Esempi in C++ (Cpp) per MyRtlPcToFileHeader

Linguaggio di programmazione: C++ (Cpp)

Metodo/funzione: MyRtlPcToFileHeader

Esempi su hotexamples.com: 3

MyRtlPcToFileHeader in C++ (Cpp): 3 esempi trovati. Questi sono i migliori esempi reali in C++ (Cpp) per MyRtlPcToFileHeader, estratti da progetti open source. Li puoi valutare, per aiutarci a migliorare la qualità dei nostri esempi.

Esempio n. 1

Mostra file

File: iatstuff.cpp Progetto: philicious/hacnpx

ULONG_PTR ImportEntryModule(ULONG_PTR Start)
{
    ULONG_PTR Current;
    std::map<ULONG_PTR, int> ModuleBaseMap;
    ULONG_PTR BaseAddr = 0;
    int max = 0;

    for (Current = Start; *(PULONG_PTR)Current != 0; Current += SIZE_IMPORT_ENTRY) {
        if (!IsBadReadMemory((PVOID)Current, SIZE_IMPORT_ENTRY) && !IsBadReadMemory((PVOID)*(PULONG_PTR)Current, SIZE_IMPORT_ENTRY)) {
            DbgMsg("[+] "HEX_FORMAT"\n", *(PULONG_PTR)Current);
            if (MyRtlPcToFileHeader(*(PULONG_PTR)Current, &BaseAddr) == TRUE) {
                ModuleBaseMap[BaseAddr] += 1;
            }
        }
    }
    for (std::map<ULONG_PTR, int>::iterator it = ModuleBaseMap.begin(); it != ModuleBaseMap.end(); ++it) {
        if (it->second > max)
            max = it->second;
            BaseAddr = it->first;
    }
    if (CheckIfTwiceFreq(ModuleBaseMap, max) == TRUE) {
        DbgMsg("[-] ImportEntryModule - NEED TO FIX MANUALLY\n");
        ExitProcess(42);
    }
    return BaseAddr;
}

Esempio n. 2

Mostra file

File: utils.cpp Progetto: w4kfu/hacnpx

VOID FillPeInfo(VOID)
{
    pinfo.ModuleBase = (ULONG_PTR)GetModuleHandleA(NULL);
    pinfo.ModuleSize = (DWORD)ParsePE(pinfo.ModuleBase, SIZE_OF_IMAGE);
    pinfo.ModuleNbSections = (DWORD)ParsePE(pinfo.ModuleBase, NB_SECTIONS);
    pinfo.ModuleSections = (ULONG_PTR)ParsePE(pinfo.ModuleBase, PE_SECTIONS);
    pinfo.EntryPoint = (DWORD)ParsePE(pinfo.ModuleBase, ENTRY_POINT);
    MyRtlPcToFileHeader((ULONG_PTR)&pinfo, &pinfo.ModuleInjectedBase);
    pinfo.ModuleInjectedSize = (DWORD)ParsePE(pinfo.ModuleInjectedBase, SIZE_OF_IMAGE);
    PrintPeInfo();
}

Esempio n. 3

Mostra file

File: utils.cpp Progetto: w4kfu/hacnpx

VOID HideIt(VOID)
{
    ULONG_PTR BaseOfImage = 0x00;
    PPEB_LDR_DATA PedLdrData = NULL;
    PPEB Peb = NULL;

    if (MyRtlPcToFileHeader((ULONG_PTR)&HideIt, &BaseOfImage) == FALSE) {
        DbgMsg("[-] MyRtlPcToFileHeader failed\n");
    }
    Peb = GetPeb();
    PedLdrData = Peb->Ldr;
    HideFromInLoadOrderModuleList(&PedLdrData->InLoadOrderLinks, BaseOfImage);
    HideFromInMemoryOrderModuleList(&PedLdrData->InMemoryOrderLinks, BaseOfImage);
    HideFromInInitializationOrderModuleList(&PedLdrData->InInitializationOrderLinks, BaseOfImage);
}