2014-04-06 18:31:53 +00:00
|
|
|
/* Benjamin DELPY `gentilkiwi`
|
|
|
|
http://blog.gentilkiwi.com
|
|
|
|
benjamin@gentilkiwi.com
|
2015-08-25 09:19:01 +00:00
|
|
|
Licence : https://creativecommons.org/licenses/by/4.0/
|
2014-04-06 18:31:53 +00:00
|
|
|
*/
|
|
|
|
#pragma once
|
|
|
|
#include "globals.h"
|
|
|
|
|
|
|
|
typedef CONST char *PCSZ;
|
|
|
|
typedef STRING ANSI_STRING;
|
|
|
|
typedef PSTRING PANSI_STRING;
|
|
|
|
typedef PSTRING PCANSI_STRING;
|
|
|
|
|
|
|
|
typedef STRING OEM_STRING;
|
|
|
|
typedef PSTRING POEM_STRING;
|
|
|
|
typedef CONST STRING* PCOEM_STRING;
|
|
|
|
typedef CONST UNICODE_STRING *PCUNICODE_STRING;
|
|
|
|
|
2015-08-10 23:27:13 +00:00
|
|
|
#define DECLARE_UNICODE_STRING(_var, _string) \
|
|
|
|
const WCHAR _var ## _buffer[] = _string; \
|
|
|
|
UNICODE_STRING _var = { sizeof(_string) - sizeof(WCHAR), sizeof(_string), (PWCH) _var ## _buffer }
|
|
|
|
|
2017-06-07 00:37:32 +00:00
|
|
|
#define DECLARE_CONST_UNICODE_STRING(_var, _string) \
|
|
|
|
const WCHAR _var ## _buffer[] = _string; \
|
|
|
|
const UNICODE_STRING _var = { sizeof(_string) - sizeof(WCHAR), sizeof(_string), (PWCH) _var ## _buffer }
|
|
|
|
|
2014-04-06 18:31:53 +00:00
|
|
|
extern VOID WINAPI RtlInitString(OUT PSTRING DestinationString, IN PCSZ SourceString);
|
|
|
|
extern VOID WINAPI RtlInitUnicodeString(OUT PUNICODE_STRING DestinationString, IN PCWSTR SourceString);
|
|
|
|
|
|
|
|
extern NTSTATUS WINAPI RtlAnsiStringToUnicodeString(OUT PUNICODE_STRING DestinationString, IN PCANSI_STRING SourceString, IN BOOLEAN AllocateDestinationString);
|
|
|
|
extern NTSTATUS WINAPI RtlUnicodeStringToAnsiString(OUT PANSI_STRING DestinationString, IN PCUNICODE_STRING SourceString, IN BOOLEAN AllocateDestinationString);
|
|
|
|
|
|
|
|
extern VOID WINAPI RtlUpperString(OUT PSTRING DestinationString, IN const STRING *SourceString);
|
2014-09-28 19:47:26 +00:00
|
|
|
extern NTSTATUS WINAPI RtlUpcaseUnicodeString(IN OUT PUNICODE_STRING DestinationString, IN PCUNICODE_STRING SourceString, IN BOOLEAN AllocateDestinationString);
|
2014-04-06 18:31:53 +00:00
|
|
|
extern NTSTATUS WINAPI RtlDowncaseUnicodeString(PUNICODE_STRING DestinationString, IN PCUNICODE_STRING SourceString, IN BOOLEAN AllocateDestinationString);
|
2014-10-10 08:53:03 +00:00
|
|
|
extern WCHAR WINAPI RtlUpcaseUnicodeChar(IN WCHAR SourceCharacter);
|
2017-06-07 22:48:55 +00:00
|
|
|
extern NTSTATUS WINAPI RtlUpcaseUnicodeStringToOemString(IN OUT POEM_STRING DestinationString, IN PCUNICODE_STRING SourceString, IN BOOLEAN AllocateDestinationString);
|
2014-04-06 18:31:53 +00:00
|
|
|
|
|
|
|
extern BOOLEAN WINAPI RtlEqualString(IN const STRING *String1, IN const STRING *String2, IN BOOLEAN CaseInSensitive);
|
|
|
|
extern BOOLEAN WINAPI RtlEqualUnicodeString(IN PCUNICODE_STRING String1, IN PCUNICODE_STRING String2, IN BOOLEAN CaseInSensitive);
|
|
|
|
|
|
|
|
extern LONG WINAPI RtlCompareUnicodeString(IN PCUNICODE_STRING String1, IN PCUNICODE_STRING String2, IN BOOLEAN CaseInSensitive);
|
|
|
|
extern LONG WINAPI RtlCompareString(IN const STRING *String1, IN const STRING *String2, IN BOOLEAN CaseInSensitive);
|
|
|
|
|
2017-06-07 22:48:55 +00:00
|
|
|
extern VOID WINAPI RtlFreeAnsiString(IN OUT PANSI_STRING AnsiString);
|
|
|
|
extern VOID WINAPI RtlFreeUnicodeString(IN OUT PUNICODE_STRING UnicodeString);
|
|
|
|
extern VOID WINAPI RtlFreeOemString(IN OUT POEM_STRING OemString);
|
2014-04-06 18:31:53 +00:00
|
|
|
|
|
|
|
extern NTSTATUS WINAPI RtlStringFromGUID(IN LPCGUID Guid, PUNICODE_STRING UnicodeString);
|
2015-05-23 21:49:04 +00:00
|
|
|
extern NTSTATUS WINAPI RtlGUIDFromString(IN PCUNICODE_STRING GuidString, OUT GUID *Guid);
|
2014-04-06 18:31:53 +00:00
|
|
|
extern NTSTATUS NTAPI RtlValidateUnicodeString(IN ULONG Flags, IN PCUNICODE_STRING UnicodeString);
|
|
|
|
|
2014-09-28 19:47:26 +00:00
|
|
|
extern NTSTATUS WINAPI RtlAppendUnicodeStringToString(IN OUT PUNICODE_STRING Destination, IN PCUNICODE_STRING Source);
|
|
|
|
|
2015-07-19 00:34:06 +00:00
|
|
|
extern VOID NTAPI RtlRunDecodeUnicodeString(IN BYTE Hash, IN OUT PUNICODE_STRING String);
|
|
|
|
extern VOID NTAPI RtlRunEncodeUnicodeString(IN OUT PBYTE Hash, IN OUT PUNICODE_STRING String);
|
|
|
|
|
2016-02-08 00:41:26 +00:00
|
|
|
//BOOL kull_m_string_suspectUnicodeStringStructure(IN PUNICODE_STRING pUnicodeString);
|
2015-07-19 00:34:06 +00:00
|
|
|
void kull_m_string_MakeRelativeOrAbsoluteString(PVOID BaseAddress, PLSA_UNICODE_STRING String, BOOL relative);
|
2014-11-20 07:57:04 +00:00
|
|
|
BOOL kull_m_string_copyUnicodeStringBuffer(PUNICODE_STRING pSource, PUNICODE_STRING pDestination);
|
2014-04-06 18:31:53 +00:00
|
|
|
void kull_m_string_freeUnicodeStringBuffer(PUNICODE_STRING pString);
|
|
|
|
BOOL kull_m_string_suspectUnicodeString(IN PUNICODE_STRING pUnicodeString);
|
2016-02-08 00:41:26 +00:00
|
|
|
void kull_m_string_printSuspectUnicodeString(PVOID data, DWORD size);
|
2014-04-06 18:31:53 +00:00
|
|
|
|
|
|
|
wchar_t * kull_m_string_qad_ansi_to_unicode(const char * ansi);
|
|
|
|
wchar_t * kull_m_string_qad_ansi_c_to_unicode(const char * ansi, SIZE_T szStr);
|
2016-06-23 00:16:36 +00:00
|
|
|
char * kull_m_string_unicode_to_ansi(const wchar_t * unicode);
|
2014-05-04 23:24:54 +00:00
|
|
|
BOOL kull_m_string_stringToHex(IN LPCWCHAR string, IN LPBYTE hex, IN DWORD size);
|
2015-06-07 21:19:28 +00:00
|
|
|
BOOL kull_m_string_stringToHexBuffer(IN LPCWCHAR string, IN LPBYTE *hex, IN DWORD *size);
|
2014-04-06 18:31:53 +00:00
|
|
|
|
|
|
|
void kull_m_string_wprintf_hex(LPCVOID lpData, DWORD cbData, DWORD flags);
|
|
|
|
void kull_m_string_displayFileTime(IN PFILETIME pFileTime);
|
|
|
|
void kull_m_string_displayLocalFileTime(IN PFILETIME pFileTime);
|
2017-02-27 01:18:46 +00:00
|
|
|
BOOL kull_m_string_FileTimeToString(IN PFILETIME pFileTime, OUT WCHAR string[14 + 1]);
|
2014-04-06 18:31:53 +00:00
|
|
|
void kull_m_string_displayGUID(IN LPCGUID pGuid);
|
|
|
|
void kull_m_string_displaySID(IN PSID pSid);
|
2015-06-07 21:19:28 +00:00
|
|
|
PWSTR kull_m_string_getRandomGUID();
|
2015-06-14 00:46:21 +00:00
|
|
|
void kull_m_string_ptr_replace(PVOID ptr, DWORD64 size);
|
2014-04-06 18:31:53 +00:00
|
|
|
|
2015-08-16 22:18:04 +00:00
|
|
|
BOOL kull_m_string_args_byName(const int argc, const wchar_t * argv[], const wchar_t * name, const wchar_t ** theArgs, const wchar_t * defaultValue);
|
2016-12-22 23:21:08 +00:00
|
|
|
BOOL kull_m_string_args_bool_byName(int argc, wchar_t * argv[], LPCWSTR name, PBOOL value);
|
2016-02-08 00:41:26 +00:00
|
|
|
BOOL kull_m_string_copy(LPWSTR *dst, LPCWSTR src);
|
2017-02-27 01:18:46 +00:00
|
|
|
BOOL kull_m_string_copyA(LPSTR *dst, LPCSTR src);
|
2016-07-10 22:32:51 +00:00
|
|
|
BOOL kull_m_string_quickxml_simplefind(LPCWSTR xml, LPCWSTR node, LPWSTR *dst);
|
|
|
|
#ifndef MIMIKATZ_W2000_SUPPORT
|
|
|
|
BOOL kull_m_string_quick_base64_to_Binary(PCWSTR base64, PBYTE *data, DWORD *szData);
|
2017-07-19 23:33:50 +00:00
|
|
|
#endif
|
|
|
|
BOOL kull_m_string_sprintf(PWSTR *outBuffer, PCWSTR format, ...);
|