult
)
{
if
(
ProcessAccessHelp
::
openProcessHandle
((
DWORD
)
pid
))
{
return
DumpProcessW
(
fileToDump
,
imagebase
,
entrypoint
,
fileResult
);
}
else
{
return
FALSE
;
}
}
BOOL
WINAPI
ScyllaDumpCurrentProcessA
(
const
char
*
fileToDump
,
DWORD_PTR
imagebase
,
DWORD_PTR
entrypoint
,
const
char
*
fileResult
)
{
WCHAR
fileToDumpW
[
MAX_PATH
];
WCHAR
fileResultW
[
MAX_PATH
];
if
(
fileResult
==
0
)
{
return
FALSE
;
}
if
(
MultiByteToWideChar
(
CP_ACP
,
0
,
fileResult
,
-
1
,
fileResultW
,
_countof
(
fileResultW
))
==
0
)
{
return
FALSE
;
}
if
(
fileToDump
!=
0
)
{
if
(
MultiByteToWideChar
(
CP_ACP
,
0
,
fileToDump
,
-
1
,
fileToDumpW
,
_countof
(
fileToDumpW
))
==
0
)
{
return
FALSE
;
}
return
ScyllaDumpCurrentProcessW
(
fileToDumpW
,
imagebase
,
entrypoint
,
fileResultW
);
}
else
{
return
ScyllaDumpCurrentProcessW
(
0
,
imagebase
,
entrypoint
,
fileResultW
);
}
}
BOOL
WINAPI
ScyllaDumpProcessA
(
DWORD_PTR
pid
,
const
char
*
fileToDump
,
DWORD_PTR
imagebase
,
DWORD_PTR
entrypoint
,
const
char
*
fileResult
)
{
WCHAR
fileToDumpW
[
MAX_PATH
];
WCHAR
fileResultW
[
MAX_PATH
];
if
(
fileResult
==
0
)
{
return
FALSE
;
}
if
(
MultiByteToWideChar
(
CP_ACP
,
0
,
fileResult
,
-
1
,
fileResultW
,
_countof
(
fileResultW
))
==
0
)
{
return
FALSE
;
}
if
(
fileToDump
!=
0
)
{
if
(
MultiByteToWideChar
(
CP_ACP
,
0
,
fileToDump
,
-
1
,
fileToDumpW
,
_countof
(
fileToDumpW
))
==
0
)
{
return
FALSE
;
}
return
ScyllaDumpProcessW
(
pid
,
fileToDumpW
,
imagebase
,
entrypoint
,
fileResultW
);
}
else
{
return
ScyllaDumpProcessW
(
pid
,
0
,
imagebase
,
entrypoint
,
fileResultW
);
}
}
INT
WINAPI
ScyllaStartGui
(
DWORD
dwProcessId
,
HINSTANCE
mod
)
{
GUI_DLL_PARAMETER
guiParam
;
guiParam
.
dwProcessId
=
dwProcessId
;
guiParam
.
mod
=
mod
;
return
InitializeGui
(
hDllModule
,
(
LPARAM
)
&
guiParam
);
}
File Metadata
Details
Attached
Mime Type
text/x-c
Expires
Fri, Apr 24, 9:42 AM (1 h, 54 m)
Storage Engine
local-disk
Storage Format
Raw Data
Storage Handle
db/33/14b8e8622d530d4ea45318c5838d
Attached To
rSCY Scylla
Event Timeline
Log In to Comment