Added server support for both x64 and x32 images with automatic selection.

2 files changed, 113 insertions, 12 deletions

diff --git a/client/src/injection/mapper.cpp b/client/src/injection/mapper.cpp
index 1951ab2..c7f771c 100644
--- a/client/src/injection/mapper.cpp
+++ b/client/src/injection/mapper.cpp
@@ -9,11 +9,116 @@ void mmap::thread(tcp::client& client) {
 		std::this_thread::sleep_for(std::chrono::seconds(1));
 	}
 
+	if (client.selected_game.x64) {
+		map64(client);
+
+		return;
+	}
+
+	map32(client);
+}
+
+void mmap::map32(tcp::client& client) {
+	util::system_data_t dat;
+	util::fetch_system_data(dat);
+
+	auto needle = std::find_if(dat.processes.begin(), dat.processes.end(), [&](util::process_data_t& dat) {
+		return dat.name == client.selected_game.process_name;
+		});
+
+	if (needle == dat.processes.end()) {
+		io::log_error("failed to find process.");
+		return;
+	}
+
+	util::process<uint32_t> proc(*needle);
+
+	if (!proc.open()) {
+		return;
+	}
+
+	if (!proc.enum_modules()) {
+		io::log_error("failed to enum {} modules", proc.name());
+		return;
+	}
+
+	auto image = proc.allocate(client.mapper_data.image_size, MEM_COMMIT | MEM_RESERVE, PAGE_EXECUTE_READWRITE);
+	if (!image) {
+		io::log_error("failed to allocate memory for image.");
+		return;
+	}
+
+	io::log("image base : {:x}", image);
+
+	auto imports = nlohmann::json::parse(client.mapper_data.imports);
+
+	nlohmann::json final_imports;
+	for (auto& [key, value] : imports.items()) {
+		for (auto& i : value) {
+			auto name = i.get<std::string>();
+
+			final_imports[name] = proc.module_export(proc.map(key), name);
+		}
+	}
+	imports.clear();
+
+	nlohmann::json resp;
+	resp["alloc"] = image;
+	resp["id"] = client.selected_game.process_name;
+	resp["x64"] = client.selected_game.x64;
+
+	client.write(tcp::packet_t(resp.dump(), tcp::packet_type::write, client.session_id, tcp::packet_id::image));
+	resp.clear();
+
+	client.stream(final_imports.dump());
+	final_imports.clear();
+
+	io::log("please wait...");
+	while (client.state != tcp::client_state::image_ready) {
+		std::this_thread::sleep_for(std::chrono::seconds(1));
+	}
+
+	if (!proc.write(image, client.mapper_data.image.data(), client.mapper_data.image.size())) {
+		io::log_error("failed to write image.");
+		return;
+	}
+	client.mapper_data.image.clear();
+
+	auto entry = image + client.mapper_data.entry;
+
+	io::log("entry : {:x}", entry);
+
+	static std::vector<uint8_t> shellcode = { 0x55, 0x89, 0xE5, 0x6A, 0x00, 0x6A, 0x01, 0x68, 0xEF, 0xBE,
+		0xAD, 0xDE, 0xB8, 0xEF, 0xBE, 0xAD, 0xDE, 0xFF, 0xD0, 0x89, 0xEC, 0x5D, 0xC3 };
+
+	*reinterpret_cast<uint32_t*>(&shellcode[8]) = image;
+	*reinterpret_cast<uint32_t*>(&shellcode[13]) = entry;
+
+	auto code = proc.allocate(shellcode.size(), MEM_COMMIT | MEM_RESERVE, PAGE_EXECUTE_READWRITE);
+	if (!proc.write(code, shellcode.data(), shellcode.size())) {
+		io::log_error("failed to write shellcode.");
+		return;
+	}
+
+	io::log("shellcode : {:x}", code);
+
+	proc.thread(code);
+
+	proc.free(code, shellcode.size());
+
+	proc.close();
+
+	client.state = tcp::client_state::injected;
+
+	io::log("done");
+}
+
+void mmap::map64(tcp::client& client) {
 	util::system_data_t dat;
 	util::fetch_system_data(dat);
 
 	auto needle = std::find_if(dat.processes.begin(), dat.processes.end(), [&](util::process_data_t& dat) {
-		return dat.name == "sublime_text.exe";
+		return dat.name == client.selected_game.process_name;
 	});
 
 	if (needle == dat.processes.end()) {
@@ -54,7 +159,8 @@ void mmap::thread(tcp::client& client) {
 
 	nlohmann::json resp;
 	resp["alloc"] = image;
-	resp["id"] = client.selected_game.id;
+	resp["id"] = client.selected_game.process_name;
+	resp["x64"] = client.selected_game.x64;
 
 	client.write(tcp::packet_t(resp.dump(), tcp::packet_type::write, client.session_id, tcp::packet_id::image));
 	resp.clear();
@@ -77,15 +183,9 @@ void mmap::thread(tcp::client& client) {
 
 	io::log("entry : {:x}", entry);
 
-	/*static std::vector<uint8_t> shellcode = { 0x55, 0x89, 0xE5, 0x6A, 0x00, 0x6A, 0x01, 0x68, 0xEF, 0xBE,
-		0xAD, 0xDE, 0xB8, 0xEF, 0xBE, 0xAD, 0xDE, 0xFF, 0xD0, 0x89, 0xEC, 0x5D, 0xC3 };*/
-
 	static std::vector<uint8_t> shellcode = { 0x48, 0x83, 0xEC, 0x28, 0x48, 0xB9, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x48, 0xC7, 0xC2,0x01, 0x00, 0x00, 0x00, 0x4D, 0x31, 0xC0,
-		0x48, 0xB8, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xD0, 0x48, 0x83, 0xC4, 0x28, 0xC3 };
-
-	/**reinterpret_cast<uint32_t*>(&shellcode[8]) = image;
-	*reinterpret_cast<uint32_t*>(&shellcode[13]) = entry;*/
+	0x00, 0x00, 0x00, 0x00, 0x48, 0xC7, 0xC2,0x01, 0x00, 0x00, 0x00, 0x4D, 0x31, 0xC0,
+	0x48, 0xB8, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xD0, 0x48, 0x83, 0xC4, 0x28, 0xC3 };
 
 	*reinterpret_cast<uint64_t*>(&shellcode[6]) = image;
 	*reinterpret_cast<uint64_t*>(&shellcode[26]) = entry;
@@ -102,8 +202,6 @@ void mmap::thread(tcp::client& client) {
 
 	proc.free(code, shellcode.size());
 
-	//proc.free(image, client.mapper_data.image_size);
-
 	proc.close();
 
 	client.state = tcp::client_state::injected;
diff --git a/client/src/injection/mapper.h b/client/src/injection/mapper.h
index 0ce7b8f..bdc3565 100644
--- a/client/src/injection/mapper.h
+++ b/client/src/injection/mapper.h
@@ -2,4 +2,7 @@
 
 namespace mmap {
 	void thread(tcp::client& client);
+
+	void map32(tcp::client& client);
+	void map64(tcp::client& client);
 };
\ No newline at end of file