17 std::cerr <<
"Invalid payload: " << std::hex << (
ULONGLONG)
payload << std::endl;
55 std::cerr <<
"[!] Virtual section size is out ouf bounds: " << std::hex <<
sec_size << std::endl;
57 std::cerr <<
"[!] Truncated to maximal size: " << std::hex <<
sec_size <<
", buffer size:" <<
destBufferSize << std::endl;
60 std::cerr <<
"[-] VirtualAddress of section is out ouf bounds: " << std::hex <<
next_sec->VirtualAddress << std::endl;
64 std::cerr <<
"[-] Raw section size is out ouf bounds: " << std::hex <<
sec_size << std::endl;
69 std::cerr <<
"[-] Section " <<
i <<
": out ouf bounds, skipping... " << std::endl;
74 std::cerr <<
"[-] Section " <<
i <<
": out ouf bounds, skipping... " << std::endl;
87 std::cout <<
"hdrsSize not filled, using calculated size: " << std::hex <<
hdrsSize <<
"\n";
108 std::cerr <<
"Invalid payload: " << std::hex << (
ULONGLONG)
payload << std::endl;
129 std::cerr <<
"Could not allocate memory in the current process" << std::endl;
134 std::cerr <<
"Could not copy PE file" << std::endl;
bool parse_delayed_desc(BYTE *modulePtr, const size_t moduleSize, const ULONGLONG img_base, LPSTR lib_name, const T_FIELD ordinal_flag, IMAGE_DELAYLOAD_DESCRIPTOR *desc, peconv::t_function_resolver *func_resolver)
bool validate_ptr(IN const void *buffer_bgn, IN size_t buffer_size, IN const void *field_bgn, IN size_t field_size)
ALIGNED_BUF alloc_pe_buffer(size_t buffer_size, DWORD protect, ULONGLONG desired_base=NULL)
BYTE * pe_raw_to_virtual(IN const BYTE *rawPeBuffer, IN size_t rawPeSize, OUT size_t &outputSize, IN OPTIONAL bool executable=true, IN OPTIONAL ULONGLONG desired_base=0)
bool is64bit(IN const BYTE *pe_buffer)
BYTE * get_nt_hdrs(IN const BYTE *pe_buffer, IN OPTIONAL size_t buffer_size=0)
Wrappers over various fields in the PE header. Read, write, parse PE headers.
bool sections_raw_to_virtual(IN const BYTE *payload, IN SIZE_T payloadSize, OUT BYTE *destBuffer, IN SIZE_T destBufferSize)
Converting PE from raw to virtual format.
Miscellaneous utility functions.