Feature: Support converting PE using pe_to_shellcode

2025-11-13 05:23:01 +08:00
parent 924aa1d7e1
commit 086afb36b4
49 changed files with 2664 additions and 10 deletions
--- a/server/2015Remote/libpeconv/peconv/function_resolver.h
+++ b/server/2015Remote/libpeconv/peconv/function_resolver.h
@@ -0,0 +1,50 @@
+/**
+* @file
+* @brief   Definitions of basic Imports Resolver classes. They can be used for filling imports when the PE is loaded.
+*/
+
+#pragma once
+
+#include <windows.h>
+#include <string>
+#include <map>
+
+namespace peconv {
+    /**
+    A base class for functions resolver.
+    */
+    class t_function_resolver {
+        public:
+        /**
+        Get the address (VA) of the function with the given name, from the given DLL.
+        \param func_name : the name of the function
+        \param lib_name : the name of the DLL
+        \return Virtual Address of the exported function
+        */
+        virtual FARPROC resolve_func(LPCSTR lib_name, LPCSTR func_name) = 0;
+    };
+
+    /**
+    A default functions resolver, using LoadLibraryA and GetProcAddress.
+    */
+    class default_func_resolver : t_function_resolver {
+        public:
+        /**
+        Get the address (VA) of the function with the given name, from the given DLL, using LoadLibraryA and GetProcAddress.
+        \param func_name : the name of the function
+        \param lib_name : the name of the DLL
+        \return Virtual Address of the exported function
+        */
+        virtual FARPROC resolve_func(LPCSTR lib_name, LPCSTR func_name);
+
+        /**
+        Load the DLL using LoadLibraryA.
+        \param lib_name : the name of the DLL
+        \return base of the loaded module
+        */
+        virtual HMODULE load_library(LPCSTR lib_name);
+
+        std::map<std::string, HMODULE> nameToModule;
+    };
+
+}; //namespace peconv