BlackBone
Windows memory hacking library
 All Classes Functions
NameResolve.h
1 #pragma once
2 
3 #include "../Include/Winheaders.h"
4 #include "../Include/Types.h"
5 
6 #include <unordered_map>
7 #include <vector>
8 #include <string>
9 
10 namespace blackbone
11 {
12 
13 class NameResolve
14 {
15  typedef std::unordered_map<std::wstring, std::vector<std::wstring>> mapApiSchema;
16 
17 public:
18  enum eResolveFlag
19  {
20  Default = 0, // Full resolve
21  ApiSchemaOnly = 1, // Resolve only Api schema dlls
22  EnsureFullPath = 2, // Make sure resulting path is full-qualified
23  NoSearch = 4, // Don't perform file search, only resolve name
24  Wow64 = 8, // Reserved
25  };
26 
27 public:
28  BLACKBONE_API ~NameResolve();
29 
30  BLACKBONE_API static NameResolve& Instance();
31 
36  BLACKBONE_API bool Initialize();
37 
48  BLACKBONE_API NTSTATUS ResolvePath( std::wstring& path,
49  const std::wstring& baseName,
50  const std::wstring& searchDir,
51  eResolveFlag flags,
52  DWORD procID,
53  HANDLE actx = INVALID_HANDLE_VALUE );
54 
61  BLACKBONE_API NTSTATUS ProbeSxSRedirect( std::wstring& path, HANDLE actx = INVALID_HANDLE_VALUE );
62 
63 private:
64  // Ensure singleton
65  NameResolve();
66  NameResolve( const NameResolve& ) = delete;
67  NameResolve& operator =( const NameResolve& ) = delete;
68 
74  std::wstring GetProcessDirectory( DWORD pid );
75 
80  template<typename T1, typename T2, typename T3, typename T4>
81  bool InitializeP();
82 
83 private:
84  mapApiSchema _apiSchema; // Api schema table
85 };
86 
87 
88 }
blackbone::NameResolve::Initialize
BLACKBONE_API bool Initialize()
Initialize api set map
Definition: NameResolve.cpp:38
blackbone::NameResolve
Definition: NameResolve.h:13
blackbone::NameResolve::ProbeSxSRedirect
BLACKBONE_API NTSTATUS ProbeSxSRedirect(std::wstring &path, HANDLE actx=INVALID_HANDLE_VALUE)
Try SxS redirection
Definition: NameResolve.cpp:296
blackbone
Definition: AsmHelper32.cpp:6
blackbone::NameResolve::ResolvePath
BLACKBONE_API NTSTATUS ResolvePath(std::wstring &path, const std::wstring &baseName, const std::wstring &searchDir, eResolveFlag flags, DWORD procID, HANDLE actx=INVALID_HANDLE_VALUE)
Resolve image path.
Definition: NameResolve.cpp:108