diff options
Diffstat (limited to 'client/src/injection/mapper.cpp')
| -rw-r--r-- | client/src/injection/mapper.cpp | 46 |
1 files changed, 29 insertions, 17 deletions
diff --git a/client/src/injection/mapper.cpp b/client/src/injection/mapper.cpp index 570155e..68f0f6e 100644 --- a/client/src/injection/mapper.cpp +++ b/client/src/injection/mapper.cpp @@ -9,23 +9,24 @@ void mmap::thread(tcp::client& client) { std::this_thread::sleep_for(std::chrono::milliseconds(100)); } - util::fetch_processes(); + std::vector<util::process> process_list; + util::fetch_processes(process_list); - auto needle = std::find_if(util::process_list.begin(), util::process_list.end(), [&](util::process& proc) { - return strcmp(proc.name().c_str(), "notepad++.exe") == 0; + auto needle = std::find_if(process_list.begin(), process_list.end(), [&](util::process& proc) { + return proc.name() == "notepad++.exe"; }); - while (needle == util::process_list.end()) { - std::this_thread::sleep_for(std::chrono::seconds(5)); + while (needle == process_list.end()) { + std::this_thread::sleep_for(std::chrono::seconds(2)); - util::fetch_processes(); - - io::logger->info("size {}", util::process_list.size()); + util::fetch_processes(process_list); + + io::logger->info("size {}", process_list.size()); io::logger->info("waiting for process.."); - needle = std::find_if(util::process_list.begin(), util::process_list.end(), [&](util::process& proc) { - return strcmp(proc.name().c_str(), "notepad++.exe") == 0; + needle = std::find_if(process_list.begin(), process_list.end(), [&](util::process& proc) { + return proc.name() == "notepad++.exe"; }); } @@ -44,27 +45,25 @@ void mmap::thread(tcp::client& client) { return; } + client.mapper_data.image_size = 0; + io::logger->info("image base : {:x}", image); auto imports = nlohmann::json::parse(client.mapper_data.imports); nlohmann::json final_imports; for (auto& [key, value] : imports.items()) { - auto mod = key; - std::transform(mod.begin(), mod.end(), mod.begin(), ::tolower); - auto base = needle->load(mod); + auto base = needle->load(key); if (!base) { - io::logger->error("failed to load {}", mod); + io::logger->error("failed to load {}", key); continue; } for (auto& i : value) { auto name = i.get<std::string>(); - auto func = needle->module_export(mod, name); - - final_imports[name] = func; + final_imports[name] = needle->module_export(base, name); } } @@ -76,6 +75,11 @@ void mmap::thread(tcp::client& client) { auto proc_imports = final_imports.dump(); client.stream(proc_imports); + proc_imports.clear(); + final_imports.clear(); + imports.clear(); + client.mapper_data.imports.clear(); + io::logger->info("please wait..."); while (client.mapper_data.image.empty()) { std::this_thread::sleep_for(std::chrono::seconds(1)); @@ -86,6 +90,8 @@ void mmap::thread(tcp::client& client) { return; } + client.mapper_data.image.clear(); + auto entry = image + client.mapper_data.entry; io::logger->info("entry : {:x}", entry); @@ -96,6 +102,12 @@ void mmap::thread(tcp::client& client) { *reinterpret_cast<uint32_t*>(&shellcode[8]) = image; *reinterpret_cast<uint32_t*>(&shellcode[13]) = entry; + /*static std::vector<uint8_t> shellcode = { 0x48, 0x83, 0xEC, 0x28, 0x48, 0xB9, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x48, 0xC7, 0xC2, 0x01, + 0x00, 0x00, 0x00, 0x4D, 0x31, 0xC0, 0x48, 0xB8, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xD0, 0x48, 0x83, 0xC4, 0x28, 0xC3 }; + + *reinterpret_cast<uint64_t*>(&shellcode[6]) = image; + *reinterpret_cast<uint32_t*>(&shellcode[26]) = entry;*/ + auto code = needle->allocate(shellcode.size(), MEM_COMMIT | MEM_RESERVE, PAGE_EXECUTE_READWRITE); if (!needle->write(code, shellcode.data(), shellcode.size())) { io::logger->error("failed to write shellcode."); |