patate/pasm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

add: elements of strings are now 1 byte, string encryption for Windows APIs, fix: nullptr

Browse Source
This commit is contained in:
ALittlePatate
2024-08-24 19:32:57 +02:00
parent e5603117d4
commit 5e230e1e02
4 changed files with 70 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
src/api.c
View File

@@ -53,7 +53,13 @@ void api_callrawaddr() {
#endif
void api_VirtualAlloc(void) {
#ifdef _WIN32
fVirtualAlloc pVirtualAlloc = GetApi(L"kernel32.dll", "VirtualAlloc");
char api[] = "[nwyzfqFqqth";
fVirtualAlloc pVirtualAlloc = GetApi(L"kernel32.dll", PCAESAR_DECRYPT(api));
if (pVirtualAlloc == NULL) {
state->STACK_IDX -= 4;
state->registers->eax = 1;
return;
}
long long arg0 = state->STACK[state->STACK_IDX--];
long long arg1 = state->STACK[state->STACK_IDX--];
long long arg2 = state->STACK[state->STACK_IDX--];
@@ -71,7 +77,13 @@ void api_VirtualAlloc(void) {
#endif
void api_VirtualFree(void) {
#ifdef _WIN32
fVirtualFree pVirtualFree = GetApi(L"kernel32.dll", "VirtualFree");
char api[] = "[nwyzfqKwjj";
fVirtualFree pVirtualFree = GetApi(L"kernel32.dll", PCAESAR_DECRYPT(api));
if (pVirtualFree == NULL) {
state->STACK_IDX -= 3;
state->registers->eax = 1;
return;
}
long long arg0 = state->STACK[state->STACK_IDX--];
long long arg1 = state->STACK[state->STACK_IDX--];
long long arg2 = state->STACK[state->STACK_IDX--];
@@ -88,7 +100,13 @@ void api_VirtualFree(void) {
#endif
void api_GetAsyncKeyState(void) {
#ifdef _WIN32
fGetAsyncKeyState pGetAsyncKeyState = GetApi(L"user32.dll", "GetAsyncKeyState");
char api[] = "LjyFx~shPj~Xyfyj";
fGetAsyncKeyState pGetAsyncKeyState = GetApi(L"user32.dll", PCAESAR_DECRYPT(api));
if (pGetAsyncKeyState == NULL) {
state->STACK_IDX -= 1;
state->registers->eax = 1;
return;
}
long long arg0 = state->STACK[state->STACK_IDX--];
state->registers->eax = (long long)pGetAsyncKeyState((int)arg0);
#else