Closed youngifif closed 7 months ago
hash_func.py
is script that converst a ANSI string into a hash while for modules you would need a scipt that converts a unicode into an hash. i am going to upload one soon, but this is function works as expected.
I find that the Value of
H_MODULE_NTDLL
inDefines.h
is 0x70e61753, and the Value ofpython ./hash_func.py ntdll.dll
is 0x1edab0ed. So i do some debug, it turns out thatdoes not work correctly when
String
is passed as wide-char string.In Windows OS,
We need to calculate the
Hash
from the element ofcharacters
which is greater than 0.The bug is detailed in comment as follows:
It will be a plenty of macros to fix in
Defines.h
,which is not mentiond in this pull request.