217 lines
6.1 KiB
C
217 lines
6.1 KiB
C
#include <stdlib.h>
|
|
#include "peb.h"
|
|
#include "export.h"
|
|
#include <stdio.h>
|
|
#include "winfuncs.h"
|
|
#ifndef STDFUNCS
|
|
#define STDFUNCS 1
|
|
|
|
#define MAX_PATH 260
|
|
|
|
typedef struct _FILETIME {
|
|
uint32_t dwLowDateTime;
|
|
uint32_t dwHighDateTime;
|
|
} FILETIME, *PFILETIME;
|
|
|
|
typedef struct _WIN32_FIND_DATAA {
|
|
uint32_t dwFileAttributes;
|
|
FILETIME ftCreationTime;
|
|
FILETIME ftLastAccessTime;
|
|
FILETIME ftLastWriteTime;
|
|
uint32_t nFileSizeHigh;
|
|
uint32_t nFileSizeLow;
|
|
uint32_t dwReserved0;
|
|
uint32_t dwReserved1;
|
|
char cFileName[MAX_PATH];
|
|
char cAlternateFileName[14];
|
|
uint32_t dwFileType;
|
|
uint32_t dwCreatorType;
|
|
uint16_t wFinderFlags;
|
|
} WIN32_FIND_DATAA, *PWIN32_FIND_DATAA, *LPWIN32_FIND_DATAA;
|
|
|
|
typedef struct __FILE_DATA {
|
|
char *data;
|
|
uint32_t fileSz;
|
|
} file_data;
|
|
|
|
//ends with 0x00 struct
|
|
typedef struct __DIR_LIST {
|
|
char *fName;
|
|
int fNameLen;
|
|
FILETIME accessTime;
|
|
FILETIME writeTime;
|
|
char isDir; //either 1 == True or 0 == False;
|
|
struct __DIR_LIST *next;
|
|
} dir_list;
|
|
|
|
|
|
#define FILE_ATTRIBUTE_DIRECTORY 0x10
|
|
#define INVALID_HANDLE_VALUE -1
|
|
|
|
//process manipulation
|
|
//ends with 0x00 struct
|
|
typedef struct _PIDS {
|
|
uint32_t pid;
|
|
char *fName;
|
|
struct _PIDS *next;
|
|
} pids;
|
|
|
|
typedef struct _PROC_INJECTION {
|
|
void *mem;
|
|
size_t memSz;
|
|
void *proc;
|
|
} proc_injection;
|
|
|
|
typedef struct _STARTUPINFOA {
|
|
uint32_t cb;
|
|
char *reserved;
|
|
char *desktop;
|
|
char *title;
|
|
uint32_t dwX;
|
|
uint32_t dwY;
|
|
uint32_t dwXSize;
|
|
uint32_t dwYSize;
|
|
uint32_t dwXCountChars;
|
|
uint32_t dwYCountChars;
|
|
uint32_t dwFileAttribute;
|
|
uint32_t dwFlags;
|
|
uint16_t wShowWindow;
|
|
uint16_t cbReserved2;
|
|
char *lpReserved2;
|
|
void *hStdInput;
|
|
void *hStdOutput;
|
|
void *hStdError;
|
|
} STARTUPINFOA;
|
|
|
|
typedef struct _PROCESS_INFORMATION {
|
|
void *hProcess;
|
|
void *hThread;
|
|
uint32_t dwProcessId;
|
|
uint32_t dwThreadId;
|
|
} PROCESS_INFORMATION;
|
|
|
|
//the actual functions
|
|
|
|
|
|
int pic_gen_random(int max);
|
|
|
|
int pic_strlen(const char *str);
|
|
//the strcmp r either 1 (unequal) or 0 (equal)
|
|
int pic_strncmp(const char *str1, const char *str2, int len);
|
|
int pic_strcmp(const char *str1, const char *str2);
|
|
void *pic_memmem(const void *haystack, size_t haystackLen,
|
|
const void *needle, size_t needleLen);
|
|
void *pic_memcpy(void *dst, const void *src, size_t n);
|
|
void *pic_memset(void *dst, int c, size_t n);
|
|
//this strcat works different in the way that it returns a new string
|
|
//on allocated memory (allocated with pic_malloc())
|
|
char *pic_strcat(char *str1, const char *str2);
|
|
char *pic_strstr(char *haystack, char *needle);
|
|
int ascii_ucode_find(char *ascii, char *ucode, int len);
|
|
int message_box(char *text);
|
|
void *pic_malloc(size_t size);
|
|
void pic_free(void *mem);
|
|
|
|
void *pic_open_file(char *fname, unsigned int flags);
|
|
int pic_close_handle(void *handle);
|
|
char *pic_read_file_bin(char *fname, file_data *fileDat);
|
|
int pic_write_file_bin(char *fname, file_data *fileDat);
|
|
dir_list *list_windows_files(char *path);
|
|
dir_list *pic_get_devices();
|
|
void dir_list_append(dir_list *main, dir_list *toAppend);
|
|
//get_paths() returned list contains "." and "..". I was too lazy sry :S
|
|
dir_list *get_paths(char *root);
|
|
dir_list *get_exe_paths(char *root);
|
|
void pic_free_dir_list(dir_list *lst);
|
|
void *pic_create_thread(void *attr, size_t stackSz, void *startFunc,
|
|
void *param, uint32_t flags, uint32_t *id);
|
|
|
|
|
|
//process manipulation
|
|
int pic_create_proc(char *name);
|
|
void *pic_open_proc(uint32_t perms, int inherit, uint32_t pid);
|
|
pids *pic_enum_procs();
|
|
void pic_enum_procs_free(pids *p);
|
|
//the returned pointer needs to be freed
|
|
char *pic_get_proc_file_name(uint32_t pid);
|
|
void *pic_virtual_alloc_ex(void *proc, /*opt*/void *startAddr,
|
|
size_t sz, uint32_t allocType, uint32_t protect);
|
|
int pic_virtual_free_ex(void *proc, void *addr, size_t sz, uint32_t type);
|
|
int pic_write_proc_mem(void *proc, void *destAddr,
|
|
void *srcBuf, size_t sz, size_t *szWritten);
|
|
proc_injection *pic_inject_into_proc(void *proc, void *data,
|
|
size_t dataSz);
|
|
void pic_inject_into_proc_free(proc_injection *pi);
|
|
void *pic_create_remote_thread(void *proc, void *secAttrs,
|
|
size_t stackSz, void *entry,
|
|
void *param, uint32_t flags, uint32_t *tid);
|
|
|
|
|
|
//system information
|
|
|
|
//returns the windows directory in a string
|
|
//(you have to pic_free() it when you don't need it anymore)
|
|
char *pic_get_windows_directory();
|
|
|
|
|
|
//errors:
|
|
uint32_t pic_get_last_error();
|
|
|
|
|
|
|
|
//some flags we need they are usually defined somewhere in the windows
|
|
//headers but since we don't want to be depended on them we put
|
|
//the defines here:
|
|
|
|
//process access rights
|
|
#define PROCESS_CREATE_PROCESS 0x80
|
|
#define PROCESS_CREATE_THREAD 0x2
|
|
#define PROCESS_DUP_HANDLE 0x40
|
|
#define PROCESS_QUERY_INFORMATION 0x400
|
|
#define PROCESS_QUERY_LIMITED_INFORMATION 0x1000
|
|
#define PROCESS_SET_INFORMATION 0x200
|
|
#define PROCESS_SET_QUOTA 0x100
|
|
#define PROCESS_SUSPEND_RESUME 0x800
|
|
#define PROCESS_TERMINATE 0x1
|
|
#define PROCESS_VM_OPERATION 0x8
|
|
#define PROCESS_VM_READ 0x10
|
|
#define PROCESS_VM_WRITE 0x20
|
|
#define SYNCRONIZE 0x100000
|
|
|
|
//memory access rights
|
|
#define PAGE_NOACCESS 0x01
|
|
#define PAGE_READONLY 0x02
|
|
#define PAGE_READWRITE 0x04
|
|
#define PAGE_WRITECOPY 0x08
|
|
#define PAGE_EXECUTE 0x10
|
|
#define PAGE_EXECUTE_READ 0x20
|
|
#define PAGE_EXECUTE_READWRITE 0x40
|
|
#define PAGE_EXECUTE_WRITECOPY 0x80
|
|
#define PAGE_GUARD 0x100
|
|
#define PAGE_NOCACHE 0x200
|
|
#define PAGE_WRITECOMBINE 0x400
|
|
#define MEM_COMMIT 0x1000
|
|
#define MEM_RESERVE 0x2000
|
|
#define MEM_DECOMMIT 0x4000
|
|
#define MEM_RELEASE 0x8000
|
|
#define MEM_FREE 0x10000
|
|
#define MEM_PRIVATE 0x20000
|
|
#define MEM_MAPPED 0x40000
|
|
#define MEM_RESET 0x80000
|
|
#define MEM_TOP_DOWN 0x100000
|
|
#define MEM_WRITE_WATCH 0x200000
|
|
#define MEM_PHYSICAL 0x400000
|
|
#define MEM_ROTATE 0x800000
|
|
#define MEM_LARGE_PAGES 0x20000000
|
|
#define MEM_4MB_PAGES 0x80000000
|
|
#define SEC_FILE 0x800000
|
|
#define SEC_IMAGE 0x1000000
|
|
#define SEC_PROTECTED_IMAGE 0x2000000
|
|
#define SEC_RESERVE 0x4000000
|
|
#define SEC_COMMIT 0x8000000
|
|
#define SEC_NOCACHE 0x10000000
|
|
#define SEC_WRITECOMBINE 0x40000000
|
|
#define SEC_LARGE_PAGES 0x80000000
|
|
|
|
#endif
|