mirror of https://github.com/pozm/gdke.git
lib works, now for frontend
This commit is contained in:
parent
aaf92cd109
commit
a4f3a7abd7
|
@ -9,9 +9,9 @@ use poggers::{
|
|||
use retour::static_detour;
|
||||
|
||||
// *const i32, *const i32, *const i32, bool
|
||||
type open_and_parse_t = unsafe extern "fastcall" fn(*const i32, *const i32, *const i32, bool) -> ();
|
||||
type open_and_parse_t = unsafe extern "fastcall" fn(*const i32, *const i32, *const u8, bool) -> ();
|
||||
static_detour! {
|
||||
pub static OpenAndParse: unsafe extern "fastcall" fn(*const i32, *const i32, *const i32, bool) -> ();
|
||||
pub static OpenAndParse: unsafe extern "fastcall" fn(*const i32, *const i32, *const u8, bool) -> ();
|
||||
}
|
||||
|
||||
#[poggers_derive::create_entry(no_free)]
|
||||
|
@ -29,7 +29,6 @@ pub fn main() {
|
|||
let modd = proc.get_base_module().unwrap();
|
||||
|
||||
println!("sending data, waiting for sig ver");
|
||||
std::thread::sleep(Duration::from_secs(2));
|
||||
sock.send(&buf);
|
||||
|
||||
let mut sig_type = [0; 4];
|
||||
|
@ -42,20 +41,19 @@ pub fn main() {
|
|||
let mut addr_offset = [0; 4];
|
||||
unsafe { std::ptr::copy(ptr_to_fn, addr_offset.as_mut_ptr(), 4) };
|
||||
let by = i32::from_ne_bytes(addr_offset);
|
||||
println!("addr offset = {:x?}", addr_offset);
|
||||
let fn_ptr = (addr + by as isize + 5) as *const c_void;
|
||||
println!("fnptr = {:x?}", fn_ptr);
|
||||
|
||||
println!("sig found: {:x} {:p}", addr, ptr_to_fn);
|
||||
println!("sig found: {:x} ", addr);
|
||||
let sock2 = sock.try_clone().unwrap();
|
||||
unsafe {
|
||||
let open_and_parse = std::mem::transmute::<isize, open_and_parse_t>(fn_ptr as isize);
|
||||
let opp = OpenAndParse
|
||||
.initialize(open_and_parse, move |this, base, key, mode| {
|
||||
println!("open and parse called {key:?}");
|
||||
let mut key: *const u8 = std::ptr::null();
|
||||
// std::arch::asm!("mov {}, r8", out(reg) key);
|
||||
// println!("key = {:?}", key);
|
||||
let mut read_key = [0u8; 32];
|
||||
let ptr_to_key = (key as usize + 8) as *const *const u8;
|
||||
std::ptr::copy(*ptr_to_key, read_key.as_mut_ptr(), 32);
|
||||
sock2.send(read_key.as_slice());
|
||||
})
|
||||
.unwrap();
|
||||
opp.enable();
|
||||
|
|
26
src/lib.rs
26
src/lib.rs
|
@ -6,6 +6,7 @@ use std::{
|
|||
io::Read,
|
||||
mem::{size_of, transmute},
|
||||
net::UdpSocket,
|
||||
path::Path,
|
||||
ptr::{addr_of, null, null_mut},
|
||||
time::Duration,
|
||||
};
|
||||
|
@ -39,6 +40,10 @@ fn create_pstr(c_str: &CStr) -> PSTR {
|
|||
}
|
||||
|
||||
pub unsafe fn spawn_and_inject(proc: &str) {
|
||||
let pth = Path::new(proc);
|
||||
if !pth.is_file() {
|
||||
panic!("file does not exist");
|
||||
}
|
||||
let cmd_line_c = CString::new(proc).expect("invalid cstr");
|
||||
let start_up_info = STARTUPINFOA {
|
||||
..Default::default()
|
||||
|
@ -83,12 +88,7 @@ pub unsafe fn spawn_and_inject(proc: &str) {
|
|||
);
|
||||
let code_entry =
|
||||
image_base_addr.wrapping_add((*nt_hdrs).OptionalHeader.AddressOfEntryPoint as usize);
|
||||
println!(
|
||||
"entry = {:p} B = {:X} C = {:p}",
|
||||
code_entry,
|
||||
(*nt_hdrs).OptionalHeader.AddressOfEntryPoint,
|
||||
image_base_addr
|
||||
);
|
||||
println!("entry = {:p}", code_entry,);
|
||||
let entry_insts: [u8; 2] = proc
|
||||
.read(code_entry as usize)
|
||||
.expect("failed to read entry");
|
||||
|
@ -97,7 +97,6 @@ pub unsafe fn spawn_and_inject(proc: &str) {
|
|||
//
|
||||
// resume the thread
|
||||
ResumeThread(proc_info.hThread);
|
||||
// ResumeThread(proc_info.hThread);
|
||||
// wait until trapped... and inject
|
||||
let sock = UdpSocket::bind("127.0.0.1:28713").expect("failed to bind socket");
|
||||
{
|
||||
|
@ -112,12 +111,15 @@ pub unsafe fn spawn_and_inject(proc: &str) {
|
|||
let _ = sock.recv(&mut []);
|
||||
}
|
||||
// we're done. let's kill the process.
|
||||
println!("done, running code after enter..",);
|
||||
let mut inp = String::new();
|
||||
std::io::stdin().read_line(&mut inp);
|
||||
println!("done, running code",);
|
||||
proc.write(code_entry as usize, &entry_insts);
|
||||
println!("waiting for call.");
|
||||
let _ = sock.recv(&mut []);
|
||||
println!("complete.");
|
||||
let mut key = [0; 32];
|
||||
let _ = sock.recv(&mut key);
|
||||
println!("recieved key: ");
|
||||
for val in key {
|
||||
print!("{:x}", val);
|
||||
}
|
||||
println!("\ncomplete.");
|
||||
TerminateProcess(proc_info.hProcess, 1);
|
||||
}
|
||||
|
|
|
@ -2,6 +2,6 @@ use gdke::spawn_and_inject;
|
|||
|
||||
fn main() {
|
||||
unsafe {
|
||||
spawn_and_inject("./z421.exe");
|
||||
spawn_and_inject(&std::env::args().nth(1).unwrap());
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue