libPeConv
A library to load, manipulate, dump PE files.
Loading...
Searching...
No Matches
hooks.h
Go to the documentation of this file.
1
6#pragma once
7
8#include <windows.h>
9#include "function_resolver.h"
10
11#include <iostream>
12#include <string>
13#include <map>
14#include "peconv/buffer_util.h"
15
16namespace peconv {
17
21 class PatchBackup {
22 public:
26 PatchBackup()
27 : buffer(nullptr), bufferSize(0), sourcePtr(nullptr)
28 {
29 }
30
31 ~PatchBackup() {
32 deleteBackup();
33 }
34
38 void deleteBackup()
39 {
40 if (buffer) {
41 delete[] buffer;
42 bufferSize = 0;
43 sourcePtr = nullptr;
44 }
45 }
46
50 bool makeBackup(BYTE *patch_ptr, size_t patch_size);
51
55 bool applyBackup();
56
60 bool isBackup()
61 {
62 return buffer != nullptr;
63 }
64
65 protected:
66 BYTE *buffer;
67 size_t bufferSize;
68
69 BYTE *sourcePtr;
70 };
71
72
76 class hooking_func_resolver : peconv::default_func_resolver {
77 public:
83 void add_hook(const std::string &name, FARPROC function)
84 {
85 hooks_map[name] = function;
86 }
87
93 void replace_dll(std::string dll_name, const std::string &new_dll)
94 {
95 dll_replacements_map[dll_name] = new_dll;
96 }
97
104 virtual FARPROC resolve_func(LPCSTR lib_name, LPCSTR func_name);
105
106 private:
107 std::map<std::string, FARPROC> hooks_map;
108 std::map<std::string, std::string> dll_replacements_map;
109 };
110
119 size_t redirect_to_local64(void *ptr, ULONGLONG new_offset, PatchBackup* backup = nullptr);
120
129 size_t redirect_to_local32(void *ptr, DWORD new_offset, PatchBackup* backup = nullptr);
130
139 size_t redirect_to_local(void *ptr, void* new_function_ptr, PatchBackup* backup = nullptr);
140
144 bool replace_target(BYTE *ptr, ULONGLONG dest_addr);
145
146};//namespace peconv
buffer_util.h
Definitions of the used buffer types. Functions for their allocation and deallocation.
peconv::PatchBackup::bufferSize
size_t bufferSize
Definition hooks.h:67
peconv::PatchBackup::sourcePtr
BYTE * sourcePtr
Definition hooks.h:69
peconv::PatchBackup::deleteBackup
void deleteBackup()
Definition hooks.h:38
peconv::PatchBackup::makeBackup
bool makeBackup(BYTE *patch_ptr, size_t patch_size)
Definition hooks.cpp:50
peconv::PatchBackup::isBackup
bool isBackup()
Definition hooks.h:60
peconv::default_func_resolver
Definition function_resolver.h:28
peconv::hooking_func_resolver
Definition hooks.h:76
peconv::hooking_func_resolver::add_hook
void add_hook(const std::string &name, FARPROC function)
Definition hooks.h:83
peconv::hooking_func_resolver::resolve_func
virtual FARPROC resolve_func(LPCSTR lib_name, LPCSTR func_name)
Definition hooks.cpp:81
peconv::hooking_func_resolver::replace_dll
void replace_dll(std::string dll_name, const std::string &new_dll)
Definition hooks.h:93
function_resolver.h
Definitions of basic Imports Resolver classes. They can be used for filling imports when the PE is lo...
peconv::replace_target
bool replace_target(BYTE *ptr, ULONGLONG dest_addr)
Definition hooks.cpp:210
peconv::redirect_to_local32
size_t redirect_to_local32(void *ptr, DWORD new_offset, PatchBackup *backup=nullptr)
Definition hooks.cpp:142
peconv::redirect_to_local64
size_t redirect_to_local64(void *ptr, ULONGLONG new_offset, PatchBackup *backup=nullptr)
Definition hooks.cpp:107
peconv::redirect_to_local
size_t redirect_to_local(void *ptr, void *new_function_ptr, PatchBackup *backup=nullptr)
Definition hooks.cpp:177
Generated on Thu Apr 11 2024 16:32:36 for libPeConv by doxygen 1.10.0