Welcome to mirror list, hosted at ThFree Co, Russian Federation.

github.com/taviso/loadlibrary.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorTavis Ormandy <taviso@gmail.com>2021-01-13 00:43:04 +0300
committerGitHub <noreply@github.com>2021-01-13 00:43:04 +0300
commit16ddcd4d17329e73507704c272d340eef801d957 (patch)
tree5555a4766b25c232bc05f6a8f10a4ca6590c2429
parent9910ceda2e48955e72ab523a57a9aff75b125e47 (diff)
parent8585b6352e8c90460e2b78fe6a4d90c5674e85b8 (diff)
Merge pull request #88 from cube0x8/additional_apis
Additional apis + some fix and improvement
Diffstat
-rw-r--r--.gitignore2
-rw-r--r--peloader/winapi/Heap.c20
-rw-r--r--peloader/winapi/Internal.c41
-rw-r--r--peloader/winapi/LoadLibrary.c8
-rw-r--r--peloader/winapi/Paths.c26
-rw-r--r--peloader/winapi/Process.c23
-rw-r--r--peloader/winapi/Wer.c21
-rw-r--r--peloader/winnt_types.h118
8 files changed, 219 insertions, 40 deletions
diff --git a/.gitignore b/.gitignore
index fcf6377..9d1c432 100644
--- a/.gitignore
+++ b/.gitignore
@@ -7,3 +7,5 @@
mpclient
avscript
eicar.com
+.gradle/
+.idea/
diff --git a/peloader/winapi/Heap.c b/peloader/winapi/Heap.c
index d34bf07..5747232 100644
--- a/peloader/winapi/Heap.c
+++ b/peloader/winapi/Heap.c
@@ -51,6 +51,15 @@ STATIC BOOL WINAPI HeapFree(HANDLE hHeap, DWORD dwFlags, PVOID lpMem)
return TRUE;
}
+STATIC BOOL WINAPI RtlFreeHeap(PVOID HeapHandle, ULONG Flags, PVOID BaseAddress)
+{
+ DebugLog("%p, %#x, %p", HeapHandle, Flags, BaseAddress);
+
+ free(BaseAddress);
+
+ return TRUE;
+}
+
STATIC SIZE_T WINAPI HeapSize(HANDLE hHeap, DWORD dwFlags, PVOID lpMem)
{
return malloc_usable_size(lpMem);
@@ -105,6 +114,15 @@ STATIC PVOID WINAPI RtlAllocateHeap(PVOID HeapHandle,
return malloc(Size);
}
+STATIC NTSTATUS WINAPI RtlSetHeapInformation(PVOID Heap,
+ HEAP_INFORMATION_CLASS HeapInformationClass,
+ PVOID HeapInformation,
+ SIZE_T HeapInformationLength)
+{
+ DebugLog("%p, %d", Heap, HeapInformationLength);
+ return 0;
+}
+
STATIC PVOID WINAPI GlobalAlloc(UINT uFlags, SIZE_T uBytes)
{
PVOID Buffer = malloc(uBytes);
@@ -126,6 +144,8 @@ DECLARE_CRT_EXPORT("HeapCreate", HeapCreate);
DECLARE_CRT_EXPORT("GetProcessHeap", GetProcessHeap);
DECLARE_CRT_EXPORT("HeapAlloc", HeapAlloc);
DECLARE_CRT_EXPORT("HeapFree", HeapFree);
+DECLARE_CRT_EXPORT("RtlFreeHeap", RtlFreeHeap);
+DECLARE_CRT_EXPORT("RtlSetHeapInformation", RtlSetHeapInformation);
DECLARE_CRT_EXPORT("HeapSize", HeapSize);
DECLARE_CRT_EXPORT("HeapReAlloc", HeapReAlloc);
DECLARE_CRT_EXPORT("LocalAlloc", LocalAlloc);
diff --git a/peloader/winapi/Internal.c b/peloader/winapi/Internal.c
index 92f446c..e20dcb9 100644
--- a/peloader/winapi/Internal.c
+++ b/peloader/winapi/Internal.c
@@ -50,30 +50,50 @@ ULONG WINAPI EtwEventWrite(HANDLE RegHAndle, PVOID EventDescriptor, ULONG UserDa
return 0;
}
-static HANDLE WINAPI LdrLoadDll(PWCHAR PathToFile,
- ULONG Flags,
- PUNICODE_STRING ModuleFilename,
- PHANDLE ModuleHandle)
+static NTSTATUS WINAPI LdrLoadDll(PWCHAR PathToFile,
+ ULONG Flags,
+ PUNICODE_STRING ModuleFilename,
+ PHANDLE ModuleHandle)
{
char *PathToFileA = CreateAnsiFromWide(PathToFile);
+ char *ModuleFilenameA = CreateAnsiFromWide(ModuleFilename->Buffer);
- DebugLog("%p [%s], %p, %p, %#x", PathToFile, PathToFileA, ModuleFilename, ModuleHandle, Flags);
+ DebugLog("%p [%s], %p [%s], %p, %#x", PathToFile, PathToFileA, ModuleFilename, ModuleFilenameA, ModuleHandle, Flags);
+
+ *ModuleHandle = (HANDLE) 'LOAD';
free(PathToFileA);
+ free(ModuleFilenameA);
- return (HANDLE) 'LOAD';
+ return 0;
}
-NTSTATUS WINAPI LdrGetProcedureAddress(HMODULE Module,
- PANSI_STRING Name,
- WORD Ordinal,
- PVOID *Address)
+static NTSTATUS WINAPI LdrUnloadDll(HANDLE ModuleHandle) {
+ DebugLog("%p", ModuleHandle);
+
+ return 0;
+}
+
+static NTSTATUS WINAPI LdrGetProcedureAddress(HMODULE Module,
+ PANSI_STRING Name,
+ WORD Ordinal,
+ PVOID *Address)
{
DebugLog("%p %s %hu %p", Module, Name->buf, Ordinal, Address);
// Recognizable value to crash on.
*Address = (PVOID) 'LDRZ';
+ // Search if the requested function has been already exported.
+ ENTRY e = { Name->buf, NULL }, *ep;
+ hsearch_r(e, FIND, &ep, &crtexports);
+
+ // If found, store the pointer and return.
+ if (ep != NULL) {
+ *Address = ep->data;
+ return 0;
+ }
+
if (strcmp(Name->buf, "EtwEventRegister") == 0) {
*Address = EtwRegister;
}
@@ -91,4 +111,5 @@ DECLARE_CRT_EXPORT("RtlAcquirePebLock", RtlAcquirePebLock);
DECLARE_CRT_EXPORT("RtlReleasePebLock", RtlReleasePebLock);
DECLARE_CRT_EXPORT("LdrGetDllHandle", LdrGetDllHandle);
DECLARE_CRT_EXPORT("LdrLoadDll", LdrLoadDll);
+DECLARE_CRT_EXPORT("LdrUnloadDll", LdrUnloadDll);
DECLARE_CRT_EXPORT("LdrGetProcedureAddress", LdrGetProcedureAddress);
diff --git a/peloader/winapi/LoadLibrary.c b/peloader/winapi/LoadLibrary.c
index ba796bd..cc95e05 100644
--- a/peloader/winapi/LoadLibrary.c
+++ b/peloader/winapi/LoadLibrary.c
@@ -77,7 +77,7 @@ static DWORD WINAPI GetModuleFileNameA(HANDLE hModule, PCHAR lpFilename, DWORD n
{
DebugLog("%p, %p, %u", hModule, lpFilename, nSize);
- strncpy(lpFilename, "fakename.exe", nSize);
+ strncpy(lpFilename, "C:\\dummy\\fakename.exe", nSize);
return strlen(lpFilename);
}
@@ -86,11 +86,11 @@ static DWORD WINAPI GetModuleFileNameW(HANDLE hModule, PWCHAR lpFilename, DWORD
{
DebugLog("%p, %p, %u", hModule, lpFilename, nSize);
- if (nSize > strlen("fakename.exe")) {
- memcpy(lpFilename, L"fakename.exe", sizeof(L"fakename.exe"));
+ if (nSize > strlen("C:\\dummy\\fakename.exe")) {
+ memcpy(lpFilename, L"C:\\dummy\\fakename.exe", sizeof(L"C:\\dummy\\fakename.exe"));
}
- return strlen("fakename.exe");
+ return strlen("C:\\dummy\\fakename.exe");
}
static HANDLE WINAPI GetModuleHandleA(PCHAR lpModuleName)
diff --git a/peloader/winapi/Paths.c b/peloader/winapi/Paths.c
index bab53d0..6cb00ea 100644
--- a/peloader/winapi/Paths.c
+++ b/peloader/winapi/Paths.c
@@ -42,6 +42,32 @@ UINT WINAPI GetDriveTypeW(PWCHAR lpRootPathName)
return DRIVE_FIXED;
}
+DWORD WINAPI GetLongPathNameA(LPCSTR lpszShortPath,
+ LPSTR lpszLongPath,
+ DWORD cchBuffer)
+{
+ // For now we just return the 8.3 format path as the long path
+ if (cchBuffer > strlen(lpszShortPath)) {
+ memcpy(lpszLongPath, lpszShortPath, sizeof(lpszShortPath));
+ }
+
+ return strlen(lpszShortPath);
+}
+
+DWORD WINAPI GetLongPathNameW(LPCWSTR lpszShortPath,
+ LPWSTR lpszLongPath,
+ DWORD cchBuffer)
+{
+ // For now we just return the 8.3 format path as the long path
+ if (cchBuffer > CountWideChars(lpszShortPath)) {
+ memcpy(lpszLongPath, lpszShortPath, CountWideChars(lpszShortPath) * sizeof(WCHAR));
+ }
+
+ return CountWideChars(lpszShortPath);
+}
+
DECLARE_CRT_EXPORT("GetTempPathW", GetTempPathW);
DECLARE_CRT_EXPORT("GetLogicalDrives", GetLogicalDrives);
DECLARE_CRT_EXPORT("GetDriveTypeW", GetDriveTypeW);
+DECLARE_CRT_EXPORT("GetLongPathNameA", GetLongPathNameA);
+DECLARE_CRT_EXPORT("GetLongPathNameW", GetLongPathNameW);
diff --git a/peloader/winapi/Process.c b/peloader/winapi/Process.c
new file mode 100644
index 0000000..6f9b2f4
--- /dev/null
+++ b/peloader/winapi/Process.c
@@ -0,0 +1,23 @@
+#include <stdint.h>
+#include <stddef.h>
+#include <stdlib.h>
+#include <stdbool.h>
+#include <search.h>
+
+#include "winnt_types.h"
+#include "pe_linker.h"
+#include "ntoskernel.h"
+#include "log.h"
+#include "winexports.h"
+#include "util.h"
+
+STATIC NTSTATUS WINAPI NtSetInformationProcess(HANDLE ProcessHandle,
+ PROCESS_INFORMATION_CLASS ProcessInformationClass,
+ PVOID ProcessInformation,
+ ULONG ProcessInformationLength)
+{
+ DebugLog("%p", ProcessHandle);
+ return 0;
+}
+
+DECLARE_CRT_EXPORT("NtSetInformationProcess", NtSetInformationProcess);
diff --git a/peloader/winapi/Wer.c b/peloader/winapi/Wer.c
new file mode 100644
index 0000000..e4fb585
--- /dev/null
+++ b/peloader/winapi/Wer.c
@@ -0,0 +1,21 @@
+#include <stdint.h>
+#include <stddef.h>
+#include <stdbool.h>
+#include <search.h>
+#include <assert.h>
+
+#include "winnt_types.h"
+#include "pe_linker.h"
+#include "ntoskernel.h"
+#include "log.h"
+#include "winexports.h"
+#include "util.h"
+
+HRESULT WINAPI WerRegisterMemoryBlock(PVOID pvAddress,
+ DWORD dwSize)
+{
+ DebugLog("%p, %d", pvAddress, dwSize);
+ return 0;
+}
+
+DECLARE_CRT_EXPORT("WerRegisterMemoryBlock", WerRegisterMemoryBlock);
diff --git a/peloader/winnt_types.h b/peloader/winnt_types.h
index bf197fd..9ae9544 100644
--- a/peloader/winnt_types.h
+++ b/peloader/winnt_types.h
@@ -137,32 +137,39 @@
#define KI_USER_SHARED_DATA 0xffdf0000
#define MM_SHARED_USER_DATA_VA 0x7ffe0000
-typedef uint8_t BOOLEAN, BOOL;
-typedef void *PVOID;
-typedef uint8_t BYTE;
-typedef uint8_t *PBYTE;
-typedef uint8_t *LPBYTE;
-typedef int8_t CHAR;
-typedef char *PCHAR;
-typedef uint8_t UCHAR;
-typedef uint8_t *PUCHAR;
-typedef uint16_t SHORT;
-typedef uint16_t USHORT;
-typedef uint16_t *PUSHORT;
-typedef uint16_t WORD;
-typedef int32_t INT;
-typedef uint32_t UINT;
-typedef uint32_t DWORD, *PDWORD;
-typedef int32_t LONG;
-typedef uint32_t ULONG;
-typedef uint32_t *PULONG;
-typedef int64_t LONGLONG;
-typedef uint64_t ULONGLONG, *PULONGLONG;
-typedef uint64_t ULONGULONG;
-typedef uint64_t ULONG64;
-typedef uint64_t QWORD, *PQWORD;
-typedef uint16_t WCHAR, *PWCHAR;
-typedef HANDLE *PHANDLE;
+typedef uint8_t BOOLEAN, BOOL;
+typedef void *PVOID;
+typedef uint8_t BYTE;
+typedef uint8_t *PBYTE;
+typedef uint8_t *LPBYTE;
+typedef int8_t CHAR;
+typedef char *PCHAR;
+typedef wchar_t WCHAR;
+typedef CHAR *LPSTR;
+typedef const char *LPCSTR;
+typedef WCHAR *LPWSTR;
+typedef const WCHAR *LPCWSTR;
+typedef WCHAR *PWSTR;
+typedef uint8_t UCHAR;
+typedef uint8_t *PUCHAR;
+typedef uint16_t SHORT;
+typedef uint16_t USHORT;
+typedef uint16_t *PUSHORT;
+typedef uint16_t WORD;
+typedef int32_t INT;
+typedef uint32_t UINT;
+typedef uint32_t DWORD, *PDWORD;
+typedef int32_t LONG;
+typedef uint32_t ULONG;
+typedef uint32_t *PULONG;
+typedef int64_t LONGLONG;
+typedef uint64_t ULONGLONG, *PULONGLONG;
+typedef uint64_t ULONGULONG;
+typedef uint64_t ULONG64;
+typedef uint64_t QWORD, *PQWORD;
+typedef uint16_t WCHAR, *PWCHAR;
+typedef HANDLE *PHANDLE;
+typedef LONG HRESULT;
typedef CHAR CCHAR;
typedef SHORT CSHORT;
@@ -1764,4 +1771,63 @@ static inline struct nt_list *InsertTailList(struct nt_list *head,
#define FILE_EXISTS 0x00000004
#define FILE_DOES_NOT_EXIST 0x00000005
+typedef enum _PROCESSINFOCLASS {
+ ProcessBasicInformation = 0,
+ ProcessQuotaLimits = 1,
+ ProcessIoCounters = 2,
+ ProcessVmCounters = 3,
+ ProcessTimes = 4,
+ ProcessBasePriority = 5,
+ ProcessRaisePriority = 6,
+ ProcessDebugPort = 7,
+ ProcessExceptionPort = 8,
+ ProcessAccessToken = 9,
+ ProcessLdtInformation = 10,
+ ProcessLdtSize = 11,
+ ProcessDefaultHardErrorMode = 12,
+ ProcessIoPortHandlers = 13,
+ ProcessPooledUsageAndLimits = 14,
+ ProcessWorkingSetWatch = 15,
+ ProcessUserModeIOPL = 16,
+ ProcessEnableAlignmentFaultFixup = 17,
+ ProcessPriorityClass = 18,
+ ProcessWx86Information = 19,
+ ProcessHandleCount = 20,
+ ProcessAffinityMask = 21,
+ ProcessPriorityBoost = 22,
+ ProcessDeviceMap = 23,
+ ProcessSessionInformation = 24,
+ ProcessForegroundInformation = 25,
+ ProcessWow64Information = 26,
+ ProcessImageFileName = 27,
+ ProcessLUIDDeviceMapsEnabled = 28,
+ ProcessBreakOnTermination = 29,
+ ProcessDebugObjectHandle = 30,
+ ProcessDebugFlags = 31,
+ ProcessHandleTracing = 32,
+ ProcessExecuteFlags = 34,
+ ProcessTlsInformation = 35,
+ ProcessCookie = 36,
+ ProcessImageInformation = 37,
+ ProcessCycleTime = 38,
+ ProcessPagePriority = 39,
+ ProcessInstrumentationCallback = 40,
+ ProcessThreadStackAllocation = 41,
+ ProcessWorkingSetWatchEx = 42,
+ ProcessImageFileNameWin32 = 43,
+ ProcessImageFileMapping = 44,
+ ProcessAffinityUpdateMode = 45,
+ ProcessMemoryAllocationMode = 46,
+ ProcessGroupInformation = 47,
+ ProcessTokenVirtualizationEnabled = 48,
+ ProcessConsoleHostProcess = 49,
+ ProcessWindowInformation = 50,
+ MaxProcessInfoClass
+} PROCESSINFOCLASS, PROCESS_INFORMATION_CLASS;
+
+typedef enum _HEAP_INFORMATION_CLASS {
+ HeapCompatibilityInformation,
+ HeapEnableTerminationOnCorruption
+} HEAP_INFORMATION_CLASS;
+
#endif /* WINNT_TYPES_H */
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-17 15:23:35 +0300