admin/Etw-Syscall
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
master
Etw-Syscall/Etw Syscall/libpeconv-master/tests/test_peb_lookup.cpp
琴心 a1b66995e4 添加项目文件。
2022-04-26 15:31:46 +08:00

79 lines
2.1 KiB
C++
Raw Permalink Blame History

#include "test_peb_lookup.h"
#include <peconv.h>
namespace tests {
int compare_modules_and_sizes(wchar_t* module_name = NULL)
{
std::wcout << "\n[*] Test: ";
if (module_name == NULL) {
std::wcout << "self";
}
else {
std::wcout << module_name;
LoadLibraryW(module_name);
}
std::wcout << "\n";
HMODULE mod1 = peconv::get_module_via_peb(module_name);
HMODULE mod2 = GetModuleHandleW(module_name);
std::cout << "get_module_via_peb: " << std::hex << mod1 << "\n";
std::cout << "GetModuleHandle: " << std::hex << mod2 << "\n";
if (mod1 != mod2) {
return false;
}
size_t size1 = peconv::get_image_size((BYTE*)mod1);
size_t size2 = peconv::get_module_size_via_peb(mod2);
std::cout << "get_image_size: " << std::hex << size1 << "\n";
std::cout << "get_module_size_via_peb: " << std::hex << size2 << "\n";
if (size1 != size2) {
return false;
}
return true;
}
bool check_unexisting_module()
{
std::wcout << "\n[*] Test: unexisting module\n";
wchar_t* module_name = L"unexisting_module";
HMODULE mod1 = peconv::get_module_via_peb(module_name);
HMODULE mod2 = GetModuleHandleW(module_name);
std::cout << "get_module_via_peb: " << std::hex << mod1 << "\n";
std::cout << "GetModuleHandle: " << std::hex << mod2 << "\n";
if (mod1 != mod2) {
return false;
}
return true;
}
};
int tests::check_modules()
{
if (!compare_modules_and_sizes(NULL)) {
return 1;
}
if (!compare_modules_and_sizes(L"ntdll.dll")) {
return 1;
}
if (!compare_modules_and_sizes(L"kernel32.dll")) {
return 1;
}
if (!compare_modules_and_sizes(L"user32.dll")) {
return 1;
}
if (!compare_modules_and_sizes(L"advapi32.dll")) {
return 1;
}
if (!compare_modules_and_sizes(L"ws2_32.dll")) {
return 1;
}
if (!check_unexisting_module()) {
return 1;
}
return 0;
}
Reference in New Issue View Git Blame Copy Permalink