diff options
| author | auth12 <[email protected]> | 2020-07-27 16:29:29 -0700 |
|---|---|---|
| committer | auth12 <[email protected]> | 2020-07-27 16:29:29 -0700 |
| commit | 9354a3bd08b63fd5f79f47f186876d3f3611828a (patch) | |
| tree | ec7e2d524f61e710c53fd5a45df4faf8a3565d9d /client/src/util | |
| parent | Fixed support for colored text. (diff) | |
| download | loader-9354a3bd08b63fd5f79f47f186876d3f3611828a.tar.xz loader-9354a3bd08b63fd5f79f47f186876d3f3611828a.zip | |
Imported modules are now manual mapped.
Diffstat (limited to 'client/src/util')
| -rw-r--r-- | client/src/util/apiset.cpp | 32 | ||||
| -rw-r--r-- | client/src/util/apiset.h | 21 | ||||
| -rw-r--r-- | client/src/util/native.h | 32 |
3 files changed, 85 insertions, 0 deletions
diff --git a/client/src/util/apiset.cpp b/client/src/util/apiset.cpp new file mode 100644 index 0000000..e47fb51 --- /dev/null +++ b/client/src/util/apiset.cpp @@ -0,0 +1,32 @@ +#include "../include.h" +#include "util.h" +#include "io.h" +#include "apiset.h" + +apiset g_apiset; + +apiset::apiset() { + auto map = *reinterpret_cast<native::API_SET_NAMESPACE_ARRAY**>(uintptr_t(util::peb()) + 0x68); + for (int i = 0; i < map->Count; ++i) { + std::wstring wapi_name(255, 0); + std::wstring wapi_host(255, 0); + + auto entry = reinterpret_cast<native::API_SET_NAMESPACE_ENTRY*>(uintptr_t(map) + map->End + i * sizeof(native::API_SET_NAMESPACE_ENTRY)); + auto array = reinterpret_cast<native::API_SET_VALUE_ARRAY*>(uintptr_t(map) + map->Start + entry->Size * sizeof(native::API_SET_VALUE_ARRAY)); + + auto byte_map = reinterpret_cast<uint8_t*>(map); + std::memcpy(&wapi_name[0], &byte_map[array->NameOffset], array->NameLength); + + auto host = reinterpret_cast<native::API_SET_VALUE_ENTRY*>(&byte_map[array->DataOffset]); + + std::memcpy(&wapi_host[0], &byte_map[host->ValueOffset], host->ValueLength); + + wapi_name.assign(wapi_name.data()); + wapi_host.assign(wapi_host.data()); + + auto api_name = util::wide_to_multibyte(wapi_name); + auto api_host = util::wide_to_multibyte(wapi_host); + + m_apimap[api_name] = api_host; + } +}
\ No newline at end of file diff --git a/client/src/util/apiset.h b/client/src/util/apiset.h new file mode 100644 index 0000000..440dcc0 --- /dev/null +++ b/client/src/util/apiset.h @@ -0,0 +1,21 @@ +#pragma once + +class apiset { + std::unordered_map<std::string, std::string> m_apimap; +public: + apiset(); + + void operator()(std::string &mod) { + auto it = std::find_if(m_apimap.begin(), m_apimap.end(), [&](const std::pair<std::string, std::string>& pair) { + return mod.find(pair.first) != std::string::npos; + }); + + if (it != m_apimap.end()) { + mod = it->second; + } + } + + auto &map() { return m_apimap; } +}; + +extern apiset g_apiset;
\ No newline at end of file diff --git a/client/src/util/native.h b/client/src/util/native.h index dada567..44b8ab6 100644 --- a/client/src/util/native.h +++ b/client/src/util/native.h @@ -340,6 +340,38 @@ namespace native { SYSTEM_HANDLE_TABLE_ENTRY_INFO Handles[1]; } SYSTEM_HANDLE_INFORMATION, *PSYSTEM_HANDLE_INFORMATION; + struct API_SET_VALUE_ENTRY { + ULONG Flags; + ULONG NameOffset; + ULONG NameLength; + ULONG ValueOffset; + ULONG ValueLength; + }; + + struct API_SET_VALUE_ARRAY { + ULONG Flags; + ULONG NameOffset; + ULONG Unk; + ULONG NameLength; + ULONG DataOffset; + ULONG Count; + }; + + struct API_SET_NAMESPACE_ENTRY { + ULONG Limit; + ULONG Size; + }; + + struct API_SET_NAMESPACE_ARRAY { + ULONG Version; + ULONG Size; + ULONG Flags; + ULONG Count; + ULONG Start; + ULONG End; + ULONG Unk[2]; + }; + using NtQuerySystemInformation = NTSTATUS(__stdcall*)(native::SYSTEM_INFORMATION_CLASS, PVOID, SIZE_T, PULONG); using NtOpenProcess = NTSTATUS(__stdcall*)(PHANDLE, ACCESS_MASK, POBJECT_ATTRIBUTES, CLIENT_ID*); using NtReadVirtualMemory = NTSTATUS(__stdcall*)(HANDLE, PVOID, PVOID, SIZE_T, PULONG); |