able/windows-nt
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
windows-nt/Source/XPSP1/NT/inetsrv/iis/svcs/restart/iisrsta/enummod.c
CryptoAlgo Inc b3cac27891 Add source files
2020-09-26 16:20:57 +08:00

210 lines
4 KiB
C
Raw Permalink Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

/*++
Copyright (c) 1995-1997 Microsoft Corporation
Module Name:
enummod.c
Abstract:
This module implements a remote module enumerator.
Author:
Keith Moore (keithmo) 16-Sep-1997
Revision History:
--*/
#include <nt.h>
#include <ntrtl.h>
#include <nturtl.h>
#undef IF_DEBUG
#include <windows.h>
//#include <ntsdexts.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <wchar.h>
# include <stdlib.h>
#include "inetdbgp.h"
#define ReadMemory(a,b,c,d) ReadProcessMemory( ExtensionCurrentProcess, (LPCVOID)(a), (b), (c), (d) )
#define WriteMemory(a,b,c,d) WriteProcessMemory( ExtensionCurrentProcess, (LPVOID)(a), (LPVOID)(b), (c), (d) )
//
// Globals
//
BOOLEAN
EnumModules(
IN HANDLE ExtensionCurrentProcess,
IN PFN_ENUMMODULES EnumProc,
IN PVOID Param
)
/*++
Routine Description:
Enumerates all loaded modules in the debugee.
Arguments:
EnumProc - An enumeration proc that will be invoked for each module.
Param - An uninterpreted parameter passed to the enumeration proc.
Return Value:
BOOLEAN - TRUE if successful, FALSE otherwise.
--*/
{
PROCESS_BASIC_INFORMATION basicInfo;
NTSTATUS status;
PPEB peb;
PPEB_LDR_DATA ldr;
PLIST_ENTRY ldrHead, ldrNext;
PLDR_DATA_TABLE_ENTRY ldrEntry;
LDR_DATA_TABLE_ENTRY ldrEntryData;
WCHAR tmpName[MAX_PATH];
MODULE_INFO moduleInfo;
//
// Get the process info.
//
status = NtQueryInformationProcess(
ExtensionCurrentProcess,
ProcessBasicInformation,
&basicInfo,
sizeof(basicInfo),
NULL
);
if( !NT_SUCCESS(status) ) {
return FALSE;
}
peb = basicInfo.PebBaseAddress;
if( peb == NULL ) {
return FALSE;
}
//
// ldr = peb->Ldr
//
if( !ReadMemory(
(ULONG_PTR)&peb->Ldr,
&ldr,
sizeof(ldr),
NULL
) ) {
return FALSE;
}
ldrHead = &ldr->InMemoryOrderModuleList;
//
// ldrNext = ldrHead->Flink;
//
if( !ReadMemory(
(ULONG_PTR)&ldrHead->Flink,
&ldrNext,
sizeof(ldrNext),
NULL
) ) {
return FALSE;
}
while( ldrNext != ldrHead ) {
#if 0
if( CheckControlC() ) {
break;
}
#endif
//
// Read the LDR_DATA_TABLE_ENTRY structure and the module name.
//
ldrEntry = CONTAINING_RECORD(
ldrNext,
LDR_DATA_TABLE_ENTRY,
InMemoryOrderLinks
);
if( !ReadMemory(
(ULONG_PTR)ldrEntry,
&ldrEntryData,
sizeof(ldrEntryData),
NULL
) ) {
return FALSE;
}
if( !ReadMemory(
(ULONG_PTR)ldrEntryData.BaseDllName.Buffer,
tmpName,
ldrEntryData.BaseDllName.MaximumLength,
NULL
) ) {
return FALSE;
}
wsprintfA(
moduleInfo.BaseName,
"%ws",
tmpName
);
if( !ReadMemory(
(ULONG_PTR)ldrEntryData.FullDllName.Buffer,
tmpName,
ldrEntryData.FullDllName.MaximumLength,
NULL
) ) {
return FALSE;
}
wsprintfA(
moduleInfo.FullName,
"%ws",
tmpName
);
moduleInfo.DllBase = (ULONG_PTR)ldrEntryData.DllBase;
moduleInfo.EntryPoint = (ULONG_PTR)ldrEntryData.EntryPoint;
moduleInfo.SizeOfImage = (ULONG)ldrEntryData.SizeOfImage;
//
// Invoke the callback.
//
if( !(EnumProc)(
Param,
&moduleInfo
) ) {
break;
}
ldrNext = ldrEntryData.InMemoryOrderLinks.Flink;
}
return TRUE;
} // EnumModules
Reference in a new issue View git blame Copy permalink