From 5e230e1e0221f50b9268697e5ad2d6e33f143d6a Mon Sep 17 00:00:00 2001 From: ALittlePatate Date: Sat, 24 Aug 2024 19:32:57 +0200 Subject: [PATCH] add: elements of strings are now 1 byte, string encryption for Windows APIs, fix: nullptr --- src/api.c | 24 +++++++++++++++++++++--- src/libc.c | 52 ++++++++++++++++++++++++++++++++++------------------ src/libc.h | 3 +++ src/pasm.c | 18 ++++++++++++------ 4 files changed, 70 insertions(+), 27 deletions(-) diff --git a/src/api.c b/src/api.c index 58f6eb5..d239e86 100644 --- a/src/api.c +++ b/src/api.c @@ -53,7 +53,13 @@ void api_callrawaddr() { #endif void api_VirtualAlloc(void) { #ifdef _WIN32 - fVirtualAlloc pVirtualAlloc = GetApi(L"kernel32.dll", "VirtualAlloc"); + char api[] = "[nwyzfqFqqth"; + fVirtualAlloc pVirtualAlloc = GetApi(L"kernel32.dll", PCAESAR_DECRYPT(api)); + if (pVirtualAlloc == NULL) { + state->STACK_IDX -= 4; + state->registers->eax = 1; + return; + } long long arg0 = state->STACK[state->STACK_IDX--]; long long arg1 = state->STACK[state->STACK_IDX--]; long long arg2 = state->STACK[state->STACK_IDX--]; @@ -71,7 +77,13 @@ void api_VirtualAlloc(void) { #endif void api_VirtualFree(void) { #ifdef _WIN32 - fVirtualFree pVirtualFree = GetApi(L"kernel32.dll", "VirtualFree"); + char api[] = "[nwyzfqKwjj"; + fVirtualFree pVirtualFree = GetApi(L"kernel32.dll", PCAESAR_DECRYPT(api)); + if (pVirtualFree == NULL) { + state->STACK_IDX -= 3; + state->registers->eax = 1; + return; + } long long arg0 = state->STACK[state->STACK_IDX--]; long long arg1 = state->STACK[state->STACK_IDX--]; long long arg2 = state->STACK[state->STACK_IDX--]; @@ -88,7 +100,13 @@ void api_VirtualFree(void) { #endif void api_GetAsyncKeyState(void) { #ifdef _WIN32 - fGetAsyncKeyState pGetAsyncKeyState = GetApi(L"user32.dll", "GetAsyncKeyState"); + char api[] = "LjyFx~shPj~Xyfyj"; + fGetAsyncKeyState pGetAsyncKeyState = GetApi(L"user32.dll", PCAESAR_DECRYPT(api)); + if (pGetAsyncKeyState == NULL) { + state->STACK_IDX -= 1; + state->registers->eax = 1; + return; + } long long arg0 = state->STACK[state->STACK_IDX--]; state->registers->eax = (long long)pGetAsyncKeyState((int)arg0); #else diff --git a/src/libc.c b/src/libc.c index ae1e8ac..fb80d45 100644 --- a/src/libc.c +++ b/src/libc.c @@ -39,19 +39,43 @@ fHeapReAlloc pHeapReAlloc = NULL; #define IS_NUM(c) ((c >= '0' && c <= '9') ? (1) : (0)) #define IS_SPACE(c) (c == ' ') +int strlen__(char const* str) +{ + int len = 0; + + if (!str) + return 1; + for (int i = 0; str[i] != '\0'; i += 1) { + len += 1; + } + return (len); +} + +#ifdef _WIN32 +char* PCAESAR_DECRYPT(char* in) { + for (int i = 0; i < strlen__(in); i++) { + in[i] -= KEY; + } + + return in; +} +#endif + void* malloc_(size_t _Size) { #ifndef _WIN32 return malloc(_Size); #else if (_crt_heap_ == 0) { if (pHeapCreate == NULL) { - pHeapCreate = GetApi(L"KERNEL32.DLL", "HeapCreate"); + char api[] = "MjfuHwjfyj"; + pHeapCreate = GetApi(L"KERNEL32.DLL", PCAESAR_DECRYPT(api)); } _crt_heap_ = pHeapCreate(0, 0, 0); } if (pHeapAlloc == NULL) { - pHeapAlloc = GetApi(L"KERNEL32.DLL", "HeapAlloc"); + char api[] = "MjfuFqqth"; + pHeapAlloc = GetApi(L"KERNEL32.DLL", PCAESAR_DECRYPT(api)); } return pHeapAlloc(_crt_heap_, HEAP_ZERO_MEMORY, _Size); #endif @@ -63,7 +87,8 @@ void free_(void* _Block) { return; #else if (pHeapFree == NULL) { - pHeapFree = GetApi(L"KERNEL32.DLL", "HeapFree"); + char api[] = "MjfuKwjj"; + pHeapFree = GetApi(L"KERNEL32.DLL", PCAESAR_DECRYPT(api)); } pHeapFree(_crt_heap_, 0, _Block); return; @@ -76,35 +101,26 @@ void* realloc_(void* _Block, size_t _Size) { #else if (_crt_heap_ == 0) { if (pHeapCreate == NULL) { - pHeapCreate = GetApi(L"KERNEL32.DLL", "HeapCreate"); + char api[] = "MjfuHwjfyj"; + pHeapCreate = GetApi(L"KERNEL32.DLL", PCAESAR_DECRYPT(api)); } _crt_heap_ = pHeapCreate(0, 0, 0); } if (_Block == NULL) { if (pHeapAlloc == NULL) { - pHeapAlloc = GetApi(L"KERNEL32.DLL", "HeapAlloc"); + char api[] = "MjfuFqqth"; + pHeapAlloc = GetApi(L"KERNEL32.DLL", PCAESAR_DECRYPT(api)); } return pHeapAlloc(_crt_heap_, HEAP_ZERO_MEMORY, _Size); } if (pHeapReAlloc == NULL) { - pHeapReAlloc = GetApi(L"KERNEL32.DLL", "HeapReAlloc"); + char api[] = "MjfuWjFqqth"; + pHeapReAlloc = GetApi(L"KERNEL32.DLL", PCAESAR_DECRYPT(api)); } return pHeapReAlloc(_crt_heap_, HEAP_ZERO_MEMORY, _Block, _Size); #endif } -int strlen__(char const* str) -{ - int len = 0; - - if (!str) - return 1; - for (int i = 0; str[i] != '\0'; i += 1) { - len += 1; - } - return (len); -} - char* strcpy__(char* dest, char const* src) { int len = strlen__(src); diff --git a/src/libc.h b/src/libc.h index 5bfd90b..215a3a3 100644 --- a/src/libc.h +++ b/src/libc.h @@ -5,6 +5,9 @@ #include extern HANDLE _crt_heap_; +#define KEY 5 + +char* PCAESAR_DECRYPT(char* in); #endif void* malloc_(size_t _Size); diff --git a/src/pasm.c b/src/pasm.c index abf8010..6e7829d 100644 --- a/src/pasm.c +++ b/src/pasm.c @@ -30,12 +30,18 @@ int dprintf(int stream, const char * format, ...) { va_start(args, format); HANDLE h; - if (pGetStdHandle == NULL) - pGetStdHandle = (fGetStdHandle)GetApi(L"KERNEL32.DLL", "GetStdHandle"); - if (pwvsprintfA == NULL) - pwvsprintfA = (fwvsprintfA)GetApi(L"USER32.dll", "wvsprintfA"); - if (pWriteFile == NULL) - pWriteFile = (fWriteFile)GetApi(L"KERNEL32.DLL", "WriteFile"); + if (pGetStdHandle == NULL) { + char api[] = "LjyXyiMfsiqj"; + pGetStdHandle = (fGetStdHandle)GetApi(L"KERNEL32.DLL", PCAESAR_DECRYPT(api)); + } + if (pwvsprintfA == NULL) { + char api[] = "|{xuwnsykF"; + pwvsprintfA = (fwvsprintfA)GetApi(L"USER32.dll", PCAESAR_DECRYPT(api)); + } + if (pWriteFile == NULL) { + char api[] = "\\wnyjKnqj"; + pWriteFile = (fWriteFile)GetApi(L"KERNEL32.DLL", PCAESAR_DECRYPT(api)); + } switch (stream) { case 1: // stdout