bool SyringeDebugger::RetrieveInfo(std::string filename) { bControlLoaded = false; exe = std::move(filename); Log::WriteLine("SyringeDebugger::RetrieveInfo: Retrieving info from the executable file..."); PortableExecutable pe(exe); if(pe.IsValid()) { DWORD dwImageBase = pe.GetImageBase(); //Creation time stamp dwTimeStamp = pe.GetPEHeader().FileHeader.TimeDateStamp; //Entry point pcEntryPoint = reinterpret_cast<void*>(dwImageBase + pe.GetPEHeader().OptionalHeader.AddressOfEntryPoint); //Get Imports pImLoadLibrary = nullptr; pImGetProcAddress = nullptr; for(const auto& import : pe.GetImports()) { if(_strcmpi(import.Name.c_str(), "KERNEL32.DLL") == 0) { for(const auto& thunk : import.vecThunkData) { if(_strcmpi(thunk.Name.c_str(), "GETPROCADDRESS") == 0) { pImGetProcAddress = reinterpret_cast<void*>(dwImageBase + thunk.Address); } else if(_strcmpi(thunk.Name.c_str(), "LOADLIBRARYA") == 0) { pImLoadLibrary = reinterpret_cast<void*>(dwImageBase + thunk.Address); } } } } if(!pImGetProcAddress || !pImLoadLibrary) { Log::WriteLine("SyringeDebugger::RetrieveInfo: ERROR: Either a LoadLibraryA or a GetProcAddress import could not be found!"); return false; } } else { Log::WriteLine("SyringeDebugger::RetrieveInfo: Failed to open the executable!"); return false; } // read meta information: size and checksum ifstream is; is.open(exe, ifstream::binary); is.seekg(0, ifstream::end); dwExeSize = static_cast<DWORD>(is.tellg()); is.seekg(0, ifstream::beg); CRC32 crc; char buffer[0x1000]; while(std::streamsize read = is.read(buffer, sizeof(buffer)).gcount()) { crc.compute(buffer, read); } dwExeCRC = crc.value(); is.close(); Log::WriteLine("SyringeDebugger::RetrieveInfo: Executable information successfully retrieved."); Log::WriteLine("\texe = %s", exe.c_str()); Log::WriteLine("\tpImLoadLibrary = 0x%08X", pImLoadLibrary); Log::WriteLine("\tpImGetProcAddress = 0x%08X", pImGetProcAddress); Log::WriteLine("\tpcEntryPoint = 0x%08X", pcEntryPoint); Log::WriteLine("\tdwExeSize = 0x%08X", dwExeSize); Log::WriteLine("\tdwExeCRC = 0x%08X", dwExeCRC); Log::WriteLine("\tdwTimestamp = 0x%08X", dwTimeStamp); Log::WriteLine(); Log::WriteLine("SyringeDebugger::RetrieveInfo: Opening %s to determine imports.", exe.c_str()); bControlLoaded = true; return true; }