Page Menu
Home
desp's stash
Search
Configure Global Search
Log In
Files
F554379
IATSearch.h
No One
Temporary
Actions
Download File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Size
1 KB
Subscribers
None
IATSearch.h
View Options
#pragma once
#include
"ApiReader.h"
#include
<set>
class
IATSearch
:
protected
ApiReader
{
public
:
DWORD_PTR
memoryAddress
;
SIZE_T
memorySize
;
bool
searchImportAddressTableInProcess
(
DWORD_PTR
startAddress
,
DWORD_PTR
*
addressIAT
,
DWORD
*
sizeIAT
,
bool
advanced
);
private
:
DWORD_PTR
findAPIAddressInIAT
(
DWORD_PTR
startAddress
);
bool
findIATAdvanced
(
DWORD_PTR
startAddress
,
DWORD_PTR
*
addressIAT
,
DWORD
*
sizeIAT
);
DWORD_PTR
findNextFunctionAddress
();
DWORD_PTR
findIATPointer
();
//DWORD_PTR findAddressFromWORDString(char * stringBuffer);
//DWORD_PTR findAddressFromNormalCALLString(char * stringBuffer);
bool
isIATPointerValid
(
DWORD_PTR
iatPointer
);
bool
findIATStartAndSize
(
DWORD_PTR
address
,
DWORD_PTR
*
addressIAT
,
DWORD
*
sizeIAT
);
DWORD_PTR
findIATStartAddress
(
DWORD_PTR
baseAddress
,
DWORD_PTR
startAddress
,
BYTE
*
dataBuffer
);
DWORD
findIATSize
(
DWORD_PTR
baseAddress
,
DWORD_PTR
iatAddress
,
BYTE
*
dataBuffer
,
DWORD
bufferSize
);
bool
isAddressAccessable
(
DWORD_PTR
address
);
void
findIATPointers
(
std
::
set
<
DWORD_PTR
>
&
iatPointers
);
bool
isPageExecutable
(
DWORD
value
);
void
findExecutableMemoryPagesByStartAddress
(
DWORD_PTR
startAddress
,
DWORD_PTR
*
baseAddress
,
SIZE_T
*
memorySize
);
void
filterIATPointersList
(
std
::
set
<
DWORD_PTR
>
&
iatPointers
);
};
File Metadata
Details
Attached
Mime Type
text/x-c++
Expires
Tue, Feb 10, 11:00 AM (1 d, 15 h)
Storage Engine
local-disk
Storage Format
Raw Data
Storage Handle
7c/6c/b31e1948fb41fdd9a9aa108afb5d
Attached To
rSCY Scylla
Event Timeline
Log In to Comment