-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathutils.h
36 lines (19 loc) · 1.09 KB
/
utils.h
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
#pragma once
#include <Windows.h>
//#include <iostream> //only for debug
#define BIGINT 5000
typedef void (WINAPI* sleep_p)(DWORD);
typedef HANDLE(WINAPI* GetStdHandle_p)(DWORD);
typedef BOOL(WINAPI* WriteFile_p)(HANDLE, LPCVOID, DWORD, LPDWORD, LPOVERLAPPED);
typedef FARPROC(WINAPI* GetProcAddress_t)(HMODULE, const char*);
typedef HANDLE(WINAPI* CreateFileA_p)(LPCSTR, DWORD, DWORD, LPSECURITY_ATTRIBUTES, DWORD, DWORD, HANDLE);
typedef HANDLE(WINAPI* CreateThread_p)(LPSECURITY_ATTRIBUTES, SIZE_T, LPTHREAD_START_ROUTINE, __drv_aliasesMem LPVOID, DWORD, LPDWORD);
typedef LPVOID(WINAPI* HeapAlloc_p)(HANDLE, DWORD, SIZE_T);
typedef HLOCAL(WINAPI* LocalAlloc_p)(UINT, SIZE_T);
typedef HRESULT(WINAPI* URLDownloadToFile_p)(LPUNKNOWN, LPCSTR, LPCSTR, DWORD, LPBINDSTATUSCALLBACK);
typedef HMODULE(WINAPI* LoadLibraryA_p)(LPCSTR);
typedef int (WINAPI* WideCharToMultiByte_p)(UINT, DWORD, _In_NLS_string_(cchWideChar)LPCWCH, int, LPSTR, int, LPCCH, LPBOOL);
HMODULE getKernel32BaseAddress();
DWORD getHashFromString(char*);
PDWORD getFunctionAddressByHash(HMODULE, DWORD);
void inspectModules(void);