Init: Migrate SimpleRemoter (Since v1.3.1) to Gitea

2026-04-19 19:55:01 +02:00
commit 5a325a202b
744 changed files with 235562 additions and 0 deletions
--- a/server/2015Remote/libpeconv/peconv/exports_lookup.h
+++ b/server/2015Remote/libpeconv/peconv/exports_lookup.h
@@ -0,0 +1,52 @@
+/**
+* @file
+* @brief   Searching specific functions in PE's Exports Table.
+*/
+
+#pragma once
+#include <windows.h>
+
+#include "pe_hdrs_helper.h"
+#include "function_resolver.h"
+#include "exports_mapper.h"
+
+#include <string>
+#include <vector>
+#include <map>
+
+namespace peconv
+{
+
+/**
+Gets the function address by the name. Uses Export Table lookup.
+WARNING: doesn't work for the forwarded functions.
+*/
+FARPROC get_exported_func(PVOID modulePtr, LPCSTR wanted_name);
+
+/**
+Gets list of all the functions from a given module that are exported by names.
+*/
+size_t get_exported_names(PVOID modulePtr, std::vector<std::string> &names_list);
+
+/**
+Function resolver using Export Table lookup.
+*/
+class export_based_resolver : default_func_resolver
+{
+public:
+    /**
+    Get the address (VA) of the function with the given name, from the given DLL.
+    Uses Export Table lookup as a primary method of finding the import. On failure it falls back to the default Functions Resolver.
+    \param func_name : the name of the function
+    \param lib_name : the name of the DLL
+    \return Virtual Address of the exported function
+    */
+    virtual FARPROC resolve_func(LPCSTR lib_name, LPCSTR func_name);
+};
+
+/**
+Read the DLL name from the Export Table.
+*/
+LPSTR read_dll_name(HMODULE modulePtr);
+
+}; //namespace peconv