Utility helper functions for more high-level stuff. More...

Functions
uintptr_t	injectDLL (HANDLE hProcess, const char *dllPath)
	Injects a DLL into the specified process.
std::string	getDllName (HANDLE hProcess, LPVOID lpImageName, BOOL isUnicode)
	Retrieves the name of a DLL from a remote process.
bool	executeRemote (HANDLE hProcessGlobal, const std::vector< BYTE > &shellcode)
	Executes shellcode in a remote process.
DWORD	findProcessId (const std::string &processName)
	Finds the process ID of a process by name.
bool	EnableDebugPrivilege ()
	Enables the SeDebugPrivilege privilege for the current process.
DWORD_PTR	getEntryPoint (HANDLE hProcess, LPVOID baseAddress)
	Gets the entry point address of a loaded module in a remote process.

Detailed Description

Utility helper functions for more high-level stuff.

Function Documentation

◆ EnableDebugPrivilege()

bool RoboDBG::Util::EnableDebugPrivilege ( )

Enables the SeDebugPrivilege privilege for the current process.

This is required to debug or manipulate processes owned by other users or the system.

Returns: true if the privilege was successfully enabled, false otherwise.

Definition at line 149 of file util.cpp.

◆ executeRemote()

bool RoboDBG::Util::executeRemote	(	HANDLE	hProcessGlobal,
		const std::vector< BYTE > &	shellcode )

Executes shellcode in a remote process.

Allocates memory in the target process, writes the provided shellcode, and creates a remote thread to execute it.

Parameters

hProcessGlobal	Handle to the target process with execution rights.
shellcode	Vector containing the shellcode bytes to execute.

Returns: true if the shellcode executed successfully, false otherwise.

Definition at line 93 of file util.cpp.

◆ findProcessId()

DWORD RoboDBG::Util::findProcessId ( const std::string & processName )

Finds the process ID of a process by name.

Iterates over all running processes and matches against processName.

Parameters

processName Name of the process executable (e.g., "notepad.exe").

Returns: Process ID on success, or 0 if not found.

Definition at line 122 of file util.cpp.

Referenced by RoboDBG::Debugger::attach().

◆ getDllName()

std::string RoboDBG::Util::getDllName	(	HANDLE	hProcess,
		LPVOID	lpImageName,
		BOOL	isUnicode )

Retrieves the name of a DLL from a remote process.

Reads the memory at lpImageName in the remote process and returns the name as a string.

Parameters

hProcess	Handle to the target process.
lpImageName	Address of the string in the remote process.
isUnicode	TRUE if the string is in Unicode format, FALSE for ANSI.

Returns: DLL name as a std::string.

Definition at line 55 of file util.cpp.

Referenced by RoboDBG::Debugger::loop().

◆ getEntryPoint()

DWORD_PTR RoboDBG::Util::getEntryPoint	(	HANDLE	hProcess,
		LPVOID	baseAddress )

Gets the entry point address of a loaded module in a remote process.

Parses the PE header of the loaded image in the target process to determine the entry point address.

Parameters

hProcess	Handle to the target process.
baseAddress	Base address of the module in the target process.

Returns: Address of the entry point, or 0 on failure.

Definition at line 190 of file util.cpp.

Referenced by RoboDBG::Debugger::loop().

◆ injectDLL()

uintptr_t RoboDBG::Util::injectDLL	(	HANDLE	hProcess,
		const char *	dllPath )

Injects a DLL into the specified process.

Allocates memory in the remote process, writes the DLL path, and creates a remote thread to load the DLL.

Parameters

hProcess	Handle to the target process with PROCESS_ALL_ACCESS rights.
dllPath	Full path to the DLL to inject.

Returns: The remote address where the DLL was loaded, or 0 on failure.

Definition at line 5 of file util.cpp.

Functions

Detailed Description

Function Documentation

◆ EnableDebugPrivilege()

◆ executeRemote()

◆ findProcessId()

◆ getDllName()

◆ getEntryPoint()

◆ injectDLL()