libPeConv
A library to load, manipulate, dump PE files.
Loading...
Searching...
No Matches
hooks.h
Go to the documentation of this file.
1
5
6#pragma once
7
8#include <windows.h>
9#include "function_resolver.h"
10
11#include <iostream>
12#include <string>
13#include <map>
14#include "peconv/buffer_util.h"
15
16namespace peconv {
17
21 class PatchBackup {
22 public:
26 PatchBackup()
27 : buffer(nullptr), bufferSize(0), sourcePtr(nullptr)
28 {
29 }
30
31 ~PatchBackup() {
32 deleteBackup();
33 }
34
38 void deleteBackup()
39 {
40 if (buffer) {
41 delete[] buffer;
42 buffer = nullptr;
43 bufferSize = 0;
44 sourcePtr = nullptr;
45 }
46 }
47
51 bool makeBackup(BYTE *patch_ptr, size_t patch_size);
52
56 bool applyBackup();
57
61 bool isBackup()
62 {
63 return buffer != nullptr;
64 }
65
66 protected:
67 BYTE *buffer;
68 size_t bufferSize;
69
70 BYTE *sourcePtr;
71 };
72
73
77 class hooking_func_resolver : peconv::default_func_resolver {
78 public:
84 void add_hook(const std::string &name, FARPROC function)
85 {
86 hooks_map[name] = function;
87 }
88
94 void replace_dll(std::string dll_name, const std::string &new_dll)
95 {
96 dll_replacements_map[dll_name] = new_dll;
97 }
98
105 virtual FARPROC resolve_func(LPCSTR lib_name, LPCSTR func_name);
106
107 private:
108 std::map<std::string, FARPROC> hooks_map;
109 std::map<std::string, std::string> dll_replacements_map;
110 };
111
120 size_t redirect_to_local64(void *ptr, ULONGLONG new_offset, PatchBackup* backup = nullptr);
121
130 size_t redirect_to_local32(void *ptr, DWORD new_offset, PatchBackup* backup = nullptr);
131
140 size_t redirect_to_local(void *ptr, void* new_function_ptr, PatchBackup* backup = nullptr);
141
145 bool replace_target(BYTE *ptr, ULONGLONG dest_addr);
146
147};//namespace peconv
buffer_util.h
Definitions of the used buffer types. Functions for their allocation and deallocation.
peconv::PatchBackup::bufferSize
size_t bufferSize
Definition hooks.h:68
peconv::PatchBackup::sourcePtr
BYTE * sourcePtr
Definition hooks.h:70
peconv::PatchBackup::deleteBackup
void deleteBackup()
Definition hooks.h:38
peconv::PatchBackup::makeBackup
bool makeBackup(BYTE *patch_ptr, size_t patch_size)
Definition hooks.cpp:51
peconv::PatchBackup::isBackup
bool isBackup()
Definition hooks.h:61
peconv::default_func_resolver
Definition function_resolver.h:30
peconv::hooking_func_resolver
Definition hooks.h:77
peconv::hooking_func_resolver::add_hook
void add_hook(const std::string &name, FARPROC function)
Definition hooks.h:84
peconv::hooking_func_resolver::resolve_func
virtual FARPROC resolve_func(LPCSTR lib_name, LPCSTR func_name)
Definition hooks.cpp:82
peconv::hooking_func_resolver::replace_dll
void replace_dll(std::string dll_name, const std::string &new_dll)
Definition hooks.h:94
function_resolver.h
Definitions of basic Imports Resolver classes. They can be used for filling imports when the PE is lo...
peconv::replace_target
bool replace_target(BYTE *ptr, ULONGLONG dest_addr)
Definition hooks.cpp:207
peconv::redirect_to_local32
size_t redirect_to_local32(void *ptr, DWORD new_offset, PatchBackup *backup=nullptr)
Definition hooks.cpp:139
peconv::redirect_to_local64
size_t redirect_to_local64(void *ptr, ULONGLONG new_offset, PatchBackup *backup=nullptr)
Definition hooks.cpp:104
peconv::redirect_to_local
size_t redirect_to_local(void *ptr, void *new_function_ptr, PatchBackup *backup=nullptr)
Definition hooks.cpp:174
Generated on for libPeConv by doxygen 1.16.1